urlquery - report: fieldrep101.com/wp-admin/uq/index.html

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
www.micstatic.com (6)	120170	2015-07-22 21:43:48 UTC	2023-01-28 20:20:25 UTC	104.18.21.229
www.google-analytics.com (2)	40	2012-05-21 09:41:50 UTC	2023-01-31 02:52:03 UTC	216.58.207.206
stats.g.doubleclick.net (1)	96	2012-07-01 17:13:23 UTC	2023-01-31 01:52:49 UTC	173.194.73.154
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-01-30 17:12:02 UTC	35.241.9.150
fieldrep101.com (8)	0	2015-06-12 08:50:17 UTC	2023-01-31 13:15:17 UTC	192.232.216.140	Unknown ranking
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2023-01-31 01:22:54 UTC	93.184.220.29
www.google.no (1)	25607	2012-06-26 23:22:08 UTC	2023-01-31 03:02:21 UTC	142.250.74.67
stackpath.bootstrapcdn.com (1)	2467	2018-04-05 04:41:29 UTC	2023-01-30 23:28:58 UTC	104.18.10.207
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-01-30 17:40:18 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-01-30 17:13:18 UTC	34.117.237.239
ocsp.dcocsp.cn (1)	33518	2018-11-07 13:15:36 UTC	2023-01-31 00:23:11 UTC	79.133.176.228
ocsp.pki.goog (7)	175	2017-06-14 07:23:31 UTC	2023-01-30 17:12:02 UTC	142.250.74.131
www.facebook.com (1)	99	No data	No data	157.240.205.35
r3.o.lencr.org (10)	344	2020-12-02 08:52:13 UTC	2023-01-30 17:12:04 UTC	23.36.76.226
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-01-30 17:15:40 UTC	35.164.184.133
bat.bing.com (3)	387	2014-04-08 09:23:16 UTC	2023-01-30 17:12:12 UTC	13.107.21.200
www.made-in-china.com (1)	95945	2012-05-30 15:33:15 UTC	2023-01-28 20:20:25 UTC	104.18.30.240
googleads.g.doubleclick.net (1)	42	2012-05-21 07:15:40 UTC	2023-01-31 01:51:58 UTC	142.250.74.98
connect.facebook.net (1)	139	2012-05-22 02:51:28 UTC	2023-01-30 17:12:02 UTC	157.240.205.11
www.google.com (1)	7	2012-11-08 00:08:21 UTC	2023-01-31 02:27:44 UTC	142.250.74.164
region1.analytics.google.com (1)	0	2022-03-17 11:26:33 UTC	2023-01-30 20:15:28 UTC	216.239.34.36	Domain (google.com) ranked at: 1
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2023-01-30 22:05:30 UTC	34.120.237.76
fa.micstatic.com (5)	153248	2020-03-25 05:07:14 UTC	2023-01-28 20:20:26 UTC	104.18.25.206
maxcdn.bootstrapcdn.com (1)	724	2014-06-18 00:37:31 UTC	2023-01-30 19:25:00 UTC	188.114.98.234

Scan Date	Severity	Indicator	Comment
2023-01-31	2	fieldrep101.com/wp-admin/uq/index.html	Made-In-China

Scan Date	Severity	Indicator	Comment
2023-01-31	2	fieldrep101.com/wp-admin/uq/index.html	Phishing
2023-01-31	2	fieldrep101.com/wp-admin/uq/js/jquery-3.3.1.js	Malware
2023-01-31	2	fieldrep101.com/wp-admin/uq/js/jquery-3.2.1.slim.min.js	Malware
2023-01-31	2	fieldrep101.com/wp-admin/uq/js/popper.min.js	Malware
2023-01-31	2	fieldrep101.com/wp-admin/uq/js/jquery.min.js	Malware
2023-01-31	2	fieldrep101.com/wp-admin/uq/js/jquery-3.1.1.min.js	Malware

Date	UQ / IDS / BL	URL	IP
2023-03-22 12:30:13 +0000	0 - 0 - 7	20thstreetcoc.com/wp-content/uploads/onenoteD (...)	192.232.216.140
2023-03-21 14:03:52 +0000	0 - 0 - 7	20thstreetcoc.com/wp-content/uploads/onenoteD (...)	192.232.216.140
2023-03-21 09:38:45 +0000	0 - 0 - 7	20thstreetcoc.com/wp-content/uploads/onenoteD (...)	192.232.216.140
2023-03-21 06:05:12 +0000	0 - 0 - 7	20thstreetcoc.com/wp-content/uploads/onenoteD (...)	192.232.216.140
2023-03-21 02:31:34 +0000	0 - 0 - 7	20thstreetcoc.com/wp-content/uploads/onenoteD (...)	192.232.216.140

Date	UQ / IDS / BL	URL	IP
2023-03-28 09:35:55 +0000	0 - 3 - 10	paypal-support.com.desenvolvedortheosbank.com (...)	162.241.60.162
2023-03-28 09:35:22 +0000	23 - 2 - 0	huntington-banking.bhipvitality.com/login.php (...)	162.241.218.142
2023-03-28 09:32:17 +0000	0 - 0 - 0	chameleonmemes.com	162.241.80.15
2023-03-28 09:03:09 +0000	0 - 0 - 2	itfolkstechnology.com/upload/File_pass1234.7z	216.172.173.226
2023-03-28 09:02:18 +0000	0 - 1 - 0	egypttravelhub.com/1/1.exe	50.87.145.9

Date	UQ / IDS / BL	URL	IP
2023-01-31 15:20:09 +0000	0 - 0 - 7	fieldrep101.com/wp-admin/uq/index.html	192.232.216.140

Date	UQ / IDS / BL	URL	IP
2023-03-25 18:39:51 +0000	0 - 4 - 7	www.vyvaz.to/wp-content/plugins/TOPXOH/made/	62.109.154.31
2023-03-25 18:34:40 +0000	0 - 4 - 8	vyvaz.to/wp-content/plugins/TOPXOH/made	62.109.154.31
2023-03-25 18:07:32 +0000	0 - 4 - 0	www.vyvaz.to/wp-content/plugins/TOPXOH/made	62.109.154.31
2023-03-25 03:12:43 +0000	0 - 2 - 9	neogenesiseng.com/wp-admin/aa/	108.179.234.135
2023-03-24 01:01:49 +0000	0 - 0 - 7	officefurniturenowaz.com/mmmm	209.59.188.180

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6205 Expires: Tue, 31 Jan 2023 17:03:23 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0c35c3ec659d3a26ea97e68d787bb043 Sha1: d97e3672244efec5b7814f2d8a734cd1a9387854 Sha256: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18718 Expires: Tue, 31 Jan 2023 20:31:56 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d2e72d45afe3d391c204b5391599607c Sha1: 149d68b9d00a720b6f380fa2324779dca9dbe26d Sha256: f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 14:43:17 GMT age: 2201 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: dcd75ca6daca51c5e39d431468511793 Sha1: 07f76d3bf23d65c9110d810fa71a994e39e085d3 Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4981 Expires: Tue, 31 Jan 2023 16:42:59 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a8d45deaa7ebfcd996c2055dae592ab8 Sha1: 55befe074589fe7b39757c145968058162a8fc6b Sha256: 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: UUibIB0NgaWaiGp9BjIe/n2z0SVGVWhoxh2SRjwIj8Gnff7QjklG+jxyjozNlZt24/2EB2Hspys= x-amz-request-id: 892YMQNTR82JRV7D content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 14:51:12 GMT age: 1726 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 31 Jan 2023 15:19:58 GMT content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: fe5638d4038321de99e7a9a5d9b0a6742af4f36feae33a5da988e4c567170e0d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FE5638D4038321DE99E7A9A5D9B0A6742AF4F36FEAE33A5DA988E4C567170E0D" Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Tue, 31 Jan 2023 21:19:58 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4b7b3057ac2a630cb21e3a802099f94c Sha1: e0415bfe06f9c38ea7d0045c6f0f11f2a1da5dfd Sha256: fe5638d4038321de99e7a9a5d9b0a6742af4f36feae33a5da988e4c567170e0d
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 14:49:04 GMT age: 1854 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /wp-admin/uq/index.html HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: fieldrep101.com/wp-admin/uq/index.html FQDN: fieldrep101.com IP: 192.232.216.140 HASH: c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677 192.232.216.140 HTTP/2 200 OK content-type: text/html last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 5786 date: Tue, 31 Jan 2023 15:19:58 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4278), with CRLF line terminators Size: 5786 Md5: 3a21a349051115675eaa982f7fc4c059 Sha1: 960a0db04b6f3d70f3d7a9132398fc6ec3d24fbe Sha256: c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677 Alerts: Blocklists: - openphish: Made-In-China - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16196 Expires: Tue, 31 Jan 2023 19:49:55 GMT Date: Tue, 31 Jan 2023 15:19:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 22b9916fc1fafc9bdc9bb37f9eac8a9a Sha1: 86f640e134a741a0f906a8e3a0f5c6659dd0e394 Sha256: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3075 Cache-Control: max-age=130818 Date: Tue, 31 Jan 2023 15:19:59 GMT Etag: "63d8819e-118" Expires: Thu, 02 Feb 2023 03:40:17 GMT Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6451 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:19:59 GMT Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3075 Cache-Control: max-age=130818 Date: Tue, 31 Jan 2023 15:19:59 GMT Etag: "63d8819e-118" Expires: Thu, 02 Feb 2023 03:40:17 GMT Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6451 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:19:59 GMT Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: YjG3ZOrSr0IsxdEGeHP5jA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.164.184.133 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.164.184.133 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ke7783jErlhkQxk8G1RYKM/GNWU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-admin/uq/js/jquery-3.3.1.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.3.1.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 8630 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators Size: 8630 Md5: f147c47f24cea57ba71b885e54d15468 Sha1: 2beab8e912354f4c5e0d009045fb6a46dfc2b8d2 Sha256: 41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c Alerts: Blocklists: - fortinet: Malware
GET /wp-admin/uq/js/jquery-3.2.1.slim.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.2.1.slim.min.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 192.232.216.140 HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding content-encoding: gzip content-length: 20481 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with very long lines (14507), with CRLF, LF line terminators Size: 20481 Md5: 5be431a5aa50d702ec38c393b5ec1e82 Sha1: 77f75898b50cf59e90aee6293eb6526cc6919985 Sha256: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 Alerts: Blocklists: - fortinet: Malware
GET /wp-admin/uq/images/sign-default-buyer.jpg HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/images/sign-default-buyer.jpg FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3 192.232.216.140 HTTP/2 200 OK content-type: image/jpeg last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes content-length: 59332 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data Size: 59332 Md5: aad747a416ac43e97070741668013b7d Sha1: 545d66347ffafc166225f72072fb915ae52b970e Sha256: 844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3
GET /wp-admin/uq/js/popper.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/popper.min.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 192.232.216.140 HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding content-encoding: gzip content-length: 20481 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with very long lines (14507), with CRLF, LF line terminators Size: 20481 Md5: 5be431a5aa50d702ec38c393b5ec1e82 Sha1: 77f75898b50cf59e90aee6293eb6526cc6919985 Sha256: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 Alerts: Blocklists: - fortinet: Malware
GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2 FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d 104.18.21.229 HTTP/2 200 OK content-type: image/png date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 4621 last-modified: Wed, 16 Jun 2021 11:14:07 GMT etag: "60c9dcff-120d" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 328655 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc81bc6b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 4621 Md5: b173e18fb61eb3d489bfad3b2ea570fe Sha1: 71703d796c502703619ec696e447c937f700b605 Sha256: 488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d
GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/font/Roboto/400-regular/Roboto (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a 104.18.21.229 HTTP/2 200 OK content-type: font/woff2 date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 19832 last-modified: Wed, 16 Jun 2021 11:14:08 GMT etag: "60c9dd00-4d78" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc80bbeb4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978\012- data Size: 19832 Md5: ed2022705048507e5995ee72717e7fd4 Sha1: 570864c3bccc3e0e203fdd67be3cf850387faefb Sha256: e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a
GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/font/micon/micon-2/micon_3425a (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3 104.18.21.229 HTTP/2 200 OK content-type: font/woff2 date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 25720 last-modified: Tue, 07 Jun 2022 11:17:37 GMT etag: "629f33d1-6478" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc81bc9b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data Size: 25720 Md5: 90c821175fe52b5e89497d4249dce3b6 Sha1: 0bbacc3050dcf88f37fd6042a6719f83ba6ad83a Sha256: 18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3
GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=163 (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: ca047a30d120588641693c9ff4a0baf1534bf7cd7cf966de9014b57848cef0b2 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Fri, 10 Sep 2021 13:44:55 GMT etag: W/"613b6157-3042" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 4203 vary: Accept-Encoding server: cloudflare cf-ray: 79236dc80bbfb4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 23873 Md5: 8d3c533d286ea292a4ca21d396b9cae1 Sha1: 495ab17a70655400e42a7265d770c0e476602321 Sha256: ca047a30d120588641693c9ff4a0baf1534bf7cd7cf966de9014b57848cef0b2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:56:35 GMT age: 48205 etag: "6cf734e2d29938688913daacfb75506d8e004a94" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9987 Md5: 2c4934be94898028e2ab696561b51462 Sha1: 6cf734e2d29938688913daacfb75506d8e004a94 Sha256: 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5903 x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboufGeSoAMF-1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:03:25 GMT age: 65795 etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5903 Md5: 42a648f9d34d8fb703f0b80a52e0deec Sha1: 7ccefd66211d249ae5266c3b6ae3375a19e5cb6d Sha256: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11129 x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffDBZGRPoAMFedg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:50:52 GMT age: 41348 etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11129 Md5: 2797bfd35b7ec24888de84be14f7f2ec Sha1: 8e315ac5856967286eaa8769e081d827fb4ca39e Sha256: b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:48:17 GMT age: 63103 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13853 Md5: d957012d3e2b8c3bc0eefe11d66e8554 Sha1: 1959fdd94846fa3791c4890578dd15336b909dcc Sha256: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6844 x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flZsxH0YIAMF9ew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:42:39 GMT age: 49041 etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6844 Md5: 976dda397f9292a498ca9db5599c0378 Sha1: dad9e9c3462907a2475046aee36d57f8309cd44e Sha256: 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8558 x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_BFA8IAMFyvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:24:36 GMT age: 42924 etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8558 Md5: e6f9ffb8f9e99229b45ca5fdb84ce7d5 Sha1: 04577ad69ee9749b14382254eb5bbf0e1edcd7fa Sha256: 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.dcocsp.cn/ FQDN: ocsp.dcocsp.cn IP: 79.133.176.228 HASH: ff4a4e2599452ef5e3bd6642d244fd19f1310f9ddfd3d91d3ac24f70fc72578d 79.133.176.228 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Tue, 31 Jan 2023 15:09:00 GMT Ali-Swift-Global-Savetime: 1675177740 Via: cache21.l2de2[0,0,200-0,H], cache12.l2de2[0,0], cache3.gb1[0,0,200-0,H], cache3.gb1[1,0] Age: 660 X-Cache: HIT TCP_MEM_HIT dirn:10:331323572 X-Swift-SaveTime: Tue, 31 Jan 2023 15:11:42 GMT X-Swift-CacheTime: 3438 Timing-Allow-Origin: * EagleId: 4f85b09716751784007542621e --- Additional Info --- Magic: data Size: 471 Md5: a0b7d2ad43b37795c160829827a0a590 Sha1: fa043ae150e0ca2d1164cb0b829a55dc2c5d3395 Sha256: ff4a4e2599452ef5e3bd6642d244fd19f1310f9ddfd3d91d3ac24f70fc72578d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d81f874741beb45c89de8bb5c6de438e Sha1: a251ab903e654953631d84721479bbae55aa5cdf Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
GET /common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.micstatic.com/common/js/libs/sensors/sensorsdata.mi (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 1fa6235b67ae0ae3778533d8e0ba92bc47ee42cba107d3327b856a0237dd66f7 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Wed, 01 Sep 2021 09:19:47 GMT etag: W/"612f45b3-1461f" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 291167 vary: Accept-Encoding server: cloudflare cf-ray: 79236dcd1bf0b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 112740 Md5: 23ba27bd52f84fed5a05240835303339 Sha1: b70fe6eb4236e3cd5850f82613962a87602741f7 Sha256: 1fa6235b67ae0ae3778533d8e0ba92bc47ee42cba107d3327b856a0237dd66f7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d81f874741beb45c89de8bb5c6de438e Sha1: a251ab903e654953631d84721479bbae55aa5cdf Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DC7A2B9C7134C12FB997792CB851BE14838C846CFC84FD3D05EEE8BA401B365D" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2730 Expires: Tue, 31 Jan 2023 16:05:30 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d3ed942c34fca403c3b0ba0cc6e945ba Sha1: c591aab8dd289349ecf12159c2e2bae572491e83 Sha256: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DC7A2B9C7134C12FB997792CB851BE14838C846CFC84FD3D05EEE8BA401B365D" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2730 Expires: Tue, 31 Jan 2023 16:05:30 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d3ed942c34fca403c3b0ba0cc6e945ba Sha1: c591aab8dd289349ecf12159c2e2bae572491e83 Sha256: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d
GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221go46k796bbe%22%2Clinkid%3A%221go46k796bbe%22%2Curl%3A%22fieldrep101.com%252Fwp-admin%252Fuq%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22169%22%2Cc%3A%22540%22%2Cd%3A%220%22%2Ce%3A%22188%22%2Cf%3A%222%22%2Cst%3A%22-1%22%2Cg%3A%22939%22%2Ch%3A%221778%22%2Ci%3A%221951%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221872%22%2Cm%3A%220%22%2Ck%3A%222781%22%2Cp%3A%22362%22%2Cx%3A%7B%7D%2Cs%3A%2212801024%7C1280939%22%7D%7D HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.25.206 HTTP/2 204 No Content date: Tue, 31 Jan 2023 15:20:01 GMT timing-allow-origin: , cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dce2afbb512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAxLTMxIDE1OjIwOjE4LjExNCIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg2MDg2YTFmYmE0MTUtMGE3YzU3NTIwZmFjY2MtYzUwNTQyNS0xMzEwNzIwLTE4NjA4NmExZmJiNDExIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjcxMzY2ODExNX0%3D&ext=crc%3D-1154198569 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dce2b02b512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5319 Cache-Control: max-age=145313 Date: Tue, 31 Jan 2023 15:20:01 GMT Etag: "63d8b17b-1d7" Expires: Thu, 02 Feb 2023 07:41:54 GMT Last-Modified: Tue, 31 Jan 2023 06:13:15 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: aec352657815f12ffe0688a87de78b38 Sha1: b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e Sha256: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 69ffc0a3f7ca2b025a6b99f9c38889be Sha1: 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 216.58.207.206 HASH: 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db 216.58.207.206 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Tue, 31 Jan 2023 13:46:59 GMT expires: Tue, 31 Jan 2023 15:46:59 GMT cache-control: public, max-age=7200 age: 5582 last-modified: Tue, 10 Jan 2023 21:29:14 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1490) Size: 20085 Md5: ca7fbbfd120e3e329633044190bbf134 Sha1: d17f81e03dd827554ddd207ea081fb46b3415445 Sha256: 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: bat.bing.com/bat.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: 6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078 13.107.21.200 HTTP/2 200 OK content-type: application/javascript cache-control: private,max-age=1800 content-length: 11552 content-encoding: gzip last-modified: Mon, 23 Jan 2023 19:59:24 GMT accept-ranges: bytes etag: "076bc30652fd91:0" vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: F3EC7C6E387F41378DA073A42B522248 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (39395), with no line terminators Size: 11552 Md5: 4f378a725368a42971cd69e29f75db89 Sha1: 2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e Sha256: 6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /faw-store.html HTTP/1.1 Host: www.made-in-china.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.made-in-china.com/faw-store.html FQDN: www.made-in-china.com IP: 104.18.30.240 HASH: dfa81071851ffbc5faf86acab054af5779b37574ac582acddfcf052ec7f05e13 104.18.30.240 HTTP/2 200 OK content-type: text/html date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Thu, 28 Oct 2021 09:16:24 GMT timing-allow-origin: * cf-cache-status: HIT age: 27436 expires: Tue, 31 Jan 2023 19:20:00 GMT cache-control: public, max-age=14400 vary: Accept-Encoding server: cloudflare cf-ray: 79236dccdfafb509-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1075 Md5: 39211775b5fef44b9362d7c5d5f7359b Sha1: 3c93a34502760de83f99440bb237673ece2f96c9 Sha256: dfa81071851ffbc5faf86acab054af5779b37574ac582acddfcf052ec7f05e13
GET /pagead/viewthroughconversion/731984560/?random=1675178418262&cv=11&fst=1675178418262&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=1249950847.1675178418&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: googleads.g.doubleclick.net/pagead/viewthroughconversio (...) FQDN: googleads.g.doubleclick.net IP: 142.250.74.98 HASH: 071f2ccc1dc55c3abb74af4b3ef49a5a6eae0a53b82583e786b78b96194d8349 142.250.74.98 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 937 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 15:35:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1950), with no line terminators Size: 937 Md5: 95cc30cae491ae25aecca7748b24982e Sha1: 9e66b157c139612c1bb6975bd55d64c0a888061b Sha256: 071f2ccc1dc55c3abb74af4b3ef49a5a6eae0a53b82583e786b78b96194d8349
GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: connect.facebook.net/en_US/fbevents.js FQDN: connect.facebook.net IP: 157.240.205.11 HASH: c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0 157.240.205.11 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 vary: Accept-Encoding content-encoding: gzip content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: g3b0+OpHO+KSts196+PXtr+WX+jL0fclEX5DVy9z92uTIbjx0xKDRzNd6iXxr3iccW5kXgvOgNd60Gz+gm55Sw== content-length: 27843 x-fb-trip-id: 1679558926 date: Tue, 31 Jan 2023 15:20:01 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (64348) Size: 27843 Md5: dd1f85cc598419df61e254e53f9ec1ef Sha1: f86c0ee563f5b7a01e1d40b566f2bc184a32380f Sha256: c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=917110132.1675178418&gtm=2oe1p0&aip=1&z=1628652087 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&t (...) FQDN: www.google.no IP: 142.250.74.67 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.67 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdvNDZrNzQ5NGRmIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL2ZpZWxkcmVwMTAxLmNvbS93cC1hZG1pbi91cS9pbmRleC5odG1sIiwiJHVybF9wYXRoIjoiL3dwLWFkbWluL3VxL2luZGV4Lmh0bWwiLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTg2MDg2YTFmYmE0MTUtMGE3YzU3NTIwZmFjY2MtYzUwNTQyNS0xMzEwNzIwLTE4NjA4NmExZmJiNDExIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiIkcGFnZXZpZXciLCJfdHJhY2tfaWQiOjg4OTE0ODExN30%3D&ext=crc%3D297368572 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dcf6c8db512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
POST /j/collect?v=1&_v=j99&a=1371064363&t=pageview&_s=1&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&ul=en-us&de=GBK&dt=Messages%20%7C%20Made%20ln%20Chlna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=200696555&gjid=966180729&cid=917110132.1675178418&tid=UA-37452587-1&_gid=1882750315.1675178419&_r=1&_slc=1&gtm=2wg1p0T39J99&z=1403160184 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j99&a=1371064 (...) FQDN: www.google-analytics.com IP: 216.58.207.206 HASH: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 216.58.207.206 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://fieldrep101.com date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 9e92e190700c1af4539b40c2171320a9 Sha1: 209bcdb79e6067b51091ce8586d4b977f25b67d8 Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2462 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:20:01 GMT Last-Modified: Tue, 31 Jan 2023 14:38:59 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: aec352657815f12ffe0688a87de78b38 Sha1: b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e Sha256: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 69ffc0a3f7ca2b025a6b99f9c38889be Sha1: 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 73d6f94eec5f7bf78dc11951011af215 Sha1: 2d7941713a82a83c174bf782b618a6f86a8ab2d7 Sha256: 9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
GET /p/action/13001299.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/p/action/13001299.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 204 No Content cache-control: private,max-age=1800 strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: C241DE2AD44C490F8BD3B96B25A2FEF0 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=7ce1a73b-48ec-4bab-8d25-ef69945c10c8&sid=c55c26c0a17a11ed8f1aa1e0751c3b6a&vid=c55c3770a17a11ed880c19849c451029&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&r=&lt=2783&evt=pageLoad&sv=1&rn=843065 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=7 (...) FQDN: bat.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=2FBF70A1836E69820A65620B8239686D; domain=.bing.com; expires=Sun, 25-Feb-2024 15:20:01 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 02495F422D0E4784982D8B31ED1476EE Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a327176edf538c07784f9b0da660c22d Sha1: 4a56cfcac291dfe1cc177bd3eff976f106731834 Sha256: aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37452587-1&cid=917110132.1675178418&jid=200696555&gjid=966180729&_gid=1882750315.1675178419&_u=YADAAEAAAAAAACAAI~&z=848061471 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 173.194.73.154 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 173.194.73.154 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://fieldrep101.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
GET /pagead/1p-user-list/731984560/?random=1675178418262&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1383355197&rmt_tld=0&ipr=y HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/pagead/1p-user-list/731984560/?random=16 (...) FQDN: www.google.com IP: 142.250.74.164 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.164 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a5ff07b9b81cdf319f4a57d8d6dbbd6d Sha1: 736ae15d0ed2068580d35a7cff8b33c0ec87af52 Sha256: 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oe1p0&_p=1371064363&_gaz=1&cid=917110132.1675178418&ul=en-us&sr=1280x1024&uaW=1&_eu=BA&_s=1&sid=1675178418&sct=1&seg=0&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=fieldrep101.com&ep.page_URL=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZR (...) FQDN: region1.analytics.google.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://fieldrep101.com date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdvNDZrNzQ5NGRmIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwczovL2ZpZWxkcmVwMTAxLmNvbS93cC1hZG1pbi91cS9pbmRleC5odG1sIn0sImFub255bW91c19pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiZm9ybUFjdGlvbiIsIl90cmFja19pZCI6OTc5NTgxMjR9&ext=crc%3D910722131 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dd15f5db512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&rl=&if=false&ts=1675178419033&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675178419032.521999351&it=1675178418792&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl (...) FQDN: www.facebook.com IP: 157.240.205.35 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.205.35 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221go46k796bbe%22%2Clinkid%3A%221go46k796bbe%22%2Curl%3A%22fieldrep101.com%252Fwp-admin%252Fuq%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%228799%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.25.206 HTTP/2 204 No Content date: Tue, 31 Jan 2023 15:20:06 GMT timing-allow-origin: , cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236df32d9cb512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-admin/uq/css/logon_40922b23.css HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/css/logon_40922b23.css FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: text/css last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-admin/uq/js/jquery.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery.min.js FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware
GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.micstatic.com/common/js/business/global/sensors_tra (...) FQDN: www.micstatic.com IP: 104.18.21.229 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:01 GMT last-modified: Fri, 19 Nov 2021 07:38:32 GMT etag: W/"61975478-a860" expires: Fri, 28 Jan 2033 15:20:01 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 103894 vary: Accept-Encoding server: cloudflare cf-ray: 79236dce3d9ab4f1-OSL X-Firefox-Spdy: h2 --- Additional Info ---
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap (...) FQDN: stackpath.bootstrapcdn.com IP: 104.18.10.207 104.18.10.207 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 31 Jan 2023 15:19:59 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:06 GMT cdn-cachedat: 11/15/2021 23:30:00 cdn-proxyver: 1.0 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 723 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: a35b0179a28ed953258d0fb41376a09c cdn-cache: HIT cf-cache-status: HIT age: 18222247 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 79236dc2bd03b4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js FQDN: maxcdn.bootstrapcdn.com IP: 188.114.98.234 188.114.98.234 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 31 Jan 2023 15:19:59 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 08/04/2021 00:04:37 cdn-edgestorageid: 601 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-proxyver: 1.0 cdn-status: 200 cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316 cdn-cache: HIT cf-cache-status: HIT age: 18222146 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 79236dc2a8490b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-admin/uq/js/jquery-3.1.1.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.1.1.min.js FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=18718 

                                        
                                            
Expires: Tue, 31 Jan 2023 20:31:56 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:19:58 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    d2e72d45afe3d391c204b5391599607c

                                                Sha1:   149d68b9d00a720b6f380fa2324779dca9dbe26d

                                                Sha256: f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4981 

                                        
                                            
Expires: Tue, 31 Jan 2023 16:42:59 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:19:58 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    a8d45deaa7ebfcd996c2055dae592ab8

                                                Sha1:   55befe074589fe7b39757c145968058162a8fc6b

                                                Sha256: 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7

                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 31 Jan 2023 15:19:58 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 14:49:04 GMT 

                                        
                                            
age: 1854 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=16196 

                                        
                                            
Expires: Tue, 31 Jan 2023 19:49:55 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    22b9916fc1fafc9bdc9bb37f9eac8a9a

                                                Sha1:   86f640e134a741a0f906a8e3a0f5c6659dd0e394

                                                Sha256: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6451 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT 

                                        
                                            
Server: ECS (ska/F711) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    363936321a9f08665a6afc9fdafbe442

                                                Sha1:   bf305cdf4315648572bcd015a12a8768570b23ca

                                                Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6451 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT 

                                        
                                            
Server: ECS (ska/F711) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   280

                                                Md5:    363936321a9f08665a6afc9fdafbe442

                                                Sha1:   bf305cdf4315648572bcd015a12a8768570b23ca

                                                Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812

                                        
                                            GET /wp-admin/uq/images/sign-default-buyer.jpg HTTP/1.1 

                                        
                                            
Host: fieldrep101.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/wp-admin/uq/index.html 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         192.232.216.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
last-modified: Tue, 31 Jan 2023 01:03:35 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
content-length: 59332 

                                        
                                            
date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
server: Apache 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data

                                                Size:   59332

                                                Md5:    aad747a416ac43e97070741668013b7d

                                                Sha1:   545d66347ffafc166225f72072fb915ae52b970e

                                                Sha256: 844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3

                                        
                                            GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1 

                                        
                                            
Host: www.micstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.21.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png

                                        

                                        
                                            
date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
content-length: 4621 

                                        
                                            
last-modified: Wed, 16 Jun 2021 11:14:07 GMT 

                                        
                                            
etag: "60c9dcff-120d" 

                                        
                                            
expires: Fri, 28 Jan 2033 15:20:00 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 328655 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79236dc81bc6b4f1-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   4621

                                                Md5:    b173e18fb61eb3d489bfad3b2ea570fe

                                                Sha1:   71703d796c502703619ec696e447c937f700b605

                                                Sha256: 488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d

                                        
                                            GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1 

                                        
                                            
Host: www.micstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://fieldrep101.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.21.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2

                                        

                                        
                                            
date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
content-length: 25720 

                                        
                                            
last-modified: Tue, 07 Jun 2022 11:17:37 GMT 

                                        
                                            
etag: "629f33d1-6478" 

                                        
                                            
expires: Fri, 28 Jan 2033 15:20:00 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79236dc81bc9b4f1-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data

                                                Size:   25720

                                                Md5:    90c821175fe52b5e89497d4249dce3b6

                                                Sha1:   0bbacc3050dcf88f37fd6042a6719f83ba6ad83a

                                                Sha256: 18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11873 

                                        
                                            
Expires: Tue, 31 Jan 2023 18:37:53 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    43bc5afe1d7330aa521e0efc78185a92

                                                Sha1:   f53e9daa0a32e0acf7a10d9494fb383c1d039305

                                                Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=11873 

                                        
                                            
Expires: Tue, 31 Jan 2023 18:37:53 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    43bc5afe1d7330aa521e0efc78185a92

                                                Sha1:   f53e9daa0a32e0acf7a10d9494fb383c1d039305

                                                Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5903 

                                        
                                            
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fboufGeSoAMF-1g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 30 Jan 2023 21:03:25 GMT 

                                        
                                            
age: 65795 

                                        
                                            
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5903

                                                Md5:    42a648f9d34d8fb703f0b80a52e0deec

                                                Sha1:   7ccefd66211d249ae5266c3b6ae3375a19e5cb6d

                                                Sha256: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 13853 

                                        
                                            
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fk3zzF4hIAMFwWg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 30 Jan 2023 21:48:17 GMT 

                                        
                                            
age: 63103 

                                        
                                            
etag: "1959fdd94846fa3791c4890578dd15336b909dcc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   13853

                                                Md5:    d957012d3e2b8c3bc0eefe11d66e8554

                                                Sha1:   1959fdd94846fa3791c4890578dd15336b909dcc

                                                Sha256: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8558 

                                        
                                            
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ffB_BFA8IAMFyvA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 03:24:36 GMT 

                                        
                                            
age: 42924 

                                        
                                            
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8558

                                                Md5:    e6f9ffb8f9e99229b45ca5fdb84ce7d5

                                                Sha1:   04577ad69ee9749b14382254eb5bbf0e1edcd7fa

                                                Sha256: 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    d81f874741beb45c89de8bb5c6de438e

                                                Sha1:   a251ab903e654953631d84721479bbae55aa5cdf

                                                Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    d81f874741beb45c89de8bb5c6de438e

                                                Sha1:   a251ab903e654953631d84721479bbae55aa5cdf

                                                Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "DC7A2B9C7134C12FB997792CB851BE14838C846CFC84FD3D05EEE8BA401B365D" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2730 

                                        
                                            
Expires: Tue, 31 Jan 2023 16:05:30 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    d3ed942c34fca403c3b0ba0cc6e945ba

                                                Sha1:   c591aab8dd289349ecf12159c2e2bae572491e83

                                                Sha256: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d

                                        
                                            GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAxLTMxIDE1OjIwOjE4LjExNCIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg2MDg2YTFmYmE0MTUtMGE3YzU3NTIwZmFjY2MtYzUwNTQyNS0xMzEwNzIwLTE4NjA4NmExZmJiNDExIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjcxMzY2ODExNX0%3D&ext=crc%3D-1154198569 HTTP/1.1 

                                        
                                            
Host: fa.micstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         104.18.25.206

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
content-length: 43 

                                        
                                            
last-modified: Mon, 28 Sep 1970 06:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Mon, 28 Sep 1970 05:00:00 GMT 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cf-cache-status: DYNAMIC 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79236dce2b02b512-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3

                                                Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7

                                                Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    69ffc0a3f7ca2b025a6b99f9c38889be

                                                Sha1:   1b436bda66cd246a1024f8c3d8e91e3aeef31eaa

                                                Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

                                        
                                            GET /bat.js HTTP/1.1 

                                        
                                            
Host: bat.bing.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.107.21.200

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
cache-control: private,max-age=1800 

                                        
                                            
content-length: 11552 

                                        
                                            
content-encoding: gzip 

                                        
                                            
last-modified: Mon, 23 Jan 2023 19:59:24 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
etag: "076bc30652fd91:0" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
x-msedge-ref: Ref A: F3EC7C6E387F41378DA073A42B522248 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (39395), with no line terminators

                                                Size:   11552

                                                Md5:    4f378a725368a42971cd69e29f75db89

                                                Sha1:   2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e

                                                Sha256: 6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078

                                        
                                            GET /pagead/viewthroughconversion/731984560/?random=1675178418262&cv=11&fst=1675178418262&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=1249950847.1675178418&rfmt=3&fmt=4 HTTP/1.1 

                                        
                                            
Host: googleads.g.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.98

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-disposition: attachment; filename="f.txt" 

                                        
                                            
content-encoding: br 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 937 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 15:35:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1950), with no line terminators

                                                Size:   937

                                                Md5:    95cc30cae491ae25aecca7748b24982e

                                                Sha1:   9e66b157c139612c1bb6975bd55d64c0a888061b

                                                Sha256: 071f2ccc1dc55c3abb74af4b3ef49a5a6eae0a53b82583e786b78b96194d8349

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=917110132.1675178418&gtm=2oe1p0&aip=1&z=1628652087 HTTP/1.1 

                                        
                                            
Host: www.google.no

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.67

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 42 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    d89746888da2d9510b64a9f031eaecd5

                                                Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a

                                                Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

                                        
                                            POST /j/collect?v=1&_v=j99&a=1371064363&t=pageview&_s=1&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&ul=en-us&de=GBK&dt=Messages%20%7C%20Made%20ln%20Chlna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=200696555&gjid=966180729&cid=917110132.1675178418&tid=UA-37452587-1&_gid=1882750315.1675178419&_r=1&_slc=1&gtm=2wg1p0T39J99&z=1403160184 HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://fieldrep101.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         216.58.207.206

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://fieldrep101.com 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 4 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   4

                                                Md5:    9e92e190700c1af4539b40c2171320a9

                                                Sha1:   209bcdb79e6067b51091ce8586d4b977f25b67d8

                                                Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    69ffc0a3f7ca2b025a6b99f9c38889be

                                                Sha1:   1b436bda66cd246a1024f8c3d8e91e3aeef31eaa

                                                Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f

                                        
                                            GET /p/action/13001299.js HTTP/1.1 

                                        
                                            
Host: bat.bing.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         13.107.21.200

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
cache-control: private,max-age=1800 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
x-cache: CONFIG_NOCACHE 

                                        
                                            
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version 

                                        
                                            
x-msedge-ref: Ref A: C241DE2AD44C490F8BD3B96B25A2FEF0 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    a327176edf538c07784f9b0da660c22d

                                                Sha1:   4a56cfcac291dfe1cc177bd3eff976f106731834

                                                Sha256: aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd

                                        
                                            GET /pagead/1p-user-list/731984560/?random=1675178418262&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1383355197&rmt_tld=0&ipr=y HTTP/1.1 

                                        
                                            
Host: www.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif

                                        

                                        
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
content-security-policy: script-src 'none'; object-src 'none' 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: cafe 

                                        
                                            
content-length: 42 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   42

                                                Md5:    d89746888da2d9510b64a9f031eaecd5

                                                Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a

                                                Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

                                        
                                            POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oe1p0&_p=1371064363&_gaz=1&cid=917110132.1675178418&ul=en-us&sr=1280x1024&uaW=1&_eu=BA&_s=1&sid=1675178418&sct=1&seg=0&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=fieldrep101.com&ep.page_URL=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html HTTP/1.1 

                                        
                                            
Host: region1.analytics.google.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://fieldrep101.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.34.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://fieldrep101.com 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&rl=&if=false&ts=1675178419033&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675178419032.521999351&it=1675178418792&coo=false&rqm=GET HTTP/1.1 

                                        
                                            
Host: www.facebook.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         157.240.205.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin:  

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-length: 0 

                                        
                                            
server: proxygen-bolt 

                                        
                                            
alt-svc: h3=":443"; ma=86400 

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /wp-admin/uq/css/logon_40922b23.css HTTP/1.1 

                                        
                                            
Host: fieldrep101.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/wp-admin/uq/index.html 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         192.232.216.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css

                                        

                                        
                                            
last-modified: Tue, 31 Jan 2023 01:03:35 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
server: Apache 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1 

                                        
                                            
Host: www.micstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         104.18.21.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Tue, 31 Jan 2023 15:20:01 GMT 

                                        
                                            
last-modified: Fri, 19 Nov 2021 07:38:32 GMT 

                                        
                                            
etag: W/"61975478-a860" 

                                        
                                            
expires: Fri, 28 Jan 2033 15:20:01 GMT 

                                        
                                            
cache-control: public, max-age=315360000 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 103894 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79236dce3d9ab4f1-OSL 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                        
                                            GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 

                                        
                                            
Host: maxcdn.bootstrapcdn.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fieldrep101.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         188.114.98.234

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Tue, 31 Jan 2023 15:19:59 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cdn-pullzone: 252412 

                                        
                                            
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 

                                        
                                            
cdn-requestcountrycode: DE 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=31919000 

                                        
                                            
last-modified: Mon, 25 Jan 2021 22:04:04 GMT 

                                        
                                            
cdn-cachedat: 08/04/2021 00:04:37 

                                        
                                            
cdn-edgestorageid: 601 

                                        
                                            
cdn-requestpullcode: 200 

                                        
                                            
cdn-requestpullsuccess: True 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cdn-proxyver: 1.0 

                                        
                                            
cdn-status: 200 

                                        
                                            
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316 

                                        
                                            
cdn-cache: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 18222146 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79236dc2a8490b51-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	fieldrep101.com/wp-admin/uq/index.html
IP	192.232.216.140 (United States)
ASN	#46606 UNIFIEDLAYER-AS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-01-31 15:20:09 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	7
urlquery alerts	No alerts detected
Tags	None

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6205 Expires: Tue, 31 Jan 2023 17:03:23 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 0c35c3ec659d3a26ea97e68d787bb043 Sha1: d97e3672244efec5b7814f2d8a734cd1a9387854 Sha256: 4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18718 Expires: Tue, 31 Jan 2023 20:31:56 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d2e72d45afe3d391c204b5391599607c Sha1: 149d68b9d00a720b6f380fa2324779dca9dbe26d Sha256: f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 31 Jan 2023 14:43:17 GMT age: 2201 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: dcd75ca6daca51c5e39d431468511793 Sha1: 07f76d3bf23d65c9110d810fa71a994e39e085d3 Sha256: 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4981 Expires: Tue, 31 Jan 2023 16:42:59 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a8d45deaa7ebfcd996c2055dae592ab8 Sha1: 55befe074589fe7b39757c145968058162a8fc6b Sha256: 50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: UUibIB0NgaWaiGp9BjIe/n2z0SVGVWhoxh2SRjwIj8Gnff7QjklG+jxyjozNlZt24/2EB2Hspys= x-amz-request-id: 892YMQNTR82JRV7D content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 31 Jan 2023 14:51:12 GMT age: 1726 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 31 Jan 2023 15:19:58 GMT content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: fe5638d4038321de99e7a9a5d9b0a6742af4f36feae33a5da988e4c567170e0d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FE5638D4038321DE99E7A9A5D9B0A6742AF4F36FEAE33A5DA988E4C567170E0D" Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21600 Expires: Tue, 31 Jan 2023 21:19:58 GMT Date: Tue, 31 Jan 2023 15:19:58 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4b7b3057ac2a630cb21e3a802099f94c Sha1: e0415bfe06f9c38ea7d0045c6f0f11f2a1da5dfd Sha256: fe5638d4038321de99e7a9a5d9b0a6742af4f36feae33a5da988e4c567170e0d
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 31 Jan 2023 14:49:04 GMT age: 1854 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /wp-admin/uq/index.html HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: fieldrep101.com/wp-admin/uq/index.html FQDN: fieldrep101.com IP: 192.232.216.140 HASH: c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677 192.232.216.140 HTTP/2 200 OK content-type: text/html last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 5786 date: Tue, 31 Jan 2023 15:19:58 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4278), with CRLF line terminators Size: 5786 Md5: 3a21a349051115675eaa982f7fc4c059 Sha1: 960a0db04b6f3d70f3d7a9132398fc6ec3d24fbe Sha256: c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677 Alerts: Blocklists: - openphish: Made-In-China - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16196 Expires: Tue, 31 Jan 2023 19:49:55 GMT Date: Tue, 31 Jan 2023 15:19:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 22b9916fc1fafc9bdc9bb37f9eac8a9a Sha1: 86f640e134a741a0f906a8e3a0f5c6659dd0e394 Sha256: a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3075 Cache-Control: max-age=130818 Date: Tue, 31 Jan 2023 15:19:59 GMT Etag: "63d8819e-118" Expires: Thu, 02 Feb 2023 03:40:17 GMT Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6451 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:19:59 GMT Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3075 Cache-Control: max-age=130818 Date: Tue, 31 Jan 2023 15:19:59 GMT Etag: "63d8819e-118" Expires: Thu, 02 Feb 2023 03:40:17 GMT Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6451 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:19:59 GMT Last-Modified: Tue, 31 Jan 2023 13:32:28 GMT Server: ECS (ska/F711) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 363936321a9f08665a6afc9fdafbe442 Sha1: bf305cdf4315648572bcd015a12a8768570b23ca Sha256: b273c986b58d473155841e29084a1cbd2693b45f51fe92a91345f7daeb4fb812
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: YjG3ZOrSr0IsxdEGeHP5jA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.164.184.133 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.164.184.133 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ke7783jErlhkQxk8G1RYKM/GNWU= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-admin/uq/js/jquery-3.3.1.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.3.1.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip content-length: 8630 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators Size: 8630 Md5: f147c47f24cea57ba71b885e54d15468 Sha1: 2beab8e912354f4c5e0d009045fb6a46dfc2b8d2 Sha256: 41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c Alerts: Blocklists: - fortinet: Malware
GET /wp-admin/uq/js/jquery-3.2.1.slim.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.2.1.slim.min.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 192.232.216.140 HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding content-encoding: gzip content-length: 20481 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with very long lines (14507), with CRLF, LF line terminators Size: 20481 Md5: 5be431a5aa50d702ec38c393b5ec1e82 Sha1: 77f75898b50cf59e90aee6293eb6526cc6919985 Sha256: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 Alerts: Blocklists: - fortinet: Malware
GET /wp-admin/uq/images/sign-default-buyer.jpg HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/images/sign-default-buyer.jpg FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3 192.232.216.140 HTTP/2 200 OK content-type: image/jpeg last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes content-length: 59332 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data Size: 59332 Md5: aad747a416ac43e97070741668013b7d Sha1: 545d66347ffafc166225f72072fb915ae52b970e Sha256: 844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3
GET /wp-admin/uq/js/popper.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/popper.min.js FQDN: fieldrep101.com IP: 192.232.216.140 HASH: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 192.232.216.140 HTTP/2 200 OK content-type: text/html; charset=UTF-8 vary: Accept-Encoding content-encoding: gzip content-length: 20481 date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document, Unicode text, UTF-8 text, with very long lines (14507), with CRLF, LF line terminators Size: 20481 Md5: 5be431a5aa50d702ec38c393b5ec1e82 Sha1: 77f75898b50cf59e90aee6293eb6526cc6919985 Sha256: 1d77c4deedc750f17171c0909a41d26ed8b6593ec1b34de0dcb9e378f5938119 Alerts: Blocklists: - fortinet: Malware
GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2 FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d 104.18.21.229 HTTP/2 200 OK content-type: image/png date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 4621 last-modified: Wed, 16 Jun 2021 11:14:07 GMT etag: "60c9dcff-120d" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT age: 328655 accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc81bc6b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data Size: 4621 Md5: b173e18fb61eb3d489bfad3b2ea570fe Sha1: 71703d796c502703619ec696e447c937f700b605 Sha256: 488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d
GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/font/Roboto/400-regular/Roboto (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a 104.18.21.229 HTTP/2 200 OK content-type: font/woff2 date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 19832 last-modified: Wed, 16 Jun 2021 11:14:08 GMT etag: "60c9dd00-4d78" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc80bbeb4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978\012- data Size: 19832 Md5: ed2022705048507e5995ee72717e7fd4 Sha1: 570864c3bccc3e0e203fdd67be3cf850387faefb Sha256: e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a
GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/font/micon/micon-2/micon_3425a (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3 104.18.21.229 HTTP/2 200 OK content-type: font/woff2 date: Tue, 31 Jan 2023 15:20:00 GMT content-length: 25720 last-modified: Tue, 07 Jun 2022 11:17:37 GMT etag: "629f33d1-6478" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * cf-cache-status: HIT accept-ranges: bytes vary: Accept-Encoding server: cloudflare cf-ray: 79236dc81bc9b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data Size: 25720 Md5: 90c821175fe52b5e89497d4249dce3b6 Sha1: 0bbacc3050dcf88f37fd6042a6719f83ba6ad83a Sha256: 18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3
GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=163 (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: ca047a30d120588641693c9ff4a0baf1534bf7cd7cf966de9014b57848cef0b2 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Fri, 10 Sep 2021 13:44:55 GMT etag: W/"613b6157-3042" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 4203 vary: Accept-Encoding server: cloudflare cf-ray: 79236dc80bbfb4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 23873 Md5: 8d3c533d286ea292a4ca21d396b9cae1 Sha1: 495ab17a70655400e42a7265d770c0e476602321 Sha256: ca047a30d120588641693c9ff4a0baf1534bf7cd7cf966de9014b57848cef0b2
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11873 Expires: Tue, 31 Jan 2023 18:37:53 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 43bc5afe1d7330aa521e0efc78185a92 Sha1: f53e9daa0a32e0acf7a10d9494fb383c1d039305 Sha256: 429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9987 x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flYlPF9uIAMFXMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:56:35 GMT age: 48205 etag: "6cf734e2d29938688913daacfb75506d8e004a94" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9987 Md5: 2c4934be94898028e2ab696561b51462 Sha1: 6cf734e2d29938688913daacfb75506d8e004a94 Sha256: 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5903 x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fboufGeSoAMF-1g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:03:25 GMT age: 65795 etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5903 Md5: 42a648f9d34d8fb703f0b80a52e0deec Sha1: 7ccefd66211d249ae5266c3b6ae3375a19e5cb6d Sha256: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11129 x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffDBZGRPoAMFedg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:50:52 GMT age: 41348 etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11129 Md5: 2797bfd35b7ec24888de84be14f7f2ec Sha1: 8e315ac5856967286eaa8769e081d827fb4ca39e Sha256: b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 13853 x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fk3zzF4hIAMFwWg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Mon, 30 Jan 2023 21:48:17 GMT age: 63103 etag: "1959fdd94846fa3791c4890578dd15336b909dcc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 13853 Md5: d957012d3e2b8c3bc0eefe11d66e8554 Sha1: 1959fdd94846fa3791c4890578dd15336b909dcc Sha256: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6844 x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: flZsxH0YIAMF9ew= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 01:42:39 GMT age: 49041 etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6844 Md5: 976dda397f9292a498ca9db5599c0378 Sha1: dad9e9c3462907a2475046aee36d57f8309cd44e Sha256: 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8558 x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ffB_BFA8IAMFyvA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0 x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google date: Tue, 31 Jan 2023 03:24:36 GMT age: 42924 etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8558 Md5: e6f9ffb8f9e99229b45ca5fdb84ce7d5 Sha1: 04577ad69ee9749b14382254eb5bbf0e1edcd7fa Sha256: 6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
POST / HTTP/1.1 Host: ocsp.dcocsp.cn User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.dcocsp.cn/ FQDN: ocsp.dcocsp.cn IP: 79.133.176.228 HASH: ff4a4e2599452ef5e3bd6642d244fd19f1310f9ddfd3d91d3ac24f70fc72578d 79.133.176.228 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: Tengine Content-Length: 471 Connection: keep-alive Date: Tue, 31 Jan 2023 15:09:00 GMT Ali-Swift-Global-Savetime: 1675177740 Via: cache21.l2de2[0,0,200-0,H], cache12.l2de2[0,0], cache3.gb1[0,0,200-0,H], cache3.gb1[1,0] Age: 660 X-Cache: HIT TCP_MEM_HIT dirn:10:331323572 X-Swift-SaveTime: Tue, 31 Jan 2023 15:11:42 GMT X-Swift-CacheTime: 3438 Timing-Allow-Origin: * EagleId: 4f85b09716751784007542621e --- Additional Info --- Magic: data Size: 471 Md5: a0b7d2ad43b37795c160829827a0a590 Sha1: fa043ae150e0ca2d1164cb0b829a55dc2c5d3395 Sha256: ff4a4e2599452ef5e3bd6642d244fd19f1310f9ddfd3d91d3ac24f70fc72578d
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d81f874741beb45c89de8bb5c6de438e Sha1: a251ab903e654953631d84721479bbae55aa5cdf Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
GET /common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.micstatic.com/common/js/libs/sensors/sensorsdata.mi (...) FQDN: www.micstatic.com IP: 104.18.21.229 HASH: 1fa6235b67ae0ae3778533d8e0ba92bc47ee42cba107d3327b856a0237dd66f7 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Wed, 01 Sep 2021 09:19:47 GMT etag: W/"612f45b3-1461f" expires: Fri, 28 Jan 2033 15:20:00 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 291167 vary: Accept-Encoding server: cloudflare cf-ray: 79236dcd1bf0b4f1-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 112740 Md5: 23ba27bd52f84fed5a05240835303339 Sha1: b70fe6eb4236e3cd5850f82613962a87602741f7 Sha256: 1fa6235b67ae0ae3778533d8e0ba92bc47ee42cba107d3327b856a0237dd66f7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: d81f874741beb45c89de8bb5c6de438e Sha1: a251ab903e654953631d84721479bbae55aa5cdf Sha256: ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DC7A2B9C7134C12FB997792CB851BE14838C846CFC84FD3D05EEE8BA401B365D" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2730 Expires: Tue, 31 Jan 2023 16:05:30 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d3ed942c34fca403c3b0ba0cc6e945ba Sha1: c591aab8dd289349ecf12159c2e2bae572491e83 Sha256: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DC7A2B9C7134C12FB997792CB851BE14838C846CFC84FD3D05EEE8BA401B365D" Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2730 Expires: Tue, 31 Jan 2023 16:05:30 GMT Date: Tue, 31 Jan 2023 15:20:00 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: d3ed942c34fca403c3b0ba0cc6e945ba Sha1: c591aab8dd289349ecf12159c2e2bae572491e83 Sha256: dc7a2b9c7134c12fb997792cb851be14838c846cfc84fd3d05eee8ba401b365d
GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221go46k796bbe%22%2Clinkid%3A%221go46k796bbe%22%2Curl%3A%22fieldrep101.com%252Fwp-admin%252Fuq%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22169%22%2Cc%3A%22540%22%2Cd%3A%220%22%2Ce%3A%22188%22%2Cf%3A%222%22%2Cst%3A%22-1%22%2Cg%3A%22939%22%2Ch%3A%221778%22%2Ci%3A%221951%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221872%22%2Cm%3A%220%22%2Ck%3A%222781%22%2Cp%3A%22362%22%2Cx%3A%7B%7D%2Cs%3A%2212801024%7C1280939%22%7D%7D HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.25.206 HTTP/2 204 No Content date: Tue, 31 Jan 2023 15:20:01 GMT timing-allow-origin: , cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dce2afbb512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAxLTMxIDE1OjIwOjE4LjExNCIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg2MDg2YTFmYmE0MTUtMGE3YzU3NTIwZmFjY2MtYzUwNTQyNS0xMzEwNzIwLTE4NjA4NmExZmJiNDExIiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjcxMzY2ODExNX0%3D&ext=crc%3D-1154198569 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dce2b02b512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5319 Cache-Control: max-age=145313 Date: Tue, 31 Jan 2023 15:20:01 GMT Etag: "63d8b17b-1d7" Expires: Thu, 02 Feb 2023 07:41:54 GMT Last-Modified: Tue, 31 Jan 2023 06:13:15 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: aec352657815f12ffe0688a87de78b38 Sha1: b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e Sha256: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 69ffc0a3f7ca2b025a6b99f9c38889be Sha1: 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 216.58.207.206 HASH: 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db 216.58.207.206 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20085 date: Tue, 31 Jan 2023 13:46:59 GMT expires: Tue, 31 Jan 2023 15:46:59 GMT cache-control: public, max-age=7200 age: 5582 last-modified: Tue, 10 Jan 2023 21:29:14 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1490) Size: 20085 Md5: ca7fbbfd120e3e329633044190bbf134 Sha1: d17f81e03dd827554ddd207ea081fb46b3415445 Sha256: 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /bat.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: bat.bing.com/bat.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: 6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078 13.107.21.200 HTTP/2 200 OK content-type: application/javascript cache-control: private,max-age=1800 content-length: 11552 content-encoding: gzip last-modified: Mon, 23 Jan 2023 19:59:24 GMT accept-ranges: bytes etag: "076bc30652fd91:0" vary: Accept-Encoding strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: F3EC7C6E387F41378DA073A42B522248 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (39395), with no line terminators Size: 11552 Md5: 4f378a725368a42971cd69e29f75db89 Sha1: 2a1cdf193b346d9281c6e04a9b3775e7fc1ae11e Sha256: 6a2a9d238501343cb3f25e0f54f4ecc4ec2c4e0fa6b228cc72dc3fff90502078
GET /faw-store.html HTTP/1.1 Host: www.made-in-china.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: www.made-in-china.com/faw-store.html FQDN: www.made-in-china.com IP: 104.18.30.240 HASH: dfa81071851ffbc5faf86acab054af5779b37574ac582acddfcf052ec7f05e13 104.18.30.240 HTTP/2 200 OK content-type: text/html date: Tue, 31 Jan 2023 15:20:00 GMT last-modified: Thu, 28 Oct 2021 09:16:24 GMT timing-allow-origin: * cf-cache-status: HIT age: 27436 expires: Tue, 31 Jan 2023 19:20:00 GMT cache-control: public, max-age=14400 vary: Accept-Encoding server: cloudflare cf-ray: 79236dccdfafb509-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 1075 Md5: 39211775b5fef44b9362d7c5d5f7359b Sha1: 3c93a34502760de83f99440bb237673ece2f96c9 Sha256: dfa81071851ffbc5faf86acab054af5779b37574ac582acddfcf052ec7f05e13
GET /pagead/viewthroughconversion/731984560/?random=1675178418262&cv=11&fst=1675178418262&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=1249950847.1675178418&rfmt=3&fmt=4 HTTP/1.1 Host: googleads.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: googleads.g.doubleclick.net/pagead/viewthroughconversio (...) FQDN: googleads.g.doubleclick.net IP: 142.250.74.98 HASH: 071f2ccc1dc55c3abb74af4b3ef49a5a6eae0a53b82583e786b78b96194d8349 142.250.74.98 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, must-revalidate x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 937 x-xss-protection: 0 set-cookie: test_cookie=CheckForPermission; expires=Tue, 31-Jan-2023 15:35:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1950), with no line terminators Size: 937 Md5: 95cc30cae491ae25aecca7748b24982e Sha1: 9e66b157c139612c1bb6975bd55d64c0a888061b Sha256: 071f2ccc1dc55c3abb74af4b3ef49a5a6eae0a53b82583e786b78b96194d8349
GET /en_US/fbevents.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: connect.facebook.net/en_US/fbevents.js FQDN: connect.facebook.net IP: 157.240.205.11 HASH: c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0 157.240.205.11 HTTP/2 200 OK content-type: application/x-javascript; charset=utf-8 vary: Accept-Encoding content-encoding: gzip content-security-policy: default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: public cache-control: public, max-age=1200 expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff x-xss-protection: 0 x-frame-options: DENY strict-transport-security: max-age=31536000; preload; includeSubDomains x-fb-debug: g3b0+OpHO+KSts196+PXtr+WX+jL0fclEX5DVy9z92uTIbjx0xKDRzNd6iXxr3iccW5kXgvOgNd60Gz+gm55Sw== content-length: 27843 x-fb-trip-id: 1679558926 date: Tue, 31 Jan 2023 15:20:01 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (64348) Size: 27843 Md5: dd1f85cc598419df61e254e53f9ec1ef Sha1: f86c0ee563f5b7a01e1d40b566f2bc184a32380f Sha256: c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=917110132.1675178418&gtm=2oe1p0&aip=1&z=1628652087 HTTP/1.1 Host: www.google.no User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&t (...) FQDN: www.google.no IP: 142.250.74.67 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.67 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdvNDZrNzQ5NGRmIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwczovL2ZpZWxkcmVwMTAxLmNvbS93cC1hZG1pbi91cS9pbmRleC5odG1sIiwiJHVybF9wYXRoIjoiL3dwLWFkbWluL3VxL2luZGV4Lmh0bWwiLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTg2MDg2YTFmYmE0MTUtMGE3YzU3NTIwZmFjY2MtYzUwNTQyNS0xMzEwNzIwLTE4NjA4NmExZmJiNDExIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiIkcGFnZXZpZXciLCJfdHJhY2tfaWQiOjg4OTE0ODExN30%3D&ext=crc%3D297368572 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dcf6c8db512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
POST /j/collect?v=1&_v=j99&a=1371064363&t=pageview&_s=1&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&ul=en-us&de=GBK&dt=Messages%20%7C%20Made%20ln%20Chlna&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YADAAEABAAAAACAAI~&jid=200696555&gjid=966180729&cid=917110132.1675178418&tid=UA-37452587-1&_gid=1882750315.1675178419&_r=1&_slc=1&gtm=2wg1p0T39J99&z=1403160184 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j99&a=1371064 (...) FQDN: www.google-analytics.com IP: 216.58.207.206 HASH: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 216.58.207.206 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://fieldrep101.com date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 9e92e190700c1af4539b40c2171320a9 Sha1: 209bcdb79e6067b51091ce8586d4b977f25b67d8 Sha256: aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2462 Cache-Control: 'max-age=158059' Date: Tue, 31 Jan 2023 15:20:01 GMT Last-Modified: Tue, 31 Jan 2023 14:38:59 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: aec352657815f12ffe0688a87de78b38 Sha1: b1567e7c98a2fa6f5ac301ca5cbb3c3a3c887c8e Sha256: 7c4140541f1afab3e549aaa11ce0014d01d16036e69da9c41a92b8dd8da7b314
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 69ffc0a3f7ca2b025a6b99f9c38889be Sha1: 1b436bda66cd246a1024f8c3d8e91e3aeef31eaa Sha256: 9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: 73d6f94eec5f7bf78dc11951011af215 Sha1: 2d7941713a82a83c174bf782b618a6f86a8ab2d7 Sha256: 9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
GET /p/action/13001299.js HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/p/action/13001299.js FQDN: bat.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 204 No Content cache-control: private,max-age=1800 strict-transport-security: max-age=31536000; includeSubDomains; preload x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: C241DE2AD44C490F8BD3B96B25A2FEF0 Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=7ce1a73b-48ec-4bab-8d25-ef69945c10c8&sid=c55c26c0a17a11ed8f1aa1e0751c3b6a&vid=c55c3770a17a11ed880c19849c451029&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&r=&lt=2783&evt=pageLoad&sv=1&rn=843065 HTTP/1.1 Host: bat.bing.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=7 (...) FQDN: bat.bing.com IP: 13.107.21.200 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.107.21.200 HTTP/2 204 No Content cache-control: no-cache, must-revalidate pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT set-cookie: MUID=2FBF70A1836E69820A65620B8239686D; domain=.bing.com; expires=Sun, 25-Feb-2024 15:20:01 GMT; path=/; SameSite=None; Secure; Priority=High; strict-transport-security: max-age=31536000; includeSubDomains; preload access-control-allow-origin: * x-cache: CONFIG_NOCACHE accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref: Ref A: 02495F422D0E4784982D8B31ED1476EE Ref B: OSL30EDGE0321 Ref C: 2023-01-31T15:20:01Z date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: a327176edf538c07784f9b0da660c22d Sha1: 4a56cfcac291dfe1cc177bd3eff976f106731834 Sha256: aae92a95f747be0bca6982ed7e3e58af8ac74ff69c799b55046ab38474e149dd
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-37452587-1&cid=917110132.1675178418&jid=200696555&gjid=966180729&_gid=1882750315.1675178419&_u=YADAAEAAAAAAACAAI~&z=848061471 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 173.194.73.154 HASH: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a 173.194.73.154 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://fieldrep101.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 4 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 4 Md5: 48c0473b7821185d937e685216e2168b Sha1: 3743e47f8a429a5e87b86cb582d78940733d9d2e Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
GET /pagead/1p-user-list/731984560/?random=1675178418262&cv=11&fst=1675177200000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1280&u_h=1024&label=v7ktCOKJmaMBELDlhN0C&frm=0&url=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1383355197&rmt_tld=0&ipr=y HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google.com/pagead/1p-user-list/731984560/?random=16 (...) FQDN: www.google.com IP: 142.250.74.164 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 142.250.74.164 HTTP/2 200 OK content-type: image/gif p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate content-security-policy: script-src 'none'; object-src 'none' x-content-type-options: nosniff server: cafe content-length: 42 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 31 Jan 2023 15:20:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: a5ff07b9b81cdf319f4a57d8d6dbbd6d Sha1: 736ae15d0ed2068580d35a7cff8b33c0ec87af52 Sha256: 24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=2oe1p0&_p=1371064363&_gaz=1&cid=917110132.1675178418&ul=en-us&sr=1280x1024&uaW=1&_eu=BA&_s=1&sid=1675178418&sct=1&seg=0&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=fieldrep101.com&ep.page_URL=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html HTTP/1.1 Host: region1.analytics.google.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://fieldrep101.com Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZR (...) FQDN: region1.analytics.google.com IP: 216.239.34.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.34.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://fieldrep101.com date: Tue, 31 Jan 2023 15:20:01 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdvNDZrNzQ5NGRmIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwczovL2ZpZWxkcmVwMTAxLmNvbS93cC1hZG1pbi91cS9pbmRleC5odG1sIn0sImFub255bW91c19pZCI6IjE4NjA4NmExZmJhNDE1LTBhN2M1NzUyMGZhY2NjLWM1MDU0MjUtMTMxMDcyMC0xODYwODZhMWZiYjQxMSIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiZm9ybUFjdGlvbiIsIl90cmFja19pZCI6OTc5NTgxMjR9&ext=crc%3D910722131 HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0a (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 104.18.25.206 HTTP/2 200 OK content-type: image/gif date: Tue, 31 Jan 2023 15:20:01 GMT content-length: 43 last-modified: Mon, 28 Sep 1970 06:00:00 GMT access-control-allow-origin: * cache-control: no-cache, no-store, must-revalidate pragma: no-cache expires: Mon, 28 Sep 1970 05:00:00 GMT timing-allow-origin: * cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236dd15f5db512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Ffieldrep101.com%2Fwp-admin%2Fuq%2Findex.html&rl=&if=false&ts=1675178419033&sw=1280&sh=1024&v=2.9.95&r=stable&ec=0&o=30&fbp=fb.1.1675178419032.521999351&it=1675178418792&coo=false&rqm=GET HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl (...) FQDN: www.facebook.com IP: 157.240.205.35 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.205.35 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: access-control-allow-credentials: true strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin content-length: 0 server: proxygen-bolt alt-svc: h3=":443"; ma=86400 date: Tue, 31 Jan 2023 15:20:01 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221go46k796bbe%22%2Clinkid%3A%221go46k796bbe%22%2Curl%3A%22fieldrep101.com%252Fwp-admin%252Fuq%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%228799%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D HTTP/1.1 Host: fa.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A (...) FQDN: fa.micstatic.com IP: 104.18.25.206 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 104.18.25.206 HTTP/2 204 No Content date: Tue, 31 Jan 2023 15:20:06 GMT timing-allow-origin: , cf-cache-status: DYNAMIC server: cloudflare cf-ray: 79236df32d9cb512-OSL X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-admin/uq/css/logon_40922b23.css HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/css/logon_40922b23.css FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: text/css last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-admin/uq/js/jquery.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery.min.js FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware
GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1 Host: www.micstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.micstatic.com/common/js/business/global/sensors_tra (...) FQDN: www.micstatic.com IP: 104.18.21.229 104.18.21.229 HTTP/2 200 OK content-type: application/javascript date: Tue, 31 Jan 2023 15:20:01 GMT last-modified: Fri, 19 Nov 2021 07:38:32 GMT etag: W/"61975478-a860" expires: Fri, 28 Jan 2033 15:20:01 GMT cache-control: public, max-age=315360000 access-control-allow-origin: * content-encoding: gzip cf-cache-status: HIT age: 103894 vary: Accept-Encoding server: cloudflare cf-ray: 79236dce3d9ab4f1-OSL X-Firefox-Spdy: h2 --- Additional Info ---
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap (...) FQDN: stackpath.bootstrapcdn.com IP: 104.18.10.207 104.18.10.207 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 31 Jan 2023 15:19:59 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:06 GMT cdn-cachedat: 11/15/2021 23:30:00 cdn-proxyver: 1.0 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 723 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: a35b0179a28ed953258d0fb41376a09c cdn-cache: HIT cf-cache-status: HIT age: 18222247 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 79236dc2bd03b4fa-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js FQDN: maxcdn.bootstrapcdn.com IP: 188.114.98.234 188.114.98.234 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Tue, 31 Jan 2023 15:19:59 GMT vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:04 GMT cdn-cachedat: 08/04/2021 00:04:37 cdn-edgestorageid: 601 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-proxyver: 1.0 cdn-status: 200 cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316 cdn-cache: HIT cf-cache-status: HIT age: 18222146 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 79236dc2a8490b51-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /wp-admin/uq/js/jquery-3.1.1.min.js HTTP/1.1 Host: fieldrep101.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://fieldrep101.com/wp-admin/uq/index.html Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: fieldrep101.com/wp-admin/uq/js/jquery-3.1.1.min.js FQDN: fieldrep101.com IP: 192.232.216.140 192.232.216.140 HTTP/2 200 OK content-type: application/javascript last-modified: Tue, 31 Jan 2023 01:03:35 GMT accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip date: Tue, 31 Jan 2023 15:19:59 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Malware

Overview

Domain Summary (24)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.232.216.140

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 1 reports on domain: fieldrep101.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (4)

#1 JavaScript::Eval (size: 401) - SHA256: 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d

#2 JavaScript::Eval (size: 232) - SHA256: deaf1dce980857d82e49407063fc48aad4b2fb87e45f46b4c81aaf02fff1075a

#3 JavaScript::Eval (size: 232) - SHA256: e1ecbf397014aadd393ea098a3d9c9e4f2e75fc8d2466ee3823302b0855e3afd

#4 JavaScript::Eval (size: 232) - SHA256: 7d700ca9f03f467b4a3f58a598871f71c4bc8ae368b6a986e41b3e6584670165

Executed Writes (0)

HTTP Transactions (69)

Overview

Domain Summary (24)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 192.232.216.140

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 1 reports on domain: fieldrep101.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (4)

#1 JavaScript::Eval (size: 401) - SHA256: 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d

#2 JavaScript::Eval (size: 232) - SHA256: deaf1dce980857d82e49407063fc48aad4b2fb87e45f46b4c81aaf02fff1075a

#3 JavaScript::Eval (size: 232) - SHA256: e1ecbf397014aadd393ea098a3d9c9e4f2e75fc8d2466ee3823302b0855e3afd

#4 JavaScript::Eval (size: 232) - SHA256: 7d700ca9f03f467b4a3f58a598871f71c4bc8ae368b6a986e41b3e6584670165

Executed Writes (0)

HTTP Transactions (69)

Network Intrusion Detection Systems