ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
200 OK 16 kB URL HTTP/1.1 ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (891)
Hash de5c74df32c3d72047349b1c47980125
3889c096794baddd094a07a11f209711d87c4ea4
1dfc58cb763cc015a80f046006f4265ee583e88b5f55ed067d715a455836f734
GET /indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:26 GMT
Server: Apache
X-Powered-By: PHP/8.0.23
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 15506
Keep-Alive: timeout=5, max=150
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17455
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:12:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9c078cf62ea8987c07cb33f6c4e5cb5e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: 3o-HH9DBlnnUW4x8Ky2PIAo9niKixMGysuMwC3pvY0PpypVvrD_qSg==
Age: 546
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 0c6608381c6e16c344d8596c47c9b95c.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-C2
x-amz-cf-id: KA1-sMCsqQfH5rEltto9TNPJonPN7GNYE5G05M1br8lZZKne163KmA==
age: 67151
X-Firefox-Spdy: h2
ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
200 OK 887 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5bc75ba11f81a22385a0ae9e793667e3
d10c4324bd473f46357a6c5b39471d77ac89100b
e22951dfe9ba6e7647dc20d03c0c9d64b8bc4aadb4092ef8909875b7942856d0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3c4-c4a-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 887
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:12:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ecwspace.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
200 OK 5.4 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/allModuleJS.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (2136)
Hash fa7439f278f5c5cf7ee2855875d4e7d0
108f7869972d63fcf7aadb1d31d2b7ddd71be4a8
1c48ae739b71e890577621b1909aa2f1a80b9b16e6bbf9f5ebf35d846ee7f8ee
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/allModuleJS.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3ca-5953-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5420
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
200 OK 270 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/interac-jqm.css
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (697), with no line terminators
Hash 7534f41656e4508b99ceb183c1ca89c9
48417527d4a27f1dfeb4d0d0d1504643e6d4e4bd
4e64762a044954fd877be125196a9a9b4c4f2604bb3c7d8946a96af4f0757905
GET /INTERAC%20e-Transfer_fichiers/interac-jqm.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a43e-2b9-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 270
Keep-Alive: timeout=5, max=150
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
200 OK 139 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery-ui.css
IP
ASN #39729 Register S.p.A.
Hash 77e6cda27d3dfbb54647e9e08d52c3ca
6bc021fef9917cf472ca3c4a1a3981c278612d8b
852cc3c0f3d89d86d71e8049f029a2934ee8afddebb4d5b10e7d29d872bc990e
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a43f-87-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 139
Keep-Alive: timeout=5, max=150
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
200 OK 13 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery_002.css
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 50ad6ea9221d2e7bf413afa578770e5a
d7893a623d15c746534dc04bb814ec8106ccb215
6cb039913485b9e837526a095aa0b9708e57c5cfa7a475afc59fe00201d08f58
GET /INTERAC%20e-Transfer_fichiers/jquery_002.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a443-1ef5f-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12925
Keep-Alive: timeout=5, max=150
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery.css
200 OK 10 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery.css
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (65398)
Hash 096c6c317eaf522a549ce33d4608eaf1
ea753d0988eecaffb9f984936352cd329577aedd
58b371aee6ced564d0ac1655703d7493a37c102aa8ed20cd24f383e99e00294e
GET /INTERAC%20e-Transfer_fichiers/jquery.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a441-10c68-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10222
Keep-Alive: timeout=5, max=150
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/gtm.js
200 OK 22 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/gtm.js
IP
ASN #39729 Register S.p.A.
File type Unicode text, UTF-8 text, with very long lines (10041)
Hash f98b32b2888b43de60985c4bef251de1
49a653bf8361c813eaa98df41a83b781382d8089
73ac8eb82b93720891f637e5698abccb08cce259ca0e8745447281a814eff3a9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gtm.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3d6-e1cc-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22505
Keep-Alive: timeout=5, max=150
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
200 OK 5.0 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery-ui.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (13097), with no line terminators
Hash f23a381026a69389281b8a3ce0361491
44be0ba5fc1f63c9336d561acacb42d52b5f66c9
1c1fcc79ff9c1a1faa340a90b8c7da0afd9aa3da0776402abc669d534c625c9f
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery-ui.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a440-3329-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5045
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
200 OK 3.9 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/generalCSS.css
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (16962), with no line terminators
Hash fb37c65e9b085e20f750e68168c3d719
959b8e89a929d78118e5b05483b1b32fa15358d6
4f820ff28193eaaaf9e4b30c88d0d41a4d83cdbd93f74127fbca40a0867ed41d
GET /INTERAC%20e-Transfer_fichiers/generalCSS.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3d4-4242-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3872
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
200 OK 6.0 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/GTIe8CSS.css
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (31904), with no line terminators
Hash c062bcfc97ed8509fdf0b4425df0b76b
74c983dd991dc3bd7d54a719e35e59b9e129a698
91cbc91af62f2f2e9f1a053f2efa071c0694dc0296eab177d276539eb331d13d
GET /INTERAC%20e-Transfer_fichiers/GTIe8CSS.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3d5-7ca0-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6004
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: text/css
ecwspace.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
200 OK 261 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/gatewayInitJS.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (389)
Hash 466ea54d2d14b76616a4a0e38d350f93
c50ae8c0cd1e286da42ec4aa21a51121c4bd54ff
e4d944a44f3b502312ffe7f35a92521f095b7502ef200bc0ec0e3a0f96706748
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/gatewayInitJS.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3d3-1c8-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 261
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
200 OK 51 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/vendorJS.js
IP
ASN #39729 Register S.p.A.
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash f66813a1b81cbc966ac14159203fcd74
f59b300d34d6718e0c1bb677e2bdf0371ceaa456
7879fdb56ed4e8c5995f2a0cfc5a009b1e19f3410590fc3b36c248c18827e8dd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/vendorJS.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a458-26c52-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 51111
Keep-Alive: timeout=5, max=149
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/linkid.js
200 OK 852 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/linkid.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1335)
Hash 2c9c1e44353bad2e6b729ad8674710e4
d00b7ce9bc66f3e76a107ae6f137727fa5995791
c1968f88dfb5ce136d3362a784a98f1972ce3cac12f7c06a3d599e180257d0a0
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/linkid.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a444-621-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 852
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/navJS.js
200 OK 384 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/navJS.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (422)
Hash 92a9da232cf39e8fcf68120dad16392c
b82769570500f44c5fcd6b561dc30ba98b83d133
25e686d2bc8cf36e7afced283e4eaaedf2cf16e530e7a861b1c2de81ccb7ba73
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/navJS.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a44a-33a-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 384
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/analytics.js
200 OK 12 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/analytics.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (1640)
Hash 616ccec12342c51d39c4ba1f2c5d43d0
6301c8e1466345500439a9d1151a7a591ade58a8
6f85ec6ee2e96425c5a499983302fa9c509cff923b27b10167b78bfd9518fdc7
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/analytics.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3cb-6c9d-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11595
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery.js
200 OK 0 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/jquery.js
IP
ASN #39729 Register S.p.A.
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/jquery.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a442-30d0e-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 55460
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
200 OK 2.7 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/nav-logo.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 90812ce2aad058af7e5b6425a6c13bf0
561ae8d75c0c992cad2fa7cbe7d817c6462acd4e
79fe6d320ad3e942f2a71b3ba6629c2010f8a0aa6b1c61ef799c53a230583090
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/nav-logo.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a449-1d47-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2745
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
200 OK 687 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/question-mark.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (758)
Hash 6f4a2388eba7c4ed3b9ba461cb3dfe76
3f29a78be2eadb03b3e33852da4800dc6bd51f80
93d5050c9d294809859ec6b66c41aaf40138adeeb1a919a30c608e6ad1c1f67a
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/question-mark.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a44c-4c5-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 687
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
200 OK 5.4 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js
IP
ASN #39729 Register S.p.A.
File type ASCII text, with very long lines (956)
Hash cf85935e855c1d038a7a801fd486574e
b487966f97abfa1edc0f1fa1caaf68ab8388071d
46c9f808693667e3a0dd3a8b69c785284aa35db824818fa3f02ae5bc6a036e01
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/conversion.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3c9-371a-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5421
Keep-Alive: timeout=5, max=148
Connection: Keep-Alive
Content-Type: application/javascript
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
200 OK 1.6 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 847f6156142a8661b2fd48170e71a2c4
eed4fc73a22fd7f74adaba05fa7f275a74f06bfe
3e7cf9dc0da3b32233c10f4617010e8a0509b48867ebfcba22dd3e852fc02e90
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_003.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a44e-143a-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1621
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/desj.png
200 OK 3.7 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/desj.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 403 x 125, 8-bit colormap, non-interlaced\012- data
Hash 4278f83f255df16adfe09508db4c8cab
81dbba55eceb89518d8166de3a8328c48b651264
7216e7d5b16f868bfb6b957d7e216ae8cba3595feefb16192e31f95bcf0e727e
GET /INTERAC%20e-Transfer_fichiers/desj.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3d1-e97-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 3735
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/INTERAC%20e-Transfer_fichiers/atb.png
200 OK 24 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/atb.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 1280 x 325, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a9a907f7e3e07d47638677d69b22233
62e1951d1f4b18e55660b91365450d211f5f68fd
094d934d457220b698180fec8869efd2e660617ef5c4cde0beee2d565f2d45a5
GET /INTERAC%20e-Transfer_fichiers/atb.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3cc-5f52-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 24402
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/INTERAC%20e-Transfer_fichiers/hsbc.png
200 OK 2.9 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/hsbc.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 479 x 105, 8-bit colormap, non-interlaced\012- data
Hash a3a130447908b7f7f0ac21a71d2b8d38
d383aeb0ef8daff6eae3f72e3952c9d977647441
4c2610e56b15714a1051d9bcf319e79c12872726b9d2ef9724c5ba925b8b2d23
GET /INTERAC%20e-Transfer_fichiers/hsbc.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a3d7-b4f-5d763cc5e0080"
Accept-Ranges: bytes
Content-Length: 2895
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/INTERAC%20e-Transfer_fichiers/mot.jpg
200 OK 6.5 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/mot.jpg
IP
ASN #39729 Register S.p.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 394x222, components 3\012- data
Hash e6d32407de0c1e524a0988b138d40c7b
bc4c5d2ae32177bd98622b1b85f441b0c57377ac
3ed11bc953873717966f08d8ab4c4424f63dfd8ea184eceee7214c9eb85f964b
GET /INTERAC%20e-Transfer_fichiers/mot.jpg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a448-1995-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 6549
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/jpeg
ecwspace.com/INTERAC%20e-Transfer_fichiers/manu.png
200 OK 2.2 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/manu.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 362 x 139, 8-bit colormap, non-interlaced\012- data
Hash acaf725c2dc664344ba4985085f9f06c
9f746cb89aa130e095e093c01289b255ca3f23e2
e129b8fdd752311dd85762cc8ca8b31999380c3a36e1d6e8da714f0d41a35681
GET /INTERAC%20e-Transfer_fichiers/manu.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a445-89b-5d763cc5e0080"
Accept-Ranges: bytes
Content-Length: 2203
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/INTERAC%20e-Transfer_fichiers/meri.png
200 OK 5.2 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/meri.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 441 x 114, 8-bit colormap, non-interlaced\012- data
Hash 773a9ef4874528ac29d748a34c60e7a8
cd356b6996706eb27731543d8271c609b1192850
05fe5e795ecda25ad8410df06fd848112c88b9aa75458caafc9fc8276362fceb
GET /INTERAC%20e-Transfer_fichiers/meri.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a447-146c-5d763cc5e0080"
Accept-Ranges: bytes
Content-Length: 5228
Keep-Alive: timeout=5, max=147
Connection: Keep-Alive
Content-Type: image/png
upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
200 OK 24 kB URL HTTP/2 upload.wikimedia.org/wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png
IP
File type PNG image data, 1200 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash b2ba0a626f3d1c3a79eacaa7857d489d
3db11508b6083869feb401f2c56b5927f2c4d1cd
c85bd673696df783cd1cf6f65b78792ca322b4aa638dfb5529855fbb5830b4b1
GET /wikipedia/en/thumb/7/77/Laurentian_Bank_of_Canada_logo.svg/1200px-Laurentian_Bank_of_Canada_logo.svg.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 14:42:11 GMT
content-type: image/png
content-length: 24368
etag: b2ba0a626f3d1c3a79eacaa7857d489d
last-modified: Thu, 15 Feb 2018 11:53:30 GMT
server: ATS/8.0.8
age: 27015
x-cache: cp3055 hit, cp3051 hit/1
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3051"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
x-client-ip: 91.90.42.154
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
200 OK 1.5 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 01e882b010ede8051c77624d98c92064
048a85f91f3d40c217780e34d70c2b9d466964d5
6aa100ec505dde22f8b029077a86d7437455a7663169b12dc139f24e7da3a73e
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_007.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a451-f23-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1538
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/pc.png
200 OK 4.1 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/pc.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 482 x 104, 8-bit colormap, non-interlaced\012- data
Hash 5120dce8a8f4f410b27032a0ff8291f5
a119a21c49ab490f96ead1191a8ec7cdff383586
1268ec2ae11982ea5617e2694a5be6017d078cdbd95610874e5715be14b7ebc1
GET /INTERAC%20e-Transfer_fichiers/pc.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a44b-1027-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 4135
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
200 OK 2.5 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6b17ee9e5c1f9e53f3bb4e6d75fcf5e5
a660ae2025f2a9cb04c7a735a515844384f2d980
8d993e5e8fac311de67175976b1e6ce02c325c271714c4f34aa9936a2b62e399
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_010.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a452-14fa-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2509
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
200 OK 1.6 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/CIBC_logo.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3b45d8dd5b5a0ed44491fa8ae740c276
988fba3163c62950d2cc0a4311a33727baf64306
dbacf08a27c4e8aff1fad45c5761e50d4e5782031d87db2a7bd83c7b6fac9ed4
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/CIBC_logo.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3ce-d52-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1636
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
200 OK 2.5 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d278076e6523caba30d5f0145c1393f5
32c4fb38262b798e33711c37f25a272f7f969ae5
0b5af221f02975dec35eeae8daa0463ca8689c4e8dab3aea8dcc31e25ae42a79
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_012.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a454-1bec-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2458
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
200 OK 585 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d891e1666cb7a2fbc9eb52d5c0f8714b
1bddac9818ad43cf8cc42dd13d958cf61a3c3b59
476deb1d4a7a46b01d55c3579b25e48b381d3464572135acb3ead93d5d3ec5f9
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_011.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:34 GMT
ETag: "224a453-3c4-5d763cc5e0080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 585
Keep-Alive: timeout=5, max=146
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
200 OK 1.8 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 57566b27daf2c01ba629e34597b7850d
fb821e20161d3a1eaa093c7470ec02a8db30b033
24f7ce5cf408afa0ca0e6791c2d54ab9e0e079906d25d2622f051153131b3349
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/retrieveLogo_013.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a455-122a-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1789
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
200 OK 42 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.gif
IP
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.gif HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3c6-2a-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: image/gif
ecwspace.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
200 OK 9.6 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/footer-logo-en.svg
IP
ASN #39729 Register S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 605a657ccb7f03fb0c97fe310e2df2ab
93dd26d820a3a86bdbe77ae8a8fe8a76fac28232
e7023bfce55688ed4af3cc2cfcd2857b9099b81cdc7f6a09aaf7b028b38a5f3b
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/footer-logo-en.svg HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3d2-82c9-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9613
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/svg+xml
ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
200 OK 246 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- exported SGML document, ASCII text
Hash 1450f4aee73dee0fb49b5cfe04eea41d
d31bda338241a1ba0b849d9d8a404531174793c7
74b0399ac4d32ca99e66b5a47cdd0e963668eb02743c861cabf66254c48dbfdd
Analyzer Verdict Alert fortinet Phishing
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3c7-1d7-5d763cc7c8500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 246
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Content-Type: text/html
ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
200 OK 42 B URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif
IP
ASN #39729 Register S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /INTERAC%20e-Transfer_fichiers/activityi_data/a_002.gif HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/INTERAC%20e-Transfer_fichiers/activityi.html
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a3c8-2a-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/gif
ecwspace.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/www.googletagmanager.com/gtm5445.html?id=GTM-5SR238
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fdd743f30da213d0d9a99207c37ec6e9
1bf5769a93d0960a672efca639863eec72c1a8dc
0a3b6d71fb28aab30de0d00f01172bfe747dc6020b6b845122a6133515be0d79
GET /www.googletagmanager.com/gtm5445.html?id=GTM-5SR238 HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca07ed23e6ceeb145435d2175efd8191
7ec216db239a29a4d5634cdae9d5c1ca4eeaf9ca
d368df93887da42b5290ba253cffb7761879a8e9cb1c4e1f38a9404612085447
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 32903591170c1abcb03331541ede6d77
0242fc561a70ab1f83f5d94a9ab81343d26a5054
9ea4be203a094f519c79694f1db30a4a28f159207f5dbb28a0825e8047b7541c
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 82000b1f7926538db6fcb76434e6fb62
f3338846940cea1e972146a6e3d74be22d173065
dfc4408476c083eb692b582ac1c9fc0b7e90a9d56d8eb4b5a8bb6e5319dbe41b
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5/jquery.mobile.structure-1.4.5.min.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ea259c0a92bf2b4777150ef8831eed4f
7ed64894e6fcc59e101380a40e6a4aaaed7f5f44
6af48d4d6ac2065de2ab861e11d46a9f2c393b59ae499bc48b82430cfd99a5d5
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery.mobile-1.4.5.min.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e169f82e7f9a483b2a87ef6f5c90efdf
57b6d8562934387ff5f205b6547774c299f93457
83c664fa52142baffa77c9cf895b5fda7daedf1ebb6e969059314ba990d7dbe7
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery.mobile-1.4.5.min.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24be3707d0ab151f3d24f0f9895cd3c6
c25b5ce3079a4fb1efec2fb296fc134bc3f2639e
4d4d69ec8c90d34e54206c3e836d09ff798cec5851dbe627c58385686930fa80
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-ui-1.11.4.custom/jquery-ui.min.js HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=142
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/INTERAC%20e-Transfer_fichiers/simpl.png
200 OK 188 kB URL HTTP/1.1 ecwspace.com/INTERAC%20e-Transfer_fichiers/simpl.png
IP
ASN #39729 Register S.p.A.
File type PNG image data, 3599 x 2443, 8-bit/color RGB, non-interlaced\012- data
Size 188 kB (187625 bytes)
Hash f5075ad61b53b3a22a2e2e3f4bacd1cb
2c14d7fc7a9cd61ec09ee48e55589a25220be288
9a22808680fe198d7a4093f54138a32e2e004b0728f2c89d2d471d932f74835a
GET /INTERAC%20e-Transfer_fichiers/simpl.png HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Last-Modified: Mon, 07 Feb 2022 01:48:36 GMT
ETag: "224a457-2dce9-5d763cc7c8500"
Accept-Ranges: bytes
Content-Length: 187625
Keep-Alive: timeout=5, max=145
Connection: Keep-Alive
Content-Type: image/png
ecwspace.com/getAllFisandCus.do?lang=en
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/getAllFisandCus.do?lang=en
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0e3531cde8d346fcc19c512dedfa347c
d5c57add768eb2fd5aad16f20d166896cd2f9fbd
46be6988a0ac29c5cb2f614080a229907a9c5d9878b3028faa0c49cf0aea1af4
Analyzer Verdict Alert fortinet Phishing
GET /getAllFisandCus.do?lang=en HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=142
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1054964488&cid=397381584.1664748747&tid=UA-53324311-1>m=GTM-5SR238&z=761574468
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1054964488&cid=397381584.1664748747&tid=UA-53324311-1>m=GTM-5SR238&z=761574468
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGCAgAAB~&jid=1054964488&cid=397381584.1664748747&tid=UA-53324311-1>m=GTM-5SR238&z=761574468 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 02 Oct 2022 03:23:36 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 67731
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=1644893099&cid=397381584.1664748747&tid=UA-53324311-2>m=GTM-5SR238&z=2145036303
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=1644893099&cid=397381584.1664748747&tid=UA-53324311-2>m=GTM-5SR238&z=2145036303
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j47&aip=1&a=1325539969&t=pageview&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=SGAAgAAB~&jid=1644893099&cid=397381584.1664748747&tid=UA-53324311-2>m=GTM-5SR238&z=2145036303 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 02 Oct 2022 05:59:54 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 58353
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=1325539969&t=event&ni=1&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=1474612903&cid=397381584.1664748747&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1672346685
200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/collect?v=1&_v=j47&aip=1&a=1325539969&t=event&ni=1&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=1474612903&cid=397381584.1664748747&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1672346685
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&_v=j47&aip=1&a=1325539969&t=event&ni=1&_s=1&dl=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ul=en-us&de=UTF-8&dt=INTERAC%20e-Transfer&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&ec=Scroll%20Depth&ea=Percentage&el=0%25&_u=SGCAAAABI~&jid=1474612903&cid=397381584.1664748747&tid=UA-53324311-1&_r=1>m=GTM-5SR238&z=1672346685 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sun, 02 Oct 2022 22:12:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 19826
Date: Sun, 02 Oct 2022 20:21:59 GMT
Expires: Sun, 02 Oct 2022 22:21:59 GMT
Cache-Control: public, max-age=7200
Age: 6628
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
ecwspace.com/favicon.ico
404 Not Found 1.3 kB IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c81ddedc2eacb40934c6bdea9f778f0e
df19a5d5956c6e45474ca4bdc9275cba97bae069
989bcb2b97da4678302a30608baa68b01896aa0d79ecfc57bd60aa21b935f925
GET /favicon.ico HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=144
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 196e3bd776f30cca25becda1c6f68f98
a2b35cc1afdcb5e69a1ca6209b1f42693b43f2d7
5ff31f1eb1cebb7cf522094e8b259b7c57134ecac5f51d4fb4943888cc4f65fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 196e3bd776f30cca25becda1c6f68f98
a2b35cc1afdcb5e69a1ca6209b1f42693b43f2d7
5ff31f1eb1cebb7cf522094e8b259b7c57134ecac5f51d4fb4943888cc4f65fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 196e3bd776f30cca25becda1c6f68f98
a2b35cc1afdcb5e69a1ca6209b1f42693b43f2d7
5ff31f1eb1cebb7cf522094e8b259b7c57134ecac5f51d4fb4943888cc4f65fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/954740125/?random=1664748747453&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
302 Found 76 B URL HTTP/2 www.googleadservices.com/pagead/conversion/954740125/?random=1664748747453&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
IP
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/conversion/954740125/?random=1664748747453&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y4TMNdfJYqC8uqgE&sscte=1&crd=CJqqsQI
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ea259c0a92bf2b4777150ef8831eed4f
7ed64894e6fcc59e101380a40e6a4aaaed7f5f44
6af48d4d6ac2065de2ab861e11d46a9f2c393b59ae499bc48b82430cfd99a5d5
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/interac-jqm.min.css HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=143
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
404 Not Found 1.4 kB URL HTTP/1.1 ecwspace.com/resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html
IP
ASN #39729 Register S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ca07ed23e6ceeb145435d2175efd8191
7ec216db239a29a4d5634cdae9d5c1ca4eeaf9ca
d368df93887da42b5290ba253cffb7761879a8e9cb1c4e1f38a9404612085447
Analyzer Verdict Alert fortinet Phishing
GET /resources/newgateway/vendor/jquery-mobile-theme/themes/jquery.mobile.icons.min.html HTTP/1.1
Host: ecwspace.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ecwspace.com/indexx.php?0hrcode-myonportal=6&cmdonline=transfer-codee3fddca591f8af010bbeabfdccb9af4a
Cookie: _ga=GA1.2.397381584.1664748747; _dc_gtm_UA-53324311-2=1; _dc_gtm_UA-53324311-1=1; _gat_UA-53324311-1=1
HTTP/1.1 404 Not Found
Date: Sun, 02 Oct 2022 22:12:27 GMT
Server: Apache
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=141
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
www.googleadservices.com/pagead/conversion/981124174/?random=1664748747276&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/981124174/?random=1664748747276&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/981124174/?random=1664748747276&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y8eLNoi2Ydr6mcgK&sscte=1&crd=CJqqsQI
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-2&cid=397381584.1664748747&jid=1644893099&_u=SGAAgAAB~&z=1394664766
200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-2&cid=397381584.1664748747&jid=1644893099&_u=SGAAgAAB~&z=1394664766
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-2&cid=397381584.1664748747&jid=1644893099&_u=SGAAgAAB~&z=1394664766 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/conversion/979606057/?random=1664748747483&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/979606057/?random=1664748747483&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/979606057/?random=1664748747483&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y6SwNoWtYqrCs5AJ&sscte=1&crd=CJqqsQI
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=397381584.1664748747&jid=1054964488&_u=SGCAgAAB~&z=1234531692
200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=397381584.1664748747&jid=1054964488&_u=SGCAgAAB~&z=1234531692
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?t=dc&aip=1&_r=3&v=1&_v=j47&tid=UA-53324311-1&cid=397381584.1664748747&jid=1054964488&_u=SGCAgAAB~&z=1234531692 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ecwspace.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 cccbced9d09951cf2e947066c4fc2442.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: yEkgZH6WIjTyBdpoSAmDmlnQ_-XeP2mm8CcquDDzSFpE18XrAlE4lA==
Age: 2374
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b8bbcf8d1aa0bb18cc23dea324f56b77
6ed68a9b076fb1abd3c435ffc89a3ca8633e1a54
fe44bf96466d2c41c6c1efba56e6e2a29b98e1e33ebaabf18d95ef5901acfee2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y6SwNoWtYqrCs5AJ&sscte=1&crd=CJqqsQI
302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y6SwNoWtYqrCs5AJ&sscte=1&crd=CJqqsQI
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y6SwNoWtYqrCs5AJ&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 22:27:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y8eLNoi2Ydr6mcgK&sscte=1&crd=CJqqsQI
302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y8eLNoi2Ydr6mcgK&sscte=1&crd=CJqqsQI
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y8eLNoi2Ydr6mcgK&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 22:27:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y4TMNdfJYqC8uqgE&sscte=1&crd=CJqqsQI
302 Found 76 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y4TMNdfJYqC8uqgE&sscte=1&crd=CJqqsQI
IP
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/viewthroughconversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=yww6Y4TMNdfJYqC8uqgE&sscte=1&crd=CJqqsQI HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 22:27:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5602
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Last-Modified: Sun, 02 Oct 2022 20:39:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088
302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399
302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483
302 Found 76 B URL HTTP/2 www.google.com/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483
IP
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483&ipr=y&prhg=0
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088&ipr=y&prhg=0
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088&ipr=y&prhg=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/979606057/?random=78380817&cv=8&fst=1664748747276&num=3&fmt=3&label=USQkCKH7zmIQqbSO0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y6SwNoWtYqrCs5AJ&random=3522434088&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483&ipr=y&prhg=0
200 OK 76 B URL HTTP/2 www.google.no/pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483&ipr=y&prhg=0
IP
File type HTML document, ASCII text, with no line terminators
Hash 7d4e21ac635bc6d350ec37fac5d24546
d289b7f969d3c91d754e3976da75e9c9ea948d96
63d8bfea184dc022dd8257788f16a903ebc2f916adb6e289ef27b4b075a3268d
GET /pagead/1p-conversion/954740125/?random=525547071&cv=8&fst=1664748747276&num=2&fmt=1&label=0x9BCJvGwGMQndugxwM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y4TMNdfJYqC8uqgE&random=1812705483&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 76
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399&ipr=y&prhg=0
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399&ipr=y&prhg=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/981124174/?random=1964270892&cv=8&fst=1664748747276&num=1&fmt=3&label=T3JACK2A7mMQzojr0wM&bg=ffffff&hl=en&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&frm=1&url=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ref=http%3A%2F%2Fecwspace.com%2Findexx.php%3F0hrcode-myonportal%3D6%26cmdonline%3Dtransfer-codee3fddca591f8af010bbeabfdccb9af4a&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CJqqsQI&is_vtc=1&ocp_id=yww6Y8eLNoi2Ydr6mcgK&random=1113760399&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ecwspace.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:12:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:12:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eLc97u1GUzDRzxXmW/CBoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DVrw1d31c1Qpy1clH3Ot4cwQXNk=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6593
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:12:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6593
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:12:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6593
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:12:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:39 GMT
age: 63050
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 1553
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QUAqebzhQ9iSZGYTDNVjov5z04lkVREs5HYXMjFziBKHiTJIEFtIyg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:25 GMT
age: 1624
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 1553
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91079e915678800d2e2e1f68415d5dc4
2d543d6b1bed9901437c3b880bd415ece354cbf7
b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vwxQ66TiwYUOkU8eN1EMUraA6OlSIn7I1B9VHz9RrAL4z_RI_igMJQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 1553
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
400 Bad Request 3 B URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif
IP
File type ASCII text, with no line terminators
Hash fcc3d7489d15ef49dbbf735234234cf7
654e0aaee80e38636c503629d32225db31a616de
52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Sun, 02 Oct 2022 22:12:29 GMT
content-type: application/json
content-length: 3
x-amzn-requestid: 21b00902-6c5c-435f-8470-beee44cb1f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZbezElEoAMF4JQ=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0c5e-696c933d4683255b437f5378;Sampled=0
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: m3TlZrYbwyHyKR0MQs0m13dGkx2rr5o89sJJDyo2bSdtxwqZ85Xf-w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
200 OK 1 B URL HTTP/2 img-getpocket.cdn.mozilla.net/direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450
IP
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date:
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:17 GMT
age: 1812
etag:
content-type: application/x-empty; charset=binary
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
81.88.53.29
91.198.174.208
23.36.77.32
93.184.220.29