Report - exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm

Report Overview

Submitted URL
exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
172.67.155.44
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-07 07:50:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
exceptionalphonesecurity.xyz	364991	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.5 kB	104.21.6.184
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.3 kB	93.184.220.29
analytics.tiktok.com	1182	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	102 kB	95.101.10.113
overalltrack.com	112756	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.2 kB	167.99.158.7
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	216.58.211.3
ouhastay.net	117137	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	14 kB	139.45.197.239
revpu.sh	711295	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	853 B	2.1 kB	139.162.186.41
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	16 kB	23.33.119.27
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.38.146.2
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	54.230.245.110
www.helpwire.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	21 kB	211 kB	54.230.111.44
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	28 kB	31.13.72.12
www.googletagservices.com	169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	28 kB	142.250.74.162
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	50 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	28 kB	104.17.25.14
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
track.profitableredirect.com	124496	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.8 kB	18.192.108.151
cdn.cookielaw.org	502	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	40 kB	104.16.149.64
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	680 B	1.9 kB	172.64.155.188
cdn.galattic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	741 B	6.5 kB	95.110.203.212
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	66 kB	216.58.207.228
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	349 B	31.13.72.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	2.6 kB	139.45.195.8
primaveratrack.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	327 B	167.114.103.223
redrotou.net	145989	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	433 B	21 kB	139.45.197.251
geolocation.onetrust.com	802	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	436 B	82 kB	104.18.27.85
app1-smartsecurity-etl.herokuapp.com	115431	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.7 kB	54.208.186.182
production-cmp.isgprivacy.cbsi.com	11058	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	799 B	14 kB	151.101.85.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-07	medium	ouhastay.net	Sinkholed
2022-12-07	medium	ouhastay.net	Sinkholed

JavaScript (93)

	URL	Size	First Seen	Last Seen
	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	978 B	2023-03-07	2023-03-17
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:09 Last Seen2023-03-17 11:31:06 Times Seen1 Hash d5b9e767b38c694a03107b080a4c2a91 8cf9f68583fb9c3ac538ae9604478231d68bbfc6 e3e59de19595dfa8445aa153561a3e2d1760120caf8088b78fe992dcc7df44ae Loading...

	analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq	3.2 kB	2023-03-08	2023-03-08
Pretty URL analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq IP 95.101.10.113 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:02 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 5622a1c4aef680e7068d651b13bbd970 a2850e6499c1c7ef6396df9859f7a6540073b5ce aabf87f482926fa802bdfdf98ecbfbe182fadcda80127f8740c47e945c57dcd3 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	107 B	2023-03-07	2023-04-30
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-04-30 23:50:26 Times Seen30 Hash a8d42497413ac0e7391841ed4ed85d16 b5e473313f5db6326a8a8123b984d046f0156e51 cf5b86c726da85b40846b39d52f823e3da57c5b9441090550e4727dbceb6d993 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/onbtnclick.js	205 B	2023-03-07	2023-09-19
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/onbtnclick.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-19 09:11:01 Times Seen62 Hash e70d95c8226f3077f94ce540855d9a75 b526dde33c5836fec084dbe83eeccd2a7d6b1c6c d81300ad4a2a34a0e3f3c06b2a0e8a45b4615725e2278b91bb53854dfe7d61dc Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery.iframetracker/1.1.0/jquery.iframetracker.min.js	2.8 kB	2023-03-07	2024-02-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.iframetracker/1.1.0/jquery.iframetracker.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:07:04 Last Seen2024-02-16 06:48:49 Times Seen35 Hash c1262abf48ee29d59e4500e67ec0fc5c 563a08e27b03091bff2d2e5a0a42ed9cdcb9f1f0 428b948dd972b7591b2102877052d2a481e61a551a18566ced653d19f00d788e Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:04:29 Times Seen36968883 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js	130 kB	2023-03-08	2024-01-30
Pretty URL www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2024-01-30 02:56:10 Times Seen14 Hash 42969190930a47add78d0553ad3decd6 6e2019ae774a8e8dcab0829e4d8af7829ff9359c b195366efe4c5f9c4c23d6c643a4bdeeb03febb5894a43aa49d3c2dd969da48b Loading...

	cdn.galattic.com/bidder/cbs/filter.js	702 B	2023-03-08	2023-03-08
Pretty URL cdn.galattic.com/bidder/cbs/filter.js IP 95.110.203.212 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 4f365869800b5f3f74bdffa7282ae328 fc92e2ff298add45ce305cb5bed38a1dc9ecc206 ddf562167e791b7ba0adc9d8965651e385f8d3cde57697651fbb12f0a712cea3 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 00:05:10 Times Seen61201 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	86 B	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-03-29 22:28:59 Times Seen9 Hash 5c8c3d42d0a85711f3d5ab47c38d7714 0c9c8c0f023f7212703ed12f2b35bd3a615e0b0a 349352e714cfce33a99c129417925cc084431b3f8bc0a3a7ddb652e7a4023372 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8	697 B	2023-03-07	2023-09-09
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:24 Times Seen37 Hash 7e1da03b7d5254f7b1d93874c8f85ce4 c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7 ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4 Loading...

	www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js	21 kB	2023-03-08	2024-01-30
Pretty URL www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2024-01-30 02:56:10 Times Seen14 Hash 3b84c3631391d301a78a469413875f14 a79a5dafa6463f90296c418bbe9e6708f018b92e bbe33de04f4075a65c3296583de5924d6fc4c35bbd0f94b77a255222523e3f95 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/lang.js	2.7 kB	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/lang.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:09 Last Seen2023-03-29 22:28:59 Times Seen9 Hash 8270afe386677e166c6c8e2149920d53 b3b57c001d70630541d551dab2ccbdabc5068081 6a16920bc4437013ae51e54ea82ebfa731febc2f0e1588b1a849bf545cd2719a Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	39 B	2023-03-07	2023-10-20
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-10-20 11:21:42 Times Seen72 Hash 1d6fb7ab07560cf853166648e8a11727 1f2053cf1c9cb756d70a670e3b3efd1782e0cab4 b397195aab56dd122ad93f9342aa05b842ad961311156be5ea3cabba17381084 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	45 B	2023-03-07	2023-10-20
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-10-20 11:21:42 Times Seen71 Hash 04af469eb7b6c449e143390e74e0ed23 eef28c42989e865251577e09275109a2b39e4d73 af7217f196d03e1b56f992e4af26b5dad542e92b3583ea8a2235fab7c2bf56c9 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/sendClick.js	5.0 kB	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/sendClick.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-03-29 22:12:16 Times Seen2 Hash 1838415ae07f2a837ec69fdee03cfcfa 7651b8c968c86237a3641604ac42c7149ceac86d 088997463b4c301a83f807d255f0497c12de41fbeabded394f5ced10684324aa Loading...

	cdn.cookielaw.org/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cdn.cookielaw.org/scripttemplates/otSDKStub.js IP 104.16.149.64 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	partner.googleadservices.com/gampad/cookie.js?domain=www.helpwire.com&client=partner-helpwire-content-4&product=SAS&callback=__sasCookie	189 B	2023-03-08	2023-03-08
Pretty URL partner.googleadservices.com/gampad/cookie.js?domain=www.helpwire.com&client=partner-helpwire-content-4&product=SAS&callback=__sasCookie IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:02 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 83b1d34b2d17c073823286a26fec21c6 436ae70dd16f2ada94cc82342f6127c309ae426e 6a23a5f0594947c348daeee4a270adbb3496057e2cc811956d1d1eaf09e427b0 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	42 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen71 Hash 94e796d543964da2db160ee883ccf33e b238d6c281d4d15cefa9da551fe17c16356fc7c1 8f5e3efdbe9d31d27b95b55528e0067e2e382b417538f1514e3a20f235d42b49 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	49 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen54 Hash f38f041231fb8625d896a3d7f7ac95ca b520612f76a1b27e9cfd564c053e5ee33f1b34bc 3a25e623fd6398f7fc17c5c4e490465a3f42bdc7cedf51df204d6a504926da61 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	2.7 kB	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-03-29 23:15:31 Times Seen29 Hash d43d9a934dcd9edf6805f9a501c2962c c769007cd07ad7143a73887ba7ddebb7abf77812 93109528f6bcb9764fe8bba277741f586a5b1cfa1eead09cbc5887721051b733 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.helpwire.com/_next/static/chunks/c16184b3-278d9312fe59238e.js	5.8 kB	2023-03-08	2023-03-12
Pretty URL www.helpwire.com/_next/static/chunks/c16184b3-278d9312fe59238e.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-12 06:42:30 Times Seen1 Hash 11bc8ea090dda19d4435839a4b7ab376 85403ded6d07a531325fdf681be7de5ac55f8f10 fb69602bb670b0997f8ea8e235f8f568b7cdfdb1ae0d4e21688130bae5ac0aa7 Loading...

	www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js	11 kB	2023-03-08	2024-01-30
Pretty URL www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2024-01-30 02:56:11 Times Seen17 Hash e195706c78902e7db3c14efa1580fee1 288af2078661491bc2ac1ff0ae116bda9a4bac22 584b691284439b3b60e9ae0c702fd8092b6468cd0c252ab91c610e4e5a48e7ce Loading...

	www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js	8.3 kB	2023-03-08	2023-05-06
Pretty URL www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-05-06 08:57:23 Times Seen3 Hash 4e505b655b165ba96b14f7a6ad8d06f9 7c3cf8111cfa4ac321e5774cf3979c7159dd55d2 ecca681187731a9e4b5678cd68b8ce39a7a019ebb89b4c00c974f0d708814d84 Loading...

	www.helpwire.com/scripts/google_body.js	5.9 kB	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/scripts/google_body.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-11 22:14:16 Times Seen1 Hash bc241cfddb77e291a3781f1946b1796e eeaca73cb1ae4d485906f705107767ef031bd5c3 14980d5dfa5fba45420813da0771b479db9dc3a23baf2a3b8a2580eb3ab03278 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/timer.js	713 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/timer.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-09-09 10:48:23 Times Seen8 Hash 70104ccce81399f9a57783de1488c545 0bdcf18810def687d8f21296c454468c919ec296 7c4a553888b19ebf057788397dc294092eaa62862da90837e4a971724f1fd988 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	103 B	2023-03-07	2023-04-30
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-04-30 23:50:26 Times Seen30 Hash 2ad49cece1987bc4bc8d70d25aef6c2e 859017eda931a12e0a6f7e338ec7ac02aacb2f0e 07cb36d3dae5f48eb813c2843bc42a108f194e0f50ecff5576fa3c42da543637 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	46 B	2023-03-07	2023-10-20
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2023-10-20 11:21:42 Times Seen72 Hash efe5f261a897cf848dbb4b3f95eb0a45 c13364bf08eed31245c79313e4953b05a463fcdf 1a4c27ec01f235303cea505cd77cf95551d7b8cb0afcea14836449f9f48a5555 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/backblock.js	436 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/backblock.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-09-09 10:48:23 Times Seen7 Hash 83905ace45614593d12aa47274d3545b b5a6965e715e6dd712a09d10ccacf3027629f7d8 ebd57b13dd06c5af5971209d6cd74a7cff221245224b7adc8dae1aba2b5776d5 Loading...

	www.helpwire.com/scripts/fb.js?v=0	1.1 kB	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/scripts/fb.js?v=0 IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash e9075df74bdbf0956f03b84308a735d8 8701f88f323d02cc9c7660e481ea1fcc58c7ba33 43ae8416d35119176ce1d094ab9e7a886d86b11dc2aafcbe9cb1ca6f7ca9614a Loading...

	www.googletagservices.com/tag/js/gpt.js	82 kB	2023-03-08	2023-03-08
Pretty URL www.googletagservices.com/tag/js/gpt.js IP 142.250.74.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:19 Last Seen2023-03-08 20:44:13 Times Seen1 Hash 46cd3b550b96ebd0cd9c7e6e5c1859ad 417aa03b90bf53e267576961bc7321893d34542d 66ca93061f138be7313ad4ce4b840cd88f49e6a2d5d22f118ef5cd9bcd55b0fe Loading...

	securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js	394 kB	2023-03-08	2023-03-11
Pretty URL securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:50:57 Last Seen2023-03-11 23:43:43 Times Seen1 Hash af3daeb4f6707f6ab45d43169300fcf3 10bbf4731867b41d927227b0790272a2d6887222 c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c Loading...

	www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js	1.1 kB	2023-03-08	2024-01-30
Pretty URL www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2024-01-30 02:56:10 Times Seen10 Hash 63a86bcb0a35020870cc81256fbc1581 b01b99c9f086beb180b11c2c725b38ef9ca1cf8b d3f4253a2b92ea0f13ee33154a2ff8dd1090d3cfe607d20022edf8d929f02f64 Loading...

	www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js	77 B	2023-03-07	2024-04-19
Pretty URL www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-19 23:32:35 Times Seen85092 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	connect.facebook.net/signals/config/1741246512876651?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/1741246512876651?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash 916a8cab17b8f5cd57d7a03840d47499 0ad29b71c1352f744d23da17452827b978dc3e8f c9bfe516275575007e3e0a535fc011f0e37df565234eb515dffd5631dc5f6b1e Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	118 B	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-03-29 23:15:31 Times Seen29 Hash 406d554103315b4ba3583147e3e46643 5d20b8ee4d38bd9aaf0afba8d16270cf6ac68307 59d5ea1155ca1bebce27a26afb41f37efa7ce9236f71bc37bffecc37f27a0d0e Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	758 B	2023-03-07	2023-03-17
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:09 Last Seen2023-03-17 11:31:06 Times Seen1 Hash 07034a66647d161271198c60c3b80ea6 b07156f6977eacfd1ba184e80dd5c77079ce5a39 82a1d943f1ed0f4fe47f131b39e6ebb5adad9c4e6be4455b55ac47cc53b5cd67 Loading...

	track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ	106 B	2023-03-07	2023-03-17
Pretty URL track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ IP 18.192.108.151 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-03-17 10:36:52 Times Seen1 Hash f8c1845cbef8a95dd446200cc70c1726 ea6e7570d45a97f4f83b773bfdbbd3f9b18d1c4b 849d14e0bdbba5eb499da0687a1436acb293a1ef48e39481544f1e4ac35c1205 Loading...

	www.helpwire.com/scripts/google_head.js	123 B	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/scripts/google_head.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash f8c8167390a88fb75b4faac761c487e5 ab257ec7e73a989a17553450985fcfd660be8e7a 1278654f4fa2f333df55a3f0ef92282fdfb657dd40b952e17c84f2372ef76727 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	40 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen36 Hash 562449d62520309c26ae1dc685d8f9cc a3a688fa551ddf0599ecc84e178677b7a7645820 47f068f27b37629d1267481a85fa5ba9ca317fabcc441958c346dbefac83b230 Loading...

	www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js	4.7 kB	2023-03-08	2023-03-08
Pretty URL www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 6352db52f27a8ed05afa440d06cfbe9e b0d49fa9985ea7f83e64da0b7b96d489d2a26abf 8ab3e07d2772b827191249e35da8509a78f542a8a5a6d472cec313c7acc39c40 Loading...

	www.helpwire.com/scripts/google_rs_body.js	2.1 kB	2023-03-08	2023-03-08
Pretty URL www.helpwire.com/scripts/google_rs_body.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 8d537ab256654672dd15b33bb8ac6eac 2270286522d59e232172d6a7569813662bc56e37 41a814f7bb7f3364d28c4ab403ab2813f95fbe4994a2e570ad8f57f29464d9f7 Loading...

	www.google.com/afs/ads?psid=1151113086&channel=T0000012&client=helpwire-content-4&q=Veeam%20Ransomware%20Protection&r=m&hl=no&type=0&oe=UTF-8&ie=UTF-8&fexp=21404&format=p5%7Cn5&ad=n5p5&nocache=1211670399399251&num=0&output=uds_ads_only&v=3&preload=true&bsl=8&pac=0&u_his=16&u_tz=0&dt=1670399399253&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=424&frm=0&cl=491710121&uio=--&cont=afscontainer1%7Cafscontainer2&qup=1&jsid=csa&jsv=491710121&rurl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd	66 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/afs/ads?psid=1151113086&channel=T0000012&client=helpwire-content-4&q=Veeam%20Ransomware%20Protection&r=m&hl=no&type=0&oe=UTF-8&ie=UTF-8&fexp=21404&format=p5%7Cn5&ad=n5p5&nocache=1211670399399251&num=0&output=uds_ads_only&v=3&preload=true&bsl=8&pac=0&u_his=16&u_tz=0&dt=1670399399253&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=424&frm=0&cl=491710121&uio=--&cont=afscontainer1%7Cafscontainer2&qup=1&jsid=csa&jsv=491710121&rurl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:02 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 4fafe47a7f1561699572ea9b88dd8131 b9a7adbc1735cc119ec1f7219415224c268f656d 3eae48d6dbd399f4bb6a341e493b868fa3a9b64da8c1ae7cf951a39db620dd30 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/language-set.js	91 kB	2023-03-07	2023-03-13
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/language-set.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-03-13 04:37:20 Times Seen1 Hash ee3cd68ca12e7e96c30fedc23cc031c4 b4ef931a32b32fae0a5a2f964726d586c0d726ec e786f1c9e3245bd5bd8d2e716e7ea47f0b4ff9cb889070f94d4bf95797db1c9a Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/vibrate.js	247 B	2023-03-07	2023-09-19
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/vibrate.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-19 09:11:01 Times Seen61 Hash b4931f5082b667764b344af75748fc2b 46ab10357be7caadf2752418188dff37244082ff 6fb5525c46c8c3720e2a39bb88ed516ee739d80993c8805154e4e37d02e1df2d Loading...

	track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681	256 B	2023-03-08	2023-03-08
Pretty URL track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681 IP 18.192.108.151 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:02 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 75d599f44a5482fcfd43cfd394997a1f 7fe290eed5eccf4297cd764b322797ad52a0ae1a 4914c0aada61716b0b416a5f003ca2a76574aa94899e2b2c3a3cd59d8fec1172 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	42 B	2023-03-07	2024-02-20
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2024-02-20 04:00:17 Times Seen133 Hash 3e960301254c32367557d994450ff46d ee83b61ccb7e6d0686f0622a2a16c4c7ce2d588e 4617086527ce2ce319cfae562c47a325d66349a027363cc0420432c106e0515e Loading...

	production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js	4.3 kB	2023-03-07	2023-03-12
Pretty URL production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js IP 151.101.85.188 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:45:22 Last Seen2023-03-12 15:32:54 Times Seen1 Hash 3e0cf3a78511da0d4110ac814d88e0ec 1a18b5c024a19028a496ae7a4a58286010a9255b aac09c9727b7292d3a3a67516ddf59d2d88dae057d16c18f18c2f38108e1e2dc Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/onbeforeunload.js	808 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/onbeforeunload.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-09-09 10:48:23 Times Seen8 Hash e5b8a5f62f29284c8e33d4d63b68eb27 66eb435b3c33711d39e8dd0e0e815ce2d98cf1d0 015d799099c0d544cbaa5c246c2f1206fab3132340459c416445888f517f9157 Loading...

	ouhastay.net/afu.php?zoneid=3647676	5.4 kB	2023-03-08	2023-03-08
Pretty URL ouhastay.net/afu.php?zoneid=3647676 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:02 Last Seen2023-03-08 20:43:02 Times Seen1 Hash f83b0b78c9ea3e9802cff925f6432fcd 4b8668e8942ea19dd00853f0943da30f52b9020b d09ed6dbec95bf2b9c90cb4e09618fd5f63db56ebf2e37a6aa3f90436005048d Loading...

	cdn.galattic.com/bidder/pm.v2.js	14 kB	2023-03-08	2023-03-08
Pretty URL cdn.galattic.com/bidder/pm.v2.js IP 95.110.203.212 ASN #31034 Aruba S.p.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-08 20:43:02 Times Seen1 Hash fb96346e43380da9b6817ce945a55526 2fdc477f5119f22ac053907c5f88a1a5a49f1585 6e25757a96fb224db244cf9d0d570183b9ae358b39e78a442b85a0ffb81b7120 Loading...

	www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js	1.7 kB	2023-03-08	2023-03-08
Pretty URL www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 58ae92e18213cfd5cd715261c7a63634 7de3cd24a2d5f0b645ec740bfb7e27eccbb24211 4f1642ce879126c17fccb8f31003df18289c64c6f38ba4c48eed00151546d83c Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/ua-parser.min.js	19 kB	2023-03-07	2023-04-30
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/ua-parser.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-04-30 23:50:26 Times Seen32 Hash 82c37eba599272027323ff1808d917d1 f033f7661c6a69ad3444079ef58c67f64df8b8e0 abe52f66a592550040c0d4d1544f79b0d7841637341ab1fc11a9ad30f16c83c9 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	35 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen34 Hash c2a1a98b2716e154986ea92dc56f6b40 bea8f66d72ebd5043d05d2b242861dfd1240902e b3b0b84516166109d16ccedf1a03cf7c3ac56f75d6479a85aa553b2af61e277c Loading...

	www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js	705 B	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash 032c63d7d69c01f1d1e645bd93ff7210 3c0677bd33069b32ac660f354ab807d9625c7e08 a24eef15ae3579a3947bd6798c646fcb8b556a293bfb8c24a00225376a7c0316 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/main.js	1.8 kB	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/main.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:09 Last Seen2023-03-29 22:28:59 Times Seen9 Hash da08bd6fe7b6ee7f0d3c8adff431bb2c fa531d4bbca406928d43076df03589204af2c400 7c1ccc2afca50d8334e00c7dc5ea9dda6452760ae0430ae67a78284b45c5597a Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	51 B	2023-03-07	2023-09-09
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen70 Hash 74c5851e746d4a186c1c04bbc5aa6b65 7254d2877f2f0e08d2fccf7a7a1acecf3b33b5fd 69be9646cd2194234d9e58460d48538491120c3f631d2a9bfbf8a7e85b64c77c Loading...

	analytics.tiktok.com/i18n/pixel/static/identify_7373d.js	117 kB	2023-03-08	2023-12-01
Pretty URL analytics.tiktok.com/i18n/pixel/static/identify_7373d.js IP 95.101.10.113 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:44 Last Seen2023-12-01 19:12:12 Times Seen8 Hash 2882420796825a8886ceecc7c4ed1a6c d9cba04c7337ba026b4a962b6e33f5f431fc68de 6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c Loading...

	www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js	6.8 kB	2023-03-08	2023-03-08
Pretty URL www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-08 20:43:02 Times Seen1 Hash ba529874fcd0e69dfd8c9126603ba23b 71f6d81e49c41848d5206ce0ae7f50f376b2826a 6c8880c0dc956824c62aced27bfb7a8a71c387d5e9506a6dc9bbf3fb624fcef1 Loading...

	www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js	120 kB	2023-03-08	2023-03-12
Pretty URL www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-12 06:42:30 Times Seen1 Hash 2fb1f137ee1b94f6d707d0e5bb718d68 c964cb000426a9545d779c45ce4f07f9db405798 9d7a515c27b86ef177707a9b3756d60ce1faf503bcf9ba9d64e15573905f3a16 Loading...

	www.helpwire.com/scripts/optanonApiBootstrap.js	541 B	2023-03-08	2023-03-12
Pretty URL www.helpwire.com/scripts/optanonApiBootstrap.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-12 06:42:30 Times Seen1 Hash a350eef484fa9186bf408beda6538334 39838a84ccd3d3407b873bf64d20830ee1174a9e 759eb2ef0ee7c0dd29b8d3d17f9d4b3da3549ff715fa764745cb5129ccc53009 Loading...

	www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js	2.8 kB	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash e15eeefc27e2f5e37f3cbb8759623c5b 7849724776e07097f37833928e2d33281a598fa3 ff1c832696c5dda74e27426f7fc3443703c0aa4f0146d0416b9f2d8c46f1a18a Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/speak.js	232 B	2023-03-07	2023-09-19
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/speak.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-19 09:11:01 Times Seen63 Hash d1d33bef4032495c9d75d806dafbd740 bc38d04e1986678f171dbf8eadf39ea712feead9 85f50d18a6d244a963444ba5a5ad3297a7b6b214823617841ca97243ab6a1c1d Loading...

	ouhastay.net/afu.php?zoneid=3647676	13 kB	2023-03-08	2023-03-13
Pretty URL ouhastay.net/afu.php?zoneid=3647676 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:59 Last Seen2023-03-13 05:59:33 Times Seen1 Hash 3977ace61fdc53eb1e19dafbec0886df 13284174d97984dfb833816cda904995aa24fbc1 76a57168b1145c629967dfc5f1da53eb222de9edfe5f34abd948ec074be02453 Loading...

	www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js	5.8 kB	2023-03-08	2023-03-11
Pretty URL www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-11 22:14:16 Times Seen1 Hash 1fe1f60389ad9fd611c6389ff6e2611e 63fa35b1ef13a7754688574904776d1bf4ebac73 6eea2a4850729ecf2067f1af34205ade61b8fa8043d36a4cf61adbe8c27ef1c7 Loading...

	www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js	12 kB	2023-03-08	2023-03-08
Pretty URL www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-08 20:43:02 Times Seen1 Hash 489a9bb7ca6f3965afd3155a5050414d 799e9198abfbe1ec21e1f7b3c398374eab5aa048 a60e6426242e86569b65146f393069e639cf64bf7e8476932e2951b5b370ac92 Loading...

	redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js	40 kB	2023-03-08	2023-03-11
Pretty URL redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js IP 139.45.197.251 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:06 Last Seen2023-03-11 23:52:00 Times Seen1 Hash bbda4d4cb1cb04651668ac9894355eb7 beb26013c4507a5eaf4a6c233a269e064afc0e73 ec3ddcca3167f811aea26c32d2c02e740b4c24511832f44b7db960e993be37f4 Loading...

	www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js	155 kB	2023-03-08	2024-01-30
Pretty URL www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2024-01-30 02:56:10 Times Seen10 Hash df06edd9f2d58887377191e1def2d748 62fa893e489aa8b15d423ff5289215eda8320c28 67b0b3bf117252f51886d851a3d15695d9eeddce9fa95a6b1d8e170e05c95e77 Loading...

	production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js	39 kB	2023-03-08	2023-05-27
Pretty URL production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js IP 151.101.85.188 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-05-27 19:10:12 Times Seen11 Hash bea9da88ccef790fb77abaea44ea345e e29e1f0956a9d811351a88da327d13985abe65e5 ad6c004c443d6c1ac8a66e25a5973b3d49fddcb31dc4574c6504e8f1df66aaeb Loading...

	www.helpwire.com/scripts/jquery.js	734 B	2023-03-08	2023-03-12
Pretty URL www.helpwire.com/scripts/jquery.js IP 54.230.111.44 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:40 Last Seen2023-03-12 06:42:30 Times Seen1 Hash 8ffe2fe575d8d70031baae73f19cbaeb c5afaec856ef45509bd5e9fda32c72ca62cbaf6d 3704ddc18365094439dcd2fbb36cbefec4e69c0b81c3dd6331d886984f29cab6 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/url.js	704 B	2023-03-08	2023-03-13
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/url.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:36:29 Last Seen2023-03-13 09:52:00 Times Seen1 Hash 52cdb37920347278f6a06b98540aec54 181e7e4305c91ecd631a833416c69d6f11e7da81 498b395705ea2deb83bbc2ad0d57ef6a8d1b0fe48bd09b93582910c042bccba5 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	193 B	2023-03-07	2023-03-29
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-03-29 23:15:31 Times Seen29 Hash 751c26f2b7a000982adf92f1b63334f1 39a32938e5781fb68f7474f664913e7074cbfb2f 8efa46a5c4f708ddc2999607d21372eb9fad86a55a99d42774f161db10a67181 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}	22 B	2023-03-07	2023-06-01
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} IP 104.21.6.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-06-01 07:36:13 Times Seen65 Hash fdf5215a834c58425d741415b276ecfd 9c860fbe5f251aeccedefaaebf88b696f0565361 47834e683a07afd65c0c9541adfa7930407b46c470c94b301caff82709a7faf7 Loading...

	exceptionalphonesecurity.xyz/smart-security-0/scripts/push.js	2.0 kB	2023-03-07	2023-04-14
Pretty URL exceptionalphonesecurity.xyz/smart-security-0/scripts/push.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:20 Last Seen2023-04-14 06:57:05 Times Seen28 Hash b4d24ee664f2756cc81c3c7b49440619 c73408beae6348d4f16e4b1e4ef018ad498c46db 60542004330b6da4435017509d1a310ca33e5cf898a5e9d36b5043cf74bf0490 Loading...

	www.google.com/adsense/search/ads.js	144 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/adsense/search/ads.js IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:43:03 Last Seen2023-03-08 20:43:03 Times Seen1 Hash c368a828cf3e99b00297d891e812a8ff a15d1dcf074084aafb347f193da8cfa73e413542 ffdcb38c7cac952659e611da7ed748427b3fd2364100e01aa712abab80b87fa8 Loading...

	www.helpwire.com/scripts/productAdsScroll.js	1.8 kB	2023-03-08	2023-03-12
Pretty URL www.helpwire.com/scripts/productAdsScroll.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:41:41 Last Seen2023-03-12 06:42:30 Times Seen1 Hash 315aa28ec31f4142831cef224bc0b74f 4abedd6b17464b7a93dc5c63f9e7b139fe7ad585 c7184fb9e196c2defdd015c7d3ec2e69d6efc9a710a12cf63e4f203b3b452136 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 26752a6fc3a6939beded7c22624edfb8	5 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-02-05 21:14:23 Times Seen253 Hash 26752a6fc3a6939beded7c22624edfb8 bf952054b3a1fadb9ebd3050f097dedae5fe085a 35e6366764c85ff27d4eaa8798d75814c7c25d9aa684fc270eac4d8056341083 Loading...

	#2 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-20
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 00:04:29 Times Seen36968883 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 67dd3b3e93a9ffbf82c063d49839aaa6	50 B	2023-03-07	2023-09-09
Pretty Observations First Seen2023-03-07 01:06:20 Last Seen2023-09-09 10:48:23 Times Seen34 Hash 67dd3b3e93a9ffbf82c063d49839aaa6 5376f20d76602c5f7709dd62ddaced26b2e86211 be434f49ec21e26b619e4186cce641233e60036505ac9cf6de704ebeb72b0e6d Loading...

	#2 Write - 5973bb22367cdafdba19288338452156	310 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:43:03 Last Seen2023-03-08 20:43:03 Times Seen1 Hash 5973bb22367cdafdba19288338452156 3243e75c6cb18f1566c28958147a73dc9df5c5ef b5f3159f1ed820017374404a8befee4fc536885c4ee3144525f0adb88c27f8d6 Loading...

	#3 Write - 85e6068bad3a1068fb39c6819e2572b9	112 B	2023-03-07	2023-04-05
Pretty Observations First Seen2023-03-07 01:15:58 Last Seen2023-04-05 16:08:44 Times Seen10 Hash 85e6068bad3a1068fb39c6819e2572b9 3c90851e64d67bb748c3cb78be59dd75ee044965 4448b50a0446877c729032fc7d2ac04b985f7838bfc700b779e132afa7c2803c Loading...

	#4 Write - 3359bbf5078db5ecf417dabfadd49d5f	53 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2024-02-05 21:14:23 Times Seen192 Hash 3359bbf5078db5ecf417dabfadd49d5f 43de8ec13da1c9e2585051ecbab412f07af361e7 6ce64525848d677d6f619f970e996c47cc6a82bf85d40bb2acd64474d3a3046e Loading...

	#5 Write - a0bfb8e59e6c13fc8d990781f77694fe	8 B	2023-03-07	2024-03-26
Pretty Observations First Seen2023-03-07 01:06:20 Last Seen2024-03-26 22:49:53 Times Seen88 Hash a0bfb8e59e6c13fc8d990781f77694fe 2e02623966f9391facf6eaefc8b079ed5b630bee 31fbef162594de01bab0cd525c51f74de7bcb15063029fa1a54b2cf5944c80d8 Loading...

	#6 Write - 7bf29989281bce2a027791ec1298bcfc	299 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:43:03 Last Seen2023-03-08 20:43:03 Times Seen1 Hash 7bf29989281bce2a027791ec1298bcfc aa5e4b086e8fe6c90613c65520a100d4c6ba3fde 90fbbff4037ad0869f64dcd092cc24915eece9323610cf8f3ccad4797ce881ef Loading...

	#7 Write - ea4788705e6873b424c65e91c2846b19	6 B	2023-03-07	2024-03-30
Pretty Observations First Seen2023-03-07 01:03:24 Last Seen2024-03-30 18:29:49 Times Seen340 Hash ea4788705e6873b424c65e91c2846b19 77dfd2135f4db726c47299bb55be26f7f4525a46 19766ed6ccb2f4a32778eed80d1928d2c87a18d7c275ccb163ec6709d3eb2e27 Loading...

	#8 Write - c172a7b06d74266a4d7d634db0ecdbbd	156 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:15:58 Last Seen2023-03-17 11:31:07 Times Seen1 Hash c172a7b06d74266a4d7d634db0ecdbbd 21bcc7c8de1a4f5985f091b1746de571b1dd2b37 949398833ecb71dace0d6a15f4166af32a8e0c16be1f945f93297956925b8f51 Loading...

	#9 Write - bf0859200ad3b6515391e6926f2287da	2 B	2023-03-07	2024-03-06
Pretty Observations First Seen2023-03-07 01:06:20 Last Seen2024-03-06 12:52:49 Times Seen130 Hash bf0859200ad3b6515391e6926f2287da 94b6931d19c85cc30a433fab65c20f3dc0dc9598 1d97c9fec35ad3ba402a8bb3548546924ce958f8f4b8a65b0f39c9c6171bdf34 Loading...

	#10 Write - 36ea87181bee611c42bdf33b8ed29a4a	89 B	2023-03-07	2024-01-25
Pretty Observations First Seen2023-03-07 01:06:20 Last Seen2024-01-25 10:38:04 Times Seen35 Hash 36ea87181bee611c42bdf33b8ed29a4a b7d5236fd1b620bc157f04cfeb55617cf0151631 6c19434f8282294efc05f0fd70015529942972352a6b00984ac14d444f61db9b Loading...

	#11 Write - cfb0b5f8ccae71824d6eaeed9d5efb2c	4 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:06:20 Last Seen2024-04-15 19:19:47 Times Seen1656 Hash cfb0b5f8ccae71824d6eaeed9d5efb2c f26a5fc2d93401fd0a0fb60d5b8ba770e74ca387 ecd5b806462c7dfdf078ac76c549060a06660422d00e55bd5823be6747361085 Loading...

	#12 Write - b4f52cd0a11de0c4a6f11e696990b3c5	295 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:43:03 Last Seen2023-03-08 20:43:03 Times Seen1 Hash b4f52cd0a11de0c4a6f11e696990b3c5 850c8a8625690d0c8cc63aff85a35ce28ec319f8 1e2898350cd371718548e1e548ba2b039bd5d71149378528b1996eab306fa027 Loading...

	#13 Write - 99b1054c0f320be9f109c877a5efd0b2	10 B	2023-03-07	2024-02-05
Pretty Observations First Seen2023-03-07 01:06:21 Last Seen2024-02-05 21:14:23 Times Seen238 Hash 99b1054c0f320be9f109c877a5efd0b2 7c107b40dc9b9c8832d37f19f0526a2007e9aa48 f96f4d46e788614ae69e039ae032229de03f08cfe7f84c7f405ba021e50d3eca Loading...

	#14 Write - 8a8d587605e665aa99a75e390bf795e2	68 B	2023-03-07	2023-04-05
Pretty Observations First Seen2023-03-07 01:15:58 Last Seen2023-04-05 16:08:44 Times Seen10 Hash 8a8d587605e665aa99a75e390bf795e2 4b334cffcacc1f1dee5679b5d4691cafdb9f5175 3d616b12fbe8aa4b171323dc696cebb002be86551f35cc23fe0bc2756abc58e7 Loading...

HTTP Transactions (102)

URL IP Response Size

exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}

104.21.6.184

301 Moved Permanently

0 B

URL HTTP/1.1
exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
104.21.6.184:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: exceptionalphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 07:49:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 08:49:53 GMT
Location: https://exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BvsPeKuVNo8hwZTbDbtD80ZzYhDzt0nYiJwEDKUjDo8pV8WaNOogL%2BxmAFDa1AfTx2V9PBPk57GSwJ2%2BN9BMfTPssFKpnbzbseWYIV8Fdxs%2F4SCu9FfCHqsjpg2ifUslI2EDogizLEosbj%2F3w1c"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775baad20d5ab51b-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6302
Expires: Wed, 07 Dec 2022 09:34:55 GMT
Date: Wed, 07 Dec 2022 07:49:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Wed, 07 Dec 2022 09:00:05 GMT
Date: Wed, 07 Dec 2022 07:49:53 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3470
Cache-Control: max-age=99555
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:53 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:29:08 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ec0G7QHfUKCsWLZd/zZCGRWIW3hvGood4Jv7rEezLNG4spDI4kjrdARa+wYWl+7Ul27eUSHmEpE=
x-amz-request-id: 6FCAANFEA29Z9W96
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 07:49:17 GMT
age: 36
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 07:18:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1868
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 07:08:58 GMT
cache-control: public,max-age=3600
age: 2456
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

1.2 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
1.2 kB (1240 bytes)
Hash
137ad938a0cca7ffab080758c3c34d47
84263e6e20eb526a3e7fd78e3cb18bc0c6cef3ba
fe1f8bc1d6fed78aba655016085bc3ed88a78e699fe168ca2e303f3e6e33ac40

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3451
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:54 GMT
Last-Modified: Wed, 07 Dec 2022 06:52:23 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.33.119.27

200 OK

647 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
647 B (647 bytes)
Hash
95be800cb041945de2fb09e5c0958f0f
3838ddd6e5ef9f34ba7176f9c2379a6605e63fe1
a9ff79ed21b2c0fdc6a2f7e0863e54e7b8c8a28d81760d4e4f86fd584c03398f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17436
Expires: Wed, 07 Dec 2022 12:40:30 GMT
Date: Wed, 07 Dec 2022 07:49:54 GMT
Connection: keep-alive

my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4

HTTP Headers

GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:54 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F0Lo4/2FJTAofCretmECZw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tNw5qT9f4AzFpOgDJwGhBVhqxNA=

analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq

95.101.10.113

200 OK

1.3 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2667)
Size
1.3 kB (1316 bytes)
Hash
a1ce0a74a986f7859764f75499c0ef97
ed98c5c6994150c3d55ee87dbdbefb7a528d6653
8773a184055c123eea5ccd1ccfa4a0c7b23ac38c004b620bb859996b056e8919

HTTP Headers

GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20221207074955DCAD5D10DE558B2AB237
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb61987e92ca6e82fe8f5ce61a0d782a00b80b18155882b6fb985d8d9235c23655c1a4cb9b42b7f371e88f9eb10884f70bb2ff14d49d14860658f155ecc60ecdf4be7ebc5f019558474ca4062a53f26051d
content-encoding: gzip
content-length: 1316
x-origin-response-time: 12,23.48.215.79
x-akamai-request-id: 19e0e09c.6e24f4c0
expires: Wed, 07 Dec 2022 07:49:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-48-215-79.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=12, inner; dur=4
x-parent-response-time: 109,95.101.10.109
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd4300598772fa9d894af55b7c54c16a
bf7e8a794e1cc52b330a894e9ed1d2c9fed0610f
93e073621f35c8cb3cfa5bbcedc2d99912f0a5114023333589f95c542e0df32c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93E073621F35C8CB3CFA5BBCEDC2D99912F0A5114023333589F95C542E0DF32C"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10993
Expires: Wed, 07 Dec 2022 10:53:08 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive

analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js

95.101.10.113

200 OK

67 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/static/main.MTk2NTc4NGU0MA.js
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (21716)
Size
67 kB (66584 bytes)
Hash
a2ced8005c34dd0d76dda9f21d01afa5
d83e5c8cba4d9efdd3fb83c01cd8599ddf21b801
74b397f8b46b9f6747a4e2f3e817c883f466d33058c172759d2917635571c2e1

HTTP Headers

GET /i18n/pixel/static/main.MTk2NTc4NGU0MA.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132732D0ECA0A6AEF9623F8A54
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb681878c834a0bf3905d20952f57059d5498ad6745f86edb4261ab730e3788891ad407d101788fa5b87526d8c1d0913d567
content-encoding: gzip
content-length: 66584
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
x-akamai-request-id: 6e24f544
X-Firefox-Spdy: h2

overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}

167.99.158.7

200 OK

43 B

URL HTTP/1.1
overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}
IP
167.99.158.7:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Thu, 07 Dec 2023 07:49:55 GMT; Secure; SameSite=None

analytics.tiktok.com/i18n/pixel/static/identify_7373d.js

95.101.10.113

200 OK

31 kB

URL HTTP/2
analytics.tiktok.com/i18n/pixel/static/identify_7373d.js
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30608 bytes)
Hash
f903a41e043452e3ec96297bb8fe30de
21a750289fa7266253ab7b3b1a18b55bd0e0b857
eebc96ed4144fe30c60fdbdaefe2ed2e4f09db990c29cebec4412bb804283eec

HTTP Headers

GET /i18n/pixel/static/identify_7373d.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20221206132733A80B192CBC121C37E2D2
x-tt-trace-host: 014eb13aa4362f9dd2f6acd202ee4586f6cc2be1abb956fa86aa4dc7822d91eb6848eeec7666bf4bef48999ff53f693e32b35e570af7dbe6b8b28dc46e6340109e0f677d0ab0ff303ca92131a82741ece8
content-encoding: gzip
content-length: 30608
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MEM_HIT from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 6e24f654
X-Firefox-Spdy: h2

analytics.tiktok.com/api/v2/pixel

95.101.10.113

200 OK

0 B

URL HTTP/2
analytics.tiktok.com/api/v2/pixel
IP
95.101.10.113:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 927
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Cookie: _ttp=2IZqLK7vqeod3UNxhdo2tcJ1PMj
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: application/octet-stream
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221207074955A1B348FF17F7582AA48F
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb67140549ad4eaaab92cb7363406bdeb017e8ff6d7518c5d3302fe64167f3658ca776989c64bd91a34c55616f444d845d3774f3586881c60e8ec46fd64af5563a2
expires: Wed, 07 Dec 2022 07:49:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 07 Dec 2022 07:49:55 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=6, origin; dur=105
x-origin-response-time: 106,95.101.10.109
x-akamai-request-id: 6e24f65f
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
32d732e9c53c3a07c5c7d49b6a934887
d5fca9123b20f2b339ad82102e34312b7e351df6
e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134346
Date: Wed, 07 Dec 2022 07:49:55 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 21:09:01 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (bsa/EB1A)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1C6_gyvhbjvIbVwfCqw0k79nEGJng97cKvxVF8DIwRM7Nz4AutT6Pw==
Age: 4417

ocsp.sca1b.amazontrust.com/

54.230.245.110

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.110:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
32d732e9c53c3a07c5c7d49b6a934887
d5fca9123b20f2b339ad82102e34312b7e351df6
e60522d2e6c9294ace4bfada709342ea11d1affe396f68193cabdc73296ddb64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135823
Date: Wed, 07 Dec 2022 07:49:55 GMT
Etag: "638f9e2c-1d7"
Expires: Thu, 08 Dec 2022 21:33:38 GMT
Last-Modified: Tue, 06 Dec 2022 19:55:24 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hqv-O6qcvnol-ULyUSj_Jn_fLgDxKOuOAOWHdHHYS98bFDD8_t-cSA==
Age: 5895

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1c47e3be286fd3a993bd3ec79c1eb2ea
b1e02e8079fc11a3e70d5f82ab03505697ef1274
811bd43886ffa0a9c9acc2fce1cd0f47a950331e8592c52c742a7796b3129449

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "811BD43886FFA0A9C9ACC2FCE1CD0F47A950331E8592C52C742A7796B3129449"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10944
Expires: Wed, 07 Dec 2022 10:52:19 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive

app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64

54.208.186.182

200 OK

0 B

URL HTTP/1.1
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
54.208.186.182:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8e4e5983e4e94c51da3faafa3906d6b
886c03cde4cfd5aded4e4bb84c83055795dbfdf8
9a58ddd5a43c81d671bde49f7ee80266995c54c106979ba00d8c3cd943286b8b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A58DDD5A43C81D671BDE49F7EE80266995C54C106979BA00D8C3CD943286B8B"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Wed, 07 Dec 2022 13:49:22 GMT
Date: Wed, 07 Dec 2022 07:49:55 GMT
Connection: keep-alive

app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64

54.208.186.182

301 Moved Permanently

0 B

URL HTTP/1.1
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP
54.208.186.182:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur

my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fexceptionalphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:55 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=087cc97d124d4b5c83613dfa96c17fda; expires=Thu, 07 Dec 2023 07:49:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1

167.99.158.7

200 OK

8 B

URL HTTP/1.1
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
167.99.158.7:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe

HTTP Headers

OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://exceptionalphonesecurity.xyz/
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD

app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64

54.208.186.182

200 OK

0 B

URL HTTP/1.1
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
54.208.186.182:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

167.99.158.7

200 OK

126 B

URL HTTP/1.1
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP
167.99.158.7:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
c8f85db18fe8f89306f6c0819c67036d
7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee

HTTP Headers

GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64

54.208.186.182

404 Not Found

86 B

URL HTTP/1.1
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP
54.208.186.182:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size
86 B (86 bytes)
Hash
024c203b02c3d88f5e07d125220aa18a
4450bc452d44c05834e068f5341745b2e81ebbe3
a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787

HTTP Headers

GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Wed, 07 Dec 2022 07:49:56 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur

primaveratrack.com/testb.php

167.114.103.223

200 OK

126 B

URL HTTP/1.1
primaveratrack.com/testb.php
IP
167.114.103.223:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
a5b3bfed693e840e5d91095409c6af0b
7fbe8433eda44893839708d5ce47d7a7041005fd
a04e547854da7a70b03398e9329527420ef9f14486d35d5c3186ee46248f25a4

HTTP Headers

GET /testb.php HTTP/1.1
Host: primaveratrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exceptionalphonesecurity.xyz
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 07 Dec 2022 07:49:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
15557fed28ee436852481c7daad6cfbb
f39fb5e843a53d580a71f6390c67f1251712e104
57ae17f40d2df783b103d2b1b0fe9e1372c5ea289a5f6aff3e750a0c78af6f41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57AE17F40D2DF783B103D2B1B0FE9E1372C5EA289A5F6AFF3E750A0C78AF6F41"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16147
Expires: Wed, 07 Dec 2022 12:19:03 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

2.0 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
2.0 kB (2035 bytes)
Hash
06628c64cb9c95ff21fc58cd59e2f26d
7c17735d0ad4a6791b47d347f6fb5080e4cd790f
4f7adc6da43f296f67106d3501cd2d24b541c4c2f4f81274e3a2262db3dcb48c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10318
Expires: Wed, 07 Dec 2022 10:41:54 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5913 bytes)
Hash
b079607b368263e3517dd30250f5f2af
a1b7863c70f1d501560a5b2fb4442f4835f94341
e7ed3ed2aca312d82fb017e06c6493fafffff9a603d1498c9c05355c08b444e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e484ee7-12d9-41dc-b674-890c51c30626.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5913
x-amzn-requestid: 355ca338-7d8e-4a60-a491-0509d0ff32d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirF3DIAMF-vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5bff7b5b3984102e1ef0e737;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RlnA4SSUIbIVtGBxqBtabKw58aXWE-jGIKLZ4DnoTiGzvH5bzBOUbA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "a1b7863c70f1d501560a5b2fb4442f4835f94341"
content-type: image/jpeg
age: 35557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js

139.45.197.251

200 OK

21 kB

URL HTTP/2
redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
IP
139.45.197.251:0
ASN
#9002 RETN Limited

File type
data
Size
21 kB (20772 bytes)
Hash
6e70716c3dc53c61f3da8835f120c038
16dca70f1aaac4bbddcc4af99e40ed2c42cd2ddf
996fa0c69bb4dd2da1a91b20b0c70a4f4509982f5367678f632e54822e206ac7

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 16:47:32 GMT
age: 54144
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9613 bytes)
Hash
b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: 31270e51-34df-4980-9221-e21a5521b3de
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clZQYHzvoAMFvdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ba268-509300b867fcbfb71a7cf6ad;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 19:24:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xk1sLSRBl1t872eGrnw1dVjQO7XvAM4NDFd5Y0wKjdvkKtaqDneEKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:54 GMT
age: 35282
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10362 bytes)
Hash
550ee57c325ce8d4892400deb24141d3
acece1761a7d4d3926500726c19d528bb204ef4c
7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uhgTdyHGPZ1Ocp6wLQNVgcZ0z2CPyV0a_51MXD6Q04tsJ3RhgMY2Fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 35514
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12259 bytes)
Hash
0a317faf49d8e057d1da40f9441b6c30
f01497a3eef693b70b18885156f63c9c7305ed7e
5687e273eefa9ba3733fabe234e52bc7db87b4ec6244d12077c5816ae7961576

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12259
x-amzn-requestid: db1b424e-af8a-4a6f-92dc-27ccf3256d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: coKPCHc9oAMFygg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638cbd93-56c293d73368cab66819d31e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 15:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VsWEwb3ynI-AP3uWwVHM6I7aY3f0TBLvge2Znt7hNIXlNtMbvpKmBQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:00:53 GMT
age: 85743
etag: "f01497a3eef693b70b18885156f63c9c7305ed7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681

18.192.108.151

200 OK

724 B

URL HTTP/2
track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
IP
18.192.108.151:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Size
724 B (724 bytes)
Hash
9fd4801e2ecd8ca98f79072d6712097a
2e6f263aeabec9c56187a8a0de80a7d4cb79b8dc
a59e107d30efd7a3d404e0b84b4e8a9541f3aa8492f33d3c4cf15988ffe01bae

HTTP Headers

GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exceptionalphonesecurity.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html;charset=UTF-8
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=PbVITkNClEmr-BA-UVXWm9vy16pdbuxJ-aiLGA7az6A; Max-Age=86400; Expires=Thu, 08-Dec-2022 07:49:56 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=K6P3qrLXEsdBlKIH9BYYtrOB269NhQw8yCCcrIZjzCxqO7BErPLYu9zM%2F3YSiFdy%2BXB7q3nKB5RkMSTDnr3%2FFPrwEdArFh84t9H7UuXSt7Ivjxf3uEfYMKyb5WI5mHEOU43VuDb3HhLv4tVf2U6XXw%3D%3D; Max-Age=31536000; Expires=Thu, 07-Dec-2023 07:49:56 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

2.0 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
2.0 kB (1999 bytes)
Hash
5db79f094c8ddf3e345bdf82946ffa9d
0eec91eeb12380f7402101ab2bf5c397de57573f
066e3e2c128777206c7dd094e8ff46980103df9fad606855b1b131d4e7eee8ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A17633616BACD38F4F0EC3CCD4694B85F7C5887FC7613B3E50C757E7D3A17529"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12921
Expires: Wed, 07 Dec 2022 11:25:17 GMT
Date: Wed, 07 Dec 2022 07:49:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b22490b02628e79842aa551994331a2e
238870b8a3e6ef3b6a761154e3abee386643597c
ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17433
Expires: Wed, 07 Dec 2022 12:40:30 GMT
Date: Wed, 07 Dec 2022 07:49:57 GMT
Connection: keep-alive

my.rtmark.net/img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=merge&userId=ab6af67e589f40b090cb212410ca16fd HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:57 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ouhastay.net/?z=3647676&syncedCookie=true&rhd=false

139.45.197.239

302 Found

0 B

URL HTTP/2
ouhastay.net/?z=3647676&syncedCookie=true&rhd=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=ab6af67e589f40b090cb212410ca16fd; oaidts=1670399396
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: nginx
date: Wed, 07 Dec 2022 07:49:57 GMT
content-length: 0
location: https://revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3
x-trace-id: 1b506f9a7b67e6d2ab7385d379ede2c0
link: <https://revpu.sh>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:57 GMT; path=/; secure; SameSite=None
oaidts=1670399396; expires=Thu, 07 Dec 2023 07:49:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 07:49:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3

139.162.186.41

302 Found

1.7 kB

URL HTTP/2
revpu.sh/redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3
IP
139.162.186.41:0
ASN
#63949 Linode, LLC

File type
data
Size
1.7 kB (1689 bytes)
Hash
d4e3d45570fbbcf01967e2f1cbcd9be1
4c9d7700bb4ecda129c8410e02e267e5d9023bbc
e29aee29ba85ca81fa8150f7556e0cc5b64b4abb597601c06300a04eabb0e884

HTTP Headers

GET /redir?page=aHR0cHM6Ly93d3cuaGVscHdpcmUuY29tL2FydGljbGVzL2Vhc3ktaG9tZS1pbXByb3ZlbWVudD9xPVZlZWFtK1JhbnNvbXdhcmUrUHJvdGVjdGlvbiZzcmM9bWcmZ2NoPVQwMDAwMDEyJnZpc2l0b3JfaWQ9JTI0JTdCU1VCSUQlN0QmdGFyZ2V0X2lkPSU3QnpvbmVpZCU3RCZjYW1wYWlnbl9pZD0lN0JjYW1wYWlnbmlkJTdEJmxpbmtfa2V5PTA0NGIxOWM0OTA5OTg4YzFhNTFiOTU4YWE3ZTJiZmRk&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd&rdk=rk3 HTTP/1.1
Host: revpu.sh
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
content-type: text/html; charset=UTF-8
location: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
cache-control: no-cache, private
date: Wed, 07 Dec 2022 07:49:53 GMT
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js

54.230.111.44

200 OK

705 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/4963.2b7c7ead79fd7562.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (705), with no line terminators
Size
705 B (705 bytes)
Hash
032c63d7d69c01f1d1e645bd93ff7210
3c0677bd33069b32ac660f354ab807d9625c7e08
a24eef15ae3579a3947bd6798c646fcb8b556a293bfb8c24a00225376a7c0316

HTTP Headers

GET /_next/static/chunks/4963.2b7c7ead79fd7562.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 705
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "032c63d7d69c01f1d1e645bd93ff7210"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iwSFy1BQxaPmT2q-4KIwJETYdqtpMW0BrnA5S20XYANOyoarrwvWLQ==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js

54.230.111.44

200 OK

77 B

URL HTTP/2
www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

HTTP Headers

GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_ssgManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 77
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "b6652df95db52feb4daf4eca35380933"
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PYvGkjFhrNloGyppOC8-3-VyvTjwyGuyc1CwOXaDGk8_SZrRT_4Aww==
age: 25545
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/otSDKStub.js

104.16.149.64

200 OK

7.2 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (21747)
Size
7.2 kB (7151 bytes)
Hash
6ca9058d9138dc07d9a378e6f20a8b7b
ff5f65ad24a8e2b3042cbb0136be7edb52215c1a
1561d36bd995a09ea69c243767e196dd2e76a2753b59b78ecbf999161904f86d

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:58 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Tue, 06 Dec 2022 07:45:09 GMT
etag: 0x8DAD75DCC9E2F9F
x-ms-request-id: b80b8554-f01e-014c-18d0-0959ac000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 21620
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baaef7e78b51e-OSL
X-Firefox-Spdy: h2

production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

151.101.85.188

200 OK

11 kB

URL HTTP/2
production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js
IP
151.101.85.188:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (30787)
Size
11 kB (10990 bytes)
Hash
67ef57e9804d6164ab0228529c00634a
b6221503720655cb5587ac02ab142e86547752c6
3e017104b5ad4b26d0365897e175f1c912c7d0272bfbf685a61187ed83ab95d8

HTTP Headers

GET /dist/optanon-v1.1.0.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: jtR/w/ggy4yJybv8Q6oEEVlLz2NZxrzjcRxyRWtbYV7zCAyFvJhKzrR2NoszBfi2tPd/SVORBTc=
last-modified: Wed, 30 Nov 2022 19:44:06 GMT
etag: "bea9da88ccef790fb77abaea44ea345e"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:8320ed39-e573-464a-ae46-962fa1ee7233
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:49:58 GMT
via: 1.1 varnish
age: 3581
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 45
x-timer: S1670399398.346333,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 10990
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
688b45eb160bc1d3c007143fd57ffca4
fc3d05405c60679f2916d4d7f9456f66ee17b47e
fc2909dede0f02f33d873592a40c1617f8097be4e23990e4bde7806b2811c369

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 07:49:58 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 04:52:36 GMT
Expires: Mon, 12 Dec 2022 04:52:35 GMT
Etag: "fc3d05405c60679f2916d4d7f9456f66ee17b47e"
Cache-Control: max-age=420757,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775baae81b25b52d-OSL

www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css

54.230.111.44

200 OK

7.1 kB

URL HTTP/2
www.helpwire.com/_next/static/css/8f57e9c85b5d5070.css
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (29203), with no line terminators
Size
7.1 kB (7126 bytes)
Hash
5db6af4ab1283135843f6d49fd7efb0e
88de37b289e332e1b9a9e005b87a27974c0c42e5
2b86d346222169a505668730a09bd55ca6d1212f2d192508d7dac33707cb99a3

HTTP Headers

GET /_next/static/css/8f57e9c85b5d5070.css HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 07 Dec 2022 00:44:12 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"dcb484010de231dc283a4396d33734d0"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QLl2xXGcPTJgGXHevrZbQgBgqv1VS3XDcH7gMk3HO8Stg5oONz0GrQ==
age: 25547
X-Firefox-Spdy: h2

production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js

151.101.85.188

200 OK

1.6 kB

URL HTTP/2
production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js
IP
151.101.85.188:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4276), with no line terminators
Size
1.6 kB (1598 bytes)
Hash
763348e62c55c7dd9305ec53c9625fb8
4ab12704650190c06e311bb87b1061189aeef8ed
ad386546b56fdbc7ca27432d19cc95b00804bad4222e51e2d9edc3e46526c0e2

HTTP Headers

GET /cps/shamanNotifier.js HTTP/1.1
Host: production-cmp.isgprivacy.cbsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: uubeTO18Dft9kzTBI/Toah17xX2B9HhMK6uDNdisIz7t5yffuVq6RDpXmOO3yypBeEdy+jCZy8Q=
last-modified: Fri, 22 Jul 2022 19:02:28 GMT
etag: "3e0cf3a78511da0d4110ac814d88e0ec"
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:65247f02-0cba-4f78-bd98-f251a31929ac
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 07:49:58 GMT
via: 1.1 varnish
age: 2281
x-served-by: cache-bma1647-BMA
x-cache: HIT
x-cache-hits: 33
x-timer: S1670399398.378109,VS0,VE0
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1598
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
541d323f2c62a599adac414d865ddea0
1b7c289efa8d0e4db32591c80bb52d6d025227fb
ab5ac61bf4987f08a14e137f5feccab888ca32e2f74d2f0196ae4d92cf7017d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 07:49:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 00:46:22 GMT
Expires: Tue, 13 Dec 2022 00:46:21 GMT
Etag: "1b7c289efa8d0e4db32591c80bb52d6d025227fb"
Cache-Control: max-age=492382,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775baaefcb65fabc-OSL

cdn.galattic.com/bidder/cbs/filter.js

95.110.203.212

200 OK

424 B

URL HTTP/1.1
cdn.galattic.com/bidder/cbs/filter.js
IP
95.110.203.212:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (337)
Size
424 B (424 bytes)
Hash
7ce4858083c37871907f2f338f4371a0
1e0050323a2b1216eb0e9d2c0091ee91659a0503
8c6c7f84863db2932af068a41425b1532fa27df39688fdb0e016c336dfb74145

HTTP Headers

GET /bidder/cbs/filter.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 10:02:41 GMT
Content-Type: application/javascript
Content-Length: 424
Connection: keep-alive
Last-Modified: Wed, 03 Aug 2022 11:33:13 GMT
ETag: "2be-5e55499294238-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 163323437 587140619
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

cdn.galattic.com/bidder/pm.v2.js

95.110.203.212

200 OK

5.1 kB

URL HTTP/1.1
cdn.galattic.com/bidder/pm.v2.js
IP
95.110.203.212:0
ASN
#31034 Aruba S.p.A.

File type
ASCII text, with very long lines (537)
Size
5.1 kB (5091 bytes)
Hash
7b1ee989885daae551165c112a58d3b3
baa841b1efd1d200195d210ba5384d0e3707ed45
f469628f6362b1dac4bd5b82394cceb85366ca1fe5346d2591ac21786d221bad

HTTP Headers

GET /bidder/pm.v2.js HTTP/1.1
Host: cdn.galattic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 07 Dec 2022 10:02:41 GMT
Content-Type: application/javascript
Content-Length: 5091
Connection: keep-alive
Last-Modified: Wed, 27 Jul 2022 12:40:52 GMT
ETag: "3642-5e4c8ba3332cf-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cacheable: YES
cache-control: max-age=900
X-UnsetCookies: TRUE
X-Varnish: 155965410 482902296
Via: 1.1 varnish (Varnish/5.2)
age: 0
X-Cache: HIT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

www.helpwire.com/scripts/optanonApiBootstrap.js

54.230.111.44

200 OK

541 B

URL HTTP/2
www.helpwire.com/scripts/optanonApiBootstrap.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
541 B (541 bytes)
Hash
a350eef484fa9186bf408beda6538334
39838a84ccd3d3407b873bf64d20830ee1174a9e
759eb2ef0ee7c0dd29b8d3d17f9d4b3da3549ff715fa764745cb5129ccc53009

HTTP Headers

GET /scripts/optanonApiBootstrap.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 541
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "a350eef484fa9186bf408beda6538334"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j3yrWlaJ5QL1oevxVkfyXav6-nscD2xuncl7mxYKuJSbDZRmfc2hPQ==
X-Firefox-Spdy: h2

www.helpwire.com/scripts/google_head.js

54.230.111.44

200 OK

123 B

URL HTTP/2
www.helpwire.com/scripts/google_head.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
123 B (123 bytes)
Hash
f8c8167390a88fb75b4faac761c487e5
ab257ec7e73a989a17553450985fcfd660be8e7a
1278654f4fa2f333df55a3f0ef92282fdfb657dd40b952e17c84f2372ef76727

HTTP Headers

GET /scripts/google_head.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 123
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "f8c8167390a88fb75b4faac761c487e5"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IWMU-_CPpgjoqMlH782z3qtmoqjnSVzBag32T2peo3pQP845GpQcyg==
X-Firefox-Spdy: h2

www.helpwire.com/scripts/jquery.js

54.230.111.44

200 OK

734 B

URL HTTP/2
www.helpwire.com/scripts/jquery.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
734 B (734 bytes)
Hash
8ffe2fe575d8d70031baae73f19cbaeb
c5afaec856ef45509bd5e9fda32c72ca62cbaf6d
3704ddc18365094439dcd2fbb36cbefec4e69c0b81c3dd6331d886984f29cab6

HTTP Headers

GET /scripts/jquery.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 734
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: "8ffe2fe575d8d70031baae73f19cbaeb"
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: owoJ0W9YJAtbqUt8yBVHPRGJs4mdBjmfZ6G6_BqJjTs31FjM7H8kmA==
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32058)
Size
27 kB (27277 bytes)
Hash
b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45

HTTP Headers

GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6068028
expires: Mon, 27 Nov 2023 07:49:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwRw0Yn%2FVlfpVeQRQkakEfgHJ8DP5vnDRLmj9DPiGcJhDYwvuxON%2BWDwX9ToGY2iX5oRCRxJCHikq6WBPUVArBeDfSIs6FiE1UOoe3mlOxI2uqBSkGhqObkd4i8uS%2FI183wqtGou"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775baaf3ad6fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.helpwire.com/scripts/google_body.js

54.230.111.44

200 OK

2.7 kB

URL HTTP/2
www.helpwire.com/scripts/google_body.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
data
Size
2.7 kB (2701 bytes)
Hash
57664793a37b51961575609e9cc92595
f18b6c6f64481e0c9f347705436f6899d9f2b6c0
b084dd67731337c351f7736cb59ba5d490be1d20673320437a8cd3dacddcf2a6

HTTP Headers

GET /scripts/google_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"bc241cfddb77e291a3781f1946b1796e"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D1SdVi31sVkavZgXGBjSzkfaYivcWDCn8GQfANtn8jcOJtjp-iPIXA==
X-Firefox-Spdy: h2

www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75

54.230.111.44

200 OK

1.5 kB

URL HTTP/2
www.helpwire.com/_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.5 kB (1502 bytes)
Hash
496eacb1c842a860b2605faa05ae0140
fdc7453e70ea04ad9398e2ef803acf5f0dea7b18
f45991b0020bcbd31ffb521f726d70d73c34574dde21552dacd8fb0053a12890

HTTP Headers

GET /_next/image?url=%2Fassets%2Fhelpwire%2Flogo.png&w=96&q=75 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 1502
server: CloudFront
date: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: public, max-age=60
etag: "9FmRsAILy9Mf+1Ifcm1w1zw0V03eIVUtrNj7AFOhKJA="
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7UT38T1DlgQWIQ_MEOul6v4LvDxtWygnWykh5O5itVcKWEN2rS_mHw==
X-Firefox-Spdy: h2

ouhastay.net/afu.php?zoneid=3647676

139.45.197.239

200 OK

11 kB

URL HTTP/2
ouhastay.net/afu.php?zoneid=3647676
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
data
Size
11 kB (11333 bytes)
Hash
bd923c1615c26dca808cc2759f9b3b22
4529cf467980b3112aab275d6bde30c4a2665fba
58a1cd86bd758f308eacca566e76222b749dcf9b1b070cc1d143875e4a43bd46

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html; charset=utf8
x-trace-id: 39394a0db5fca3ea3e489ea6eda58151
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ab6af67e589f40b090cb212410ca16fd; expires=Thu, 07 Dec 2023 07:49:56 GMT; path=/; secure; SameSite=None
oaidts=1670399396; expires=Thu, 07 Dec 2023 07:49:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 44PIJw552i3lhnwxN1BukLUoUG//UUXQf7NN89j59QbAx+d8Sq2S/TneIL5ACOjgl6HdZDEy1/AdR4DxJO2m0w==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Wed, 07 Dec 2022 07:49:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js

54.230.111.44

200 OK

3.5 kB

URL HTTP/2
www.helpwire.com/_next/static/chunks/7203.d962e336ccf4b740.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
data
Size
3.5 kB (3455 bytes)
Hash
3523234266ace489b09e3cad22218c1b
a37d95fd212f4e46c52cde0407bb07753361d3d4
c28ba56a42e13180952ec9cd314311703f56c47206cccd457688be3c60d87c5d

HTTP Headers

GET /_next/static/chunks/7203.d962e336ccf4b740.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"ba529874fcd0e69dfd8c9126603ba23b"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_7AL-jYnBWp2R22QGTubrlQE_1tx-jDT2lJ-IJ3_l4O0TSi1Ebh2g==
age: 25546
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2118
Cache-Control: max-age=106473
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:24:32 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

www.googletagservices.com/tag/js/gpt.js

142.250.74.162

200 OK

28 kB

URL HTTP/2
www.googletagservices.com/tag/js/gpt.js
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (40252)
Size
28 kB (27564 bytes)
Hash
9f220d7f24304047ffe2176bb485bc01
f91c90d658491f94e73dfc9855c47b8fa877dff6
abfca8bf66c69e0e2136f9609c0ded21b387fdcef710b40618dee7ad4d070631

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27564
date: Wed, 07 Dec 2022 07:49:59 GMT
expires: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1414 / 978 of 1000 / last-modified: 1670367953"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.helpwire.com/assets/helpwire/favicon.ico

54.230.111.44

200 OK

18 kB

URL HTTP/2
www.helpwire.com/assets/helpwire/favicon.ico
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
MS Windows icon resource - 4 icons, 16x16, 8 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
18 kB (17798 bytes)
Hash
8c88e3b6919c49409bd9744ee68c5511
70c07b82f79743ca83711009dc42985580b078fe
e676a7382a18b26fe268599dbd08bfd5380eafd20042f544b25d00df10a35f09

HTTP Headers

GET /assets/helpwire/favicon.ico HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 17798
date: Wed, 07 Dec 2022 07:50:00 GMT
last-modified: Wed, 07 Dec 2022 00:38:34 GMT
etag: "8c88e3b6919c49409bd9744ee68c5511"
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ptWbaeWjzdrAsTZyUtA5Bh4Y4wPpU_T8GEuLUSz3PnfyFy04uKqYyg==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js

54.230.111.44

200 OK

2.3 kB

URL HTTP/2
www.helpwire.com/_next/static/chunks/3493.e102016899dee344.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
data
Size
2.3 kB (2321 bytes)
Hash
956712cb5676f1b81122c424244c9cd8
35bb3e0f853e2139ebd87f2a161af558862c476e
52fc1bb0027a191d8d2bd131804af4d3223952393d614fe8b3d8ca2b12308655

HTTP Headers

GET /_next/static/chunks/3493.e102016899dee344.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"1fe1f60389ad9fd611c6389ff6e2611e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NVnz81SeCwsAtjcZb1LymOk22DRCuLASVrZPePW4yXo0fmFsYcf6cA==
age: 25546
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js

54.230.111.44

200 OK

138 kB

URL HTTP/2
www.helpwire.com/_next/static/chunks/5675-87136af191a34387.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
data
Size
138 kB (137775 bytes)
Hash
2a83f0fd5c268b15a54a602999c7c524
d99bf440582ff0153e1f974d1505490a3c0364f6
ba401e86aa8b1102ef11cae33f1de5d458e2b222e90d2f7baf9a5531ed5d47b4

HTTP Headers

GET /_next/static/chunks/5675-87136af191a34387.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e195706c78902e7db3c14efa1580fee1"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FH5VFq3U88f1lAuLx4X3i1ZV2_doyyzESIFa1479UQI_pJekOX-XUA==
age: 25546
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js

54.230.111.44

200 OK

19 kB

URL HTTP/2
www.helpwire.com/_next/static/chunks/2489-8969c03bb192615f.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
19 kB (19145 bytes)
Hash
4a74cfef91e7e9a2c6d1a31750f01b42
922ca1d9f86aa8ae93896f893beec1cc09bbb2b5
918cc1809a09c3680f534b4d2e19313ca7cc1679c571d5978b22b6d465bf1909

HTTP Headers

GET /_next/static/chunks/2489-8969c03bb192615f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"91e4cc118694d429f40b290fabc6c486"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9EAOkRFOM9HWK1VQzL3DvZz-iPkjA93MDBK-oJ5hNfTzanEYhq72Kg==
age: 25546
X-Firefox-Spdy: h2

www.google.com/adsense/search/ads.js

216.58.207.228

200 OK

65 kB

URL HTTP/2
www.google.com/adsense/search/ads.js
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
data
Size
65 kB (64982 bytes)
Hash
6802d5f05332e6d2729346f84760f7b8
18c5832624dfbdb30e036503360d195e9ae5c5c5
dbf5db00f477984a70311f12ade650985994b01bbf36ccece004aba800251b7b

HTTP Headers

GET /adsense/search/ads.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 07 Dec 2022 07:49:59 GMT
expires: Wed, 07 Dec 2022 07:49:59 GMT
cache-control: private, max-age=3600
etag: "9619119662420944098"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js

54.230.111.44

200 OK

1.5 kB

URL HTTP/2
www.helpwire.com/_next/static/chunks/pages/_app-ae91de5da9f4357b.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type
data
Size
1.5 kB (1510 bytes)
Hash
70d81483e66461e910413230d9388792
bbf5db7a85e13b358ca5353d028673eef59a3a16
f2f176525e776c1b6ed819a88dda181d80f7eeac3a587dc6a6362d8e84ac6a89

HTTP Headers

GET /_next/static/chunks/pages/_app-ae91de5da9f4357b.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"63a86bcb0a35020870cc81256fbc1581"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tX8eowMkNb4O_YGrib5fVkyMV7uF2cyy_TLN4xxLXlSRye1os-LyoQ==
age: 25545
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=1741246512876651&ev=PageView&dl=https%3A%2F%2Fwww.helpwire.com%2Farticles%2Feasy-home-improvement%3Fq%3DVeeam%2520Ransomware%2520Protection%26src%3Dmg%26gch%3DT0000012%26visitor_id%3D624262918263025675%26target_id%3D3647676%26campaign_id%3D6397242%26link_key%3D044b19c4909988c1a51b958aa7e2bfdd&rl=&if=false&ts=1670399399484&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670399399484.951219127&it=1670399399143&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 07:49:59 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b746371785ba1bc6cb2cc00c52bde896
20009dbca55e8dcce2a4d2ac36111204c70d53cb
996b87c3a6dcd333df24be291f9e2b7b5631fbc3f0809f04c47cd76043a466f2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2732
Cache-Control: max-age=104205
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:49:59 GMT
Etag: "638f2f09-117"
Expires: Thu, 08 Dec 2022 12:46:44 GMT
Last-Modified: Tue, 06 Dec 2022 12:01:13 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279

geolocation.onetrust.com/cookieconsentpub/v1/geo/location

104.18.27.85

200 OK

81 kB

URL HTTP/2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
104.18.27.85:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (65383)
Size
81 kB (81183 bytes)
Hash
38e517680dcae46b2de7da0a82bdfe27
d259149805855d6becd76f5e10ac42938eb6d72d
0f78d5a28a0053e52ca52c273dca0ca11a34eda87b259c4f39cdfee1d6dd52fc

HTTP Headers

GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.helpwire.com
Connection: keep-alive
Referer: https://www.helpwire.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:59 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775baaf94ffe0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json

104.16.149.64

200 OK

13 kB

URL HTTP/2
cdn.cookielaw.org/consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (50338), with no line terminators
Size
13 kB (13391 bytes)
Hash
fa3718df3afd6e77692e4439dafd9f43
7948e94914845712bfcde422358430aa7f802b2f
773000749ff033354710f616a152ee9c13cc6004e08dcd883fc114815716d675

HTTP Headers

GET /consent/87c26e94-acc3-41b3-85ed-3c9e1e798677/db9a8bfb-f407-4613-87a1-5679f28a722a/en.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:59 GMT
content-type: application/x-javascript
content-length: 13391
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: +jcY3zr9bndpLkQ52v2fQw==
last-modified: Tue, 27 Sep 2022 17:18:58 GMT
etag: 0x8DAA0AC5CF2AD31
x-ms-request-id: ceb7e151-301e-00ff-4795-d2e57e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 8078
expires: Thu, 08 Dec 2022 07:49:59 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baaf9ec13b521-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcTab.json

104.16.149.64

200 OK

12 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcTab.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (36232)
Size
12 kB (11931 bytes)
Hash
5a9bd274ec42175644c81d3d3a9dfd4f
48456f3b2295d725ed3e241afb5f02c57325aab0
cc3efa846541bfb923aa1ca04687dde040cf9cf7781855655077b4429b61b9d9

HTTP Headers

GET /scripttemplates/6.32.0/assets/v2/otPcTab.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: application/json
content-length: 11931
content-encoding: gzip
content-md5: WpvSdOxCF1ZEyB09Op39Tw==
last-modified: Fri, 18 Mar 2022 16:29:17 GMT
etag: 0x8DA08FC7270043D
x-ms-request-id: e1fa97ac-e01e-011c-7fad-5646a4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa1c52b521-OSL
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json

104.16.149.64

200 OK

2.6 kB

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (7860)
Size
2.6 kB (2565 bytes)
Hash
b287063f84278e7a19dd038cdf2ed9b6
ad982f153b4e3fab6f0a33714d7ba60fc963c5f0
aafb5e4fd2ee23d7b06bbdbd0be1c00ca7f804fb29e9171f2a97995e3644bb36

HTTP Headers

GET /scripttemplates/6.32.0/assets/otFloatingRoundedCorner.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: application/json
content-length: 2565
content-encoding: gzip
content-md5: socGP4QnjnoZ3QOM3y7Ztg==
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
etag: 0x8DA08FC71DCDA25
x-ms-request-id: aab9ca01-701e-00da-19b4-567dcd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa0c3db521-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
e212a52bff44776e39a0d58077799be4
248f12fb3e0421e97d05f5f0d9475f7fbc8e06c7
8231e2fdacf43a377bf9c619a52ef742f447081ca03a043bf4bf9ca12403f85f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5213
Cache-Control: max-age=146998
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 07:50:02 GMT
Etag: "638fcc83-118"
Expires: Fri, 09 Dec 2022 00:40:00 GMT
Last-Modified: Tue, 06 Dec 2022 23:13:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280

www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/pages/articles/%5Bslug%5D-8d887ec3c4fe42a8.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e15eeefc27e2f5e37f3cbb8759623c5b"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pxb_B48733R9l-Yn1U4c32hUrFbCww37uYY3sNS5CxtwvPzqeYN3Tw==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/AwjeBsmdDVNGYeOtHruZM/_buildManifest.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"58ae92e18213cfd5cd715261c7a63634"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c7mAbZPz0BmnZH_BQxQf7bbZyE90ndwqLhempjTFR2xe9xVHbwBxzA==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/scripts/google_rs_body.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/scripts/google_rs_body.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/google_rs_body.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:49:59 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"8d537ab256654672dd15b33bb8ac6eac"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mpeXwQcEqsZFxIxzmbTJlGD7iyt_vWTfXy-8lRghNO2gE1Ci_fRxOA==
X-Firefox-Spdy: h2

track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ

18.192.108.151

200 OK

0 B

URL HTTP/2
track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ
IP
18.192.108.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1670399396477&hash=lxXd9QLvEhQA7riAaEnIn-wFsr6eUnEJP-oOLpnnq3Q&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=PbVITkNClEmr-BA-UVXWm9vy16pdbuxJ-aiLGA7az6A; cc-v4=K6P3qrLXEsdBlKIH9BYYtrOB269NhQw8yCCcrIZjzCxqO7BErPLYu9zM%2F3YSiFdy%2BXB7q3nKB5RkMSTDnr3%2FFPrwEdArFh84t9H7UuXSt7Ivjxf3uEfYMKyb5WI5mHEOU43VuDb3HhLv4tVf2U6XXw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 07:49:56 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/webpack-6bf17bd08c9c0c1f.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/webpack-6bf17bd08c9c0c1f.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"6352db52f27a8ed05afa440d06cfbe9e"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XW-QsOIbrsF1DYUJkDTnfbhnXPU2SZVQSxkNwBSF3OSdNGb8u1mBSQ==
age: 25545
X-Firefox-Spdy: h2

exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}

172.67.155.44

200 OK

0 B

URL HTTP/2
exceptionalphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP
172.67.155.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: exceptionalphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:49:54 GMT
content-type: text/html
last-modified: Mon, 13 Jun 2022 09:09:10 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShVjGM34%2BqJe4injq%2FJsXcQUUoTroJefk6Fi1L4ZE9yj6zMqUEWoQ38tjecGi%2BDvU9O1vIEiiKjUWEyFbSZt5NNARM6S93i53SSU3s1o0b9JTGD5Bl0pjLwYQs1qswSo7oM9ze9G1ZRoe8jgdcyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775baad44a2c0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/framework-a661be0ab3977016.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/framework-a661be0ab3977016.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"42969190930a47add78d0553ad3decd6"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zocqguCgsMdmgI4f4svzwTXuoxJT28c7L-io9AoTV_M--ZKcH1KESQ==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/main-b9cb64723e338c4c.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/main-b9cb64723e338c4c.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"2fb1f137ee1b94f6d707d0e5bb718d68"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wf9nD7h5JGl7JpfdcYwbLiTnsANCHwaqo6zX0d7PqBmPKyltNUyeEQ==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/9063-1bec776d34b6942e.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/9063-1bec776d34b6942e.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"4e505b655b165ba96b14f7a6ad8d06f9"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GQ5QL8GPz6O7dciNCOB9MvV5UJJEdNElwHQICcIaCe_ZCkKulHt8WA==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/2121-4fe4ce6739beb5e7.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/2121-4fe4ce6739beb5e7.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"df06edd9f2d58887377191e1def2d748"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SprQrdiKaFBnS4YgEvn5SW1qXGoJgDVQdN2mfvfPx9dQ72ZBxKPVxg==
age: 25545
X-Firefox-Spdy: h2

www.helpwire.com/scripts/fb.js?v=0

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/scripts/fb.js?v=0
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripts/fb.js?v=0 HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 07:50:00 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"e9075df74bdbf0956f03b84308a735d8"
server: AmazonS3
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WJbRNB42CsVLLRLhIya3UMsaVu1M3e7uMyTH4sXBVeEQ5lQkBLY16w==
X-Firefox-Spdy: h2

www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
server: CloudFront
date: Wed, 07 Dec 2022 07:49:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: public, max-age=600, s-maxage=1200, stale-while-revalidate=60
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP 8.1.2
set-cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}; path=/; secure; httponly
etag: W/"uajfq4f7y5xf0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wfV1g5lGYJP8AXnodR0t8u0tf4N0LHGKhU05Q7_yxeqlwzb6stByaw==
X-Firefox-Spdy: h2

cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css

104.16.149.64

200 OK

0 B

URL HTTP/2
cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css
IP
104.16.149.64:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/6.32.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.helpwire.com/
Origin: https://www.helpwire.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 07:50:00 GMT
content-type: text/css
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
x-ms-request-id: 27c0e757-101e-00a7-5d44-66e105000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 3074
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775baafa1c56b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/9669-97c5cf1761642ab6.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/9669-97c5cf1761642ab6.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:13 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"3b84c3631391d301a78a469413875f14"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZIMmFWdRgD1Rul-mDdjM4iFNf_MoZ41pVoVNZCc4KxCB8hsROI4TLQ==
age: 25546
X-Firefox-Spdy: h2

www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js

54.230.111.44

200 OK

0 B

URL HTTP/2
www.helpwire.com/_next/static/chunks/5729.31080824f0d629b2.js
IP
54.230.111.44:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/5729.31080824f0d629b2.js HTTP/1.1
Host: www.helpwire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.helpwire.com/articles/easy-home-improvement?q=Veeam%20Ransomware%20Protection&src=mg&gch=T0000012&visitor_id=624262918263025675&target_id=3647676&campaign_id=6397242&link_key=044b19c4909988c1a51b958aa7e2bfdd
Cookie: np_data_cookie={"src":"mg","site":"helpwire","tt":"T0000000","q":"Veeam Ransomware Protection","gch":"T0000012","usx":"ce3fb243-710e-473c-b227-575acdc73cfe","htc":"07122022-12121559fd67a700c75346ccc1df09f67a34f9"}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Wed, 07 Dec 2022 00:44:14 GMT
last-modified: Wed, 07 Dec 2022 00:38:33 GMT
etag: W/"489a9bb7ca6f3965afd3155a5050414d"
cache-control: public, max-age=31536000, immutable
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pBJPYQzktOe29tPgSdY68-R_mtzT8KAqrh3eeMw2aQar7UjDGYIwHg==
age: 25545
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (93)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP