Report - neogenesiseng.com/wp-admin/aa/

Report Overview

Submitted URL
neogenesiseng.com/wp-admin/aa/
IP
108.179.234.135
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-25 03:12:43
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	66 kB	34.120.237.76
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	1.2 kB	1.2 kB	216.58.211.4
neogenesiseng.com	unknown	2015-10-11T18:02:45Z	2023-03-29T08:35:06Z	3.6 kB	191 kB	108.179.234.135
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	2.7 kB	5.6 kB	142.250.74.131
fa.micstatic.com	153248	2020-03-25T06:07:14Z	2023-03-29T13:42:58Z	6.1 kB	1.9 kB	104.18.25.206
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-29T09:02:58Z	781 B	447 B	216.239.34.36
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-29T05:12:24Z	374 B	29 kB	157.240.205.11
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
www.micstatic.com	120170	2015-07-22T23:43:48Z	2023-03-28T12:52:02Z	2.4 kB	97 kB	104.18.21.229
pylon.micstatic.com	156834	2021-01-28T23:23:12Z	2023-03-28T10:27:23Z	322 B	15 kB	104.18.20.229
www.made-in-china.com	95945	2012-05-30T17:33:15Z	2023-03-28T12:52:03Z	888 B	1.5 kB	104.18.30.240
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-29T05:25:55Z	1.5 kB	14 kB	13.107.21.200
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	617 B	349 B	157.240.205.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	397 B	89 kB	142.250.74.168
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-29T10:24:16Z	699 B	2.1 kB	142.250.74.66
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	484 B	578 B	142.250.74.163
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	487 B	447 B	74.125.205.156
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-29T13:32:47Z	398 B	15 kB	104.18.10.207
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-29T06:01:47Z	373 B	21 kB	142.250.74.142
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-29T11:45:01Z	682 B	1.6 kB	192.229.221.95
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	395 B	917 B	104.18.10.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-25 03:12:45	medium	108.179.234.135	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
2023-03-25 03:12:45	medium	108.179.234.135	Client IP	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-24	medium	neogenesiseng.com/wp-admin/aa/	Made-In-China

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/jquery.min.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/jquery-3.3.1.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/popper.min.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/jquery-3.1.1.min.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js	Phishing
2023-03-25	medium	neogenesiseng.com/wp-admin/aa/js/popper.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-04
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-04 22:31:48 Times Seen246648 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	neogenesiseng.com/wp-admin/aa/	3.9 kB	2023-03-07	2023-04-05
Pretty URL neogenesiseng.com/wp-admin/aa/ IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-04-05 02:01:11 Times Seen23 Hash f34e88cd7daba7171812c4fd33b47e94 3eed4cdbf99a78d068e0096e515210508fc1079a c28bb3aa503150dce87c87496492a4840a03730909bff6195d20daa57fce4ad3 Loading...

	www.made-in-china.com/faw-store.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.made-in-china.com/faw-store.html IP 104.18.30.240 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-04-05 02:01:11 Times Seen31 Hash b9499081fdda5abcccaf45ded37dea11 0e4a72d1fa8e1f868df6c11cd68ab904d59653dd 2c52a305241ca743835be48315d9913e2d3857e826a9c5a8a74bec0157907e21 Loading...

	neogenesiseng.com/wp-admin/aa/js/jquery-3.1.1.min.js	87 kB	2023-03-07	2024-05-04
Pretty URL neogenesiseng.com/wp-admin/aa/js/jquery-3.1.1.min.js IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 18:19:22 Times Seen428 Hash c0824025d4496be6a20e1ee0e465b15e 543cc3ba239e701d1e7aa91dee559c67e25763ef e65e86fddc1b72935d9b37afd5e5589ca9ee4eecf1878acb3ab8a6074ffdf64d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144	282 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:59:49 Last Seen2023-03-29 21:59:49 Times Seen1 Hash b4442431ba43f0a232c940a3ec91d14f 359ea7c42673e0b84bdb3df693b40a3dca16e525 0b6e8d5a0c20a4ed46c82e54d65b9c60c9f7f69e1dbe1e9f67db328082ec8844 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	connect.facebook.net/signals/config/2037053586588160?v=2.9.100&r=stable	387 kB	2023-03-13	2023-04-06
Pretty URL connect.facebook.net/signals/config/2037053586588160?v=2.9.100&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:14:38 Last Seen2023-04-06 20:49:27 Times Seen38 Hash 0f2bfcdccc4270b80546b64703111d3f 1dc9bce743ca72a99b499d3a20f32eeaff3e0b11 ce0382468be29543ad03fee0904cafd396fa8c2fb608519d5da29643f042ce1d Loading...

	bat.bing.com/bat.js	41 kB	2023-03-14	2023-04-13
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:22:45 Last Seen2023-04-13 21:32:40 Times Seen28 Hash 1f54a3702fef2e7236fc6323eb43a933 181996a01b327039e264e2fe62d82b604e7803a6 fd950cb8a6d31a66c86264671999670b5b5dd36f2ae647ae1247c021922603ce Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1679713966276&cv=11&fst=1679713966276&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=234482785.1679713966&rfmt=3&fmt=4	2.6 kB	2023-03-29	2023-03-29
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1679713966276&cv=11&fst=1679713966276&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=234482785.1679713966&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:59:49 Last Seen2023-03-29 21:59:49 Times Seen1 Hash f057a57a7352a481aeb8a78a1611d881 b812a032a8cfdc69ba384cd041786f87c2b33b34 98bfa99a961c02f535460b225c97c7b19582d87cbaac4e231dc473fef632b29b Loading...

	bat.bing.com/p/action/13001299.js	0 B	2023-03-07	2024-05-04
Pretty URL bat.bing.com/p/action/13001299.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 23:34:03 Times Seen37349307 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-05-04
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-05-04 20:22:07 Times Seen138672 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	neogenesiseng.com/wp-admin/aa/	4.2 kB	2023-03-07	2024-05-04
Pretty URL neogenesiseng.com/wp-admin/aa/ IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 18:19:22 Times Seen213 Hash 249cd4ac7d9f2218d937a6df51656f1c 10cca701fe98e14448b3fb0bfe1bd56b7c7860d4 4967494754818ef2e325bd555b126362ae96d6ee5f46fb502ce2f3c41aa1fcce Loading...

	pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144	38 kB	2023-03-26	2023-11-02
Pretty URL pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144 IP 104.18.20.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:11:08 Last Seen2023-11-02 02:44:58 Times Seen248 Hash fb0be613f398bf9e02fa2f2ca80ced91 9d623285d105acad839a4f7963c09db314a5fe89 31d0eafefcf6cdc09efcabd0768547a636b0d80be35096f8f14d81fbc7837e9a Loading...

	www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144	85 kB	2023-03-07	2024-05-04
Pretty URL www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 07:57:21 Times Seen157 Hash c727cdcf1f851383293dfa1bff462722 ada0c63651e642891f4fd5905eefcf28d3ad4baf 40707e9d2cf9581ad9fcc531e1626245a63ae9d25e8e9df268b9bc2106683653 Loading...

	www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144	43 kB	2023-03-07	2023-08-21
Pretty URL www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2023-08-21 13:26:16 Times Seen97 Hash 822ea3240b208f1f999f7b310a5822a5 45770ed738c820889f01b765d69ddb7fa11e0150 2d5936bdf065891a6b78defc315eaefd9c44360668642651b69341b23d13433f Loading...

	connect.facebook.net/en_US/fbevents.js	110 kB	2023-03-29	2023-03-29
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.205.11 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:45:25 Last Seen2023-03-29 23:21:25 Times Seen1057 Hash 60d2cc612601b25d9997dd88ec525d46 dd8599e61cbbc04fe24bad700dd81f0ce7e384b3 1024b15789c74b9531cd607b7507c13723879a74bebd70658bec6ed92c025aa7 Loading...

	neogenesiseng.com/wp-admin/aa/js/jquery.min.js	86 kB	2023-03-07	2024-05-04
Pretty URL neogenesiseng.com/wp-admin/aa/js/jquery.min.js IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 19:26:17 Times Seen904 Hash bceabde9d4ba653fd1f4bb171bff0c01 c8cdd4f8e91a77cddbc6d9ce8d5f302c52d74b6f 7496a1a9d658f14a47f7ee8dfa70840e47efa61b55b02cda8b316b0fc8dcc2c5 Loading...

	neogenesiseng.com/wp-admin/aa/	627 B	2023-03-07	2024-05-04
Pretty URL neogenesiseng.com/wp-admin/aa/ IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 18:55:02 Times Seen520 Hash f8ecd4d7fd8da5baf55337d6790e0fac d6e502a27fe637b7f06df2d4ca39670e0a5c4bc0 5ab917714cb496bdba1ad47213a9aabd9147bba19c7eff0ddf7e46b4aa1ec1e7 Loading...

	www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144	12 kB	2023-03-07	2024-05-04
Pretty URL www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144 IP 104.18.21.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 18:19:22 Times Seen343 Hash 95467c965832dc00267d2a325d82c001 29bf7b62fa29d3ecbde481d61b756367dddfec5d a1c95b6fb809e633322e011fe013c565faeb61264527ce028d53387fba3b4924 Loading...

	neogenesiseng.com/wp-admin/aa/	423 B	2023-03-07	2024-05-04
Pretty URL neogenesiseng.com/wp-admin/aa/ IP 108.179.234.135 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 07:57:21 Times Seen211 Hash 8a09c565a275efe2ce5842ab478db31e 99b6847a2eb4bbda95e8e012628c0d7c0f616124 906d76ac0dcec17f85e4b663f14d199e7ddd704bbf3c30cd01b7e766db0ef2e7 Loading...

	www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c	252 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-VEFCZRQMG4&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:59:49 Last Seen2023-03-29 21:59:49 Times Seen1 Hash 7eca84118d02f521045fd124bda9d9ca ac75b54013e088d25670f9d777c366e16baba03d 845641232e50aa6c1701179b9e0bc965fd0a50884cce72e834d3abe7b80398f4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 8c6111627570105b72c66ae4a136ad6c	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8c6111627570105b72c66ae4a136ad6c 6b7122f256493ff4b4288c01b1766b772797be96 e1ecbf397014aadd393ea098a3d9c9e4f2e75fc8d2466ee3823302b0855e3afd Loading...

	#2 Eval - 5f06f61cf6ac55db29f1bfd302257331	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 5f06f61cf6ac55db29f1bfd302257331 78de01e817370cb8310801e2f66be0d33099f82c 7d700ca9f03f467b4a3f58a598871f71c4bc8ae368b6a986e41b3e6584670165 Loading...

	#3 Eval - 4d12a11d93617efa27441f47869d156d	401 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2024-05-04 19:26:17 Times Seen640 Hash 4d12a11d93617efa27441f47869d156d 70dd822485874fe16f334468bfffe5dad153abbd 91c16639d04eaf68a0a87c022519be74068014b8ace744930ec7727afa2fa41d Loading...

	#4 Eval - 8e535fdc93d8214dc44f3555fb9b7430	232 B	2023-03-07	2023-06-26
Pretty Observations First Seen2023-03-07 12:02:41 Last Seen2023-06-26 03:19:43 Times Seen99 Hash 8e535fdc93d8214dc44f3555fb9b7430 656c3b48682e3158985a8c4101ebe29158ec0e79 deaf1dce980857d82e49407063fc48aad4b2fb87e45f46b4c81aaf02fff1075a Loading...

HTTP Transactions (68)

URL IP Response Size

neogenesiseng.com/wp-admin/aa/

108.179.234.135

200 OK

5.8 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4278), with CRLF line terminators
Size
5.8 kB (5786 bytes)
Hash
3a21a349051115675eaa982f7fc4c059
960a0db04b6f3d70f3d7a9132398fc6ec3d24fbe
c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677

Detections

Analyzer	Verdict	Alert
openphish	Made-In-China
fortinet	Phishing

NIDS	Severity	Alert
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template
suricata	medium	ET PHISHING Generic Multibrand NewInjection Phishing Landing Template

HTTP Headers

GET /wp-admin/aa/ HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:32 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5786
Keep-Alive: timeout=5, max=75
Content-Type: text/html

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15016
Expires: Sat, 25 Mar 2023 07:22:48 GMT
Date: Sat, 25 Mar 2023 03:12:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8674
Expires: Sat, 25 Mar 2023 05:37:06 GMT
Date: Sat, 25 Mar 2023 03:12:32 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15658
Expires: Sat, 25 Mar 2023 07:33:30 GMT
Date: Sat, 25 Mar 2023 03:12:32 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 02:27:42 GMT
content-type: application/json
age: 2690
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 3stPtKMrLUtqUy6bko+zOAfBluj4JDQR3n+8Vsp0GagV4ZDKzSx73Mg0QQPY76v2ZBDnNFY4ZzI=
x-amz-request-id: VGT9VXZARHJX5TQN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 03:00:37 GMT
age: 715
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 03:12:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

neogenesiseng.com/wp-admin/aa/js/jquery.min.js

108.179.234.135

200 OK

38 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/jquery.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32065), with CRLF line terminators
Size
38 kB (37628 bytes)
Hash
15aa33acf64e9fcb93cd2933db9451c5
fdca37a907839e7d81e649fd93066f9e26637465
ed29fffb1ad8118091042582ed229e78ea1ca08dbe4e36cca68287198ee81d88

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/jquery.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:32 GMT
Server: Apache
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

neogenesiseng.com/wp-admin/aa/js/jquery-3.3.1.js

108.179.234.135

200 OK

8.6 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/jquery-3.3.1.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators
Size
8.6 kB (8630 bytes)
Hash
f147c47f24cea57ba71b885e54d15468
2beab8e912354f4c5e0d009045fb6a46dfc2b8d2
41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/jquery-3.3.1.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8630
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript

neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js

108.179.234.135

404 Not Found

899 B

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
899 B (899 bytes)
Hash
014976a46b47f38d1a9a268b81e56da5
019205edfdb777b04f0a988c2b002a9a172b7d99
c87fdd21fd16e6c517edabc01623c57fa8e190f17dc497e986e866dda4b03195

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 404 Not Found
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 899
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

neogenesiseng.com/wp-admin/aa/js/popper.min.js

108.179.234.135

404 Not Found

899 B

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/popper.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
899 B (899 bytes)
Hash
014976a46b47f38d1a9a268b81e56da5
019205edfdb777b04f0a988c2b002a9a172b7d99
c87fdd21fd16e6c517edabc01623c57fa8e190f17dc497e986e866dda4b03195

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/popper.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 404 Not Found
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 899
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

neogenesiseng.com/wp-admin/aa/js/jquery-3.1.1.min.js

108.179.234.135

200 OK

38 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/jquery-3.1.1.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (32030), with CRLF line terminators
Size
38 kB (38022 bytes)
Hash
badf582b3b399edb5ce83e72bc6c543a
f38c438b00eb41f5a682165576bce926ed3f1dc8
3d83af41c2953381c47b80a0b51182dabeab6a969c82ef054f7b3a2c0bbd40f5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/jquery-3.1.1.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript

neogenesiseng.com/wp-admin/aa/css/logon_40922b23.css

108.179.234.135

200 OK

30 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/css/logon_40922b23.css
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30286 bytes)
Hash
4cda19ddb793f10c045ff7682ec4a769
d2737742c0c64252ba917929feaacd1f594e682a
aba89caf5020496db187e5464fc86b288379f72867bd1734a67aa0db3b11c2f4

HTTP Headers

GET /wp-admin/aa/css/logon_40922b23.css HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 02:17:24 GMT
age: 3309
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

neogenesiseng.com/wp-admin/aa/images/sign-default-buyer.jpg

108.179.234.135

200 OK

59 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/images/sign-default-buyer.jpg
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Size
59 kB (59332 bytes)
Hash
aad747a416ac43e97070741668013b7d
545d66347ffafc166225f72072fb915ae52b970e
844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3

HTTP Headers

GET /wp-admin/aa/images/sign-default-buyer.jpg HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Content-Length: 59332
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/jpeg

neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js

108.179.234.135

404 Not Found

899 B

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/jquery-3.2.1.slim.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
899 B (899 bytes)
Hash
014976a46b47f38d1a9a268b81e56da5
019205edfdb777b04f0a988c2b002a9a172b7d99
c87fdd21fd16e6c517edabc01623c57fa8e190f17dc497e986e866dda4b03195

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 404 Not Found
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 899
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2

104.18.21.229

200 OK

4.6 kB

URL HTTP/2
www.micstatic.com/common/img/logo-2019/logo_d0822075.png?v=2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 257 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4621 bytes)
Hash
b173e18fb61eb3d489bfad3b2ea570fe
71703d796c502703619ec696e447c937f700b605
488ea251bdaf29ab45c94699fef89ad3368bfef0c0f24b671dcbefd4e474679d

HTTP Headers

GET /common/img/logo-2019/logo_d0822075.png?v=2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: image/png
content-length: 4621
last-modified: Wed, 16 Jun 2021 11:14:07 GMT
etag: "60c9dcff-120d"
expires: Tue, 22 Mar 2033 03:12:33 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
age: 222555
accept-ranges: bytes
set-cookie: __cf_bm=fHugtiiIqZ9X8RiJEfyq_iIofZpK8__vFG3k3itmllQ-1679713953-0-ASRJ3OSV3OuAKg9mbC+bklnAxsr36j5p4uheF3yIi9SPwqGdThcOPdlmtkCpfabvEBnhnPFT+/0E/afzc6GoUPg=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad3f911d9d80b45-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2

104.18.21.229

200 OK

20 kB

URL HTTP/2
www.micstatic.com/common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 19832, version 2.8978\012- data
Size
20 kB (19832 bytes)
Hash
ed2022705048507e5995ee72717e7fd4
570864c3bccc3e0e203fdd67be3cf850387faefb
e7f4f778ddb41b7be2d20810bb560acee79da55ed5d3eeac12f2bb8948f4453a

HTTP Headers

GET /common/font/Roboto/400-regular/Roboto-Regular_c0bdb222.woff2 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neogenesiseng.com
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: font/woff2
content-length: 19832
last-modified: Wed, 16 Jun 2021 11:14:08 GMT
etag: "60c9dd00-4d78"
expires: Tue, 22 Mar 2033 03:12:33 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=IucQXb585rPMwKbHvPMoyrtc6dqOsJlVgH5hkQcWfjI-1679713953-0-AavN9Zhd1xwtYQQNKyGWlQDuJGjhI8oRyb+lLlGsuiOBURQsLtAREYfiSloruKe91ssLbrFU1v5+QduKrlGiVg0=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad3f911d9020b65-OSL
X-Firefox-Spdy: h2

www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103

104.18.21.229

200 OK

26 kB

URL HTTP/2
www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data
Size
26 kB (25720 bytes)
Hash
90c821175fe52b5e89497d4249dce3b6
0bbacc3050dcf88f37fd6042a6719f83ba6ad83a
18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3

HTTP Headers

GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://neogenesiseng.com
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: font/woff2
content-length: 25720
last-modified: Tue, 07 Jun 2022 11:17:37 GMT
etag: "629f33d1-6478"
expires: Tue, 22 Mar 2033 03:12:33 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=OtqnNsmlYPDfcyxjunOh520am22R7szjj67azJqPido-1679713953-0-AQAHElS0CnNi2TRglN/F565bEhISDTUYhqGUOXijhHF7HGOwVGPel/jYfgTQJV5EhjLXnxsgEyJ/dRIyks9R1bs=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.micstatic.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad3f911d9030b65-OSL
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
70300b32357c46f3448d567189b64cb3
6ba66a5cf63cdbfeaec59b936151cc812bac56df
5a2b4f9fc5ebaa8062058bf68eae75fc28e06c6ef6a0e79c3c761c1d92f81cb9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5A2B4F9FC5EBAA8062058BF68EAE75FC28E06C6EF6A0E79C3C761C1D92F81CB9"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16185
Expires: Sat, 25 Mar 2023 07:42:18 GMT
Date: Sat, 25 Mar 2023 03:12:33 GMT
Connection: keep-alive

neogenesiseng.com/wp-admin/aa/js/popper.min.js

108.179.234.135

404 Not Found

899 B

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/js/popper.min.js
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
899 B (899 bytes)
Hash
014976a46b47f38d1a9a268b81e56da5
019205edfdb777b04f0a988c2b002a9a172b7d99
c87fdd21fd16e6c517edabc01623c57fa8e190f17dc497e986e866dda4b03195

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-admin/aa/js/popper.min.js HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 404 Not Found
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 899
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144

104.18.21.229

200 OK

4.9 kB

URL HTTP/1.1
www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (12263)
Size
4.9 kB (4919 bytes)
Hash
c39de83ef51f8d1e60801ba805a75280
1e1306b6f18bffcd2e6b22067c6f5013d63b331c
d4eee3d5d7c0c0bc4aef62661633e75c06664f39dd7961ff485a4196e5ce893d

HTTP Headers

GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 10 Sep 2021 13:44:55 GMT
ETag: W/"613b6157-3042"
Expires: Tue, 22 Mar 2033 03:12:33 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?0
Content-Encoding: gzip
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=zf4rNryJRwi6Q2Dm26LTbfxR4PaSJZPXdyS63zjQ8vs-1679713953-0-AZ6o+atHt95+FEpgZAzoiiwoxiDw03QnE87VLLRH+JMyAYFglT9sa1+hahtpc/7XWBhxSD9yX+y9vLyyjQpztH8=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad3f912ec2d0b51-OSL

neogenesiseng.com/wp-admin/aa/images/favicon.ico

108.179.234.135

200 OK

4.3 kB

URL HTTP/1.1
neogenesiseng.com/wp-admin/aa/images/favicon.ico
IP
108.179.234.135:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
db52c84bd7417fdc629f75300e5ce80c
ce8036fbd7714ce312034d7702fd2904a39bf6c1
85c7cda25b4a324b82f4e0efd6ae2eee4d606b9552c24a47eab44155f4d620c7

HTTP Headers

GET /wp-admin/aa/images/favicon.ico HTTP/1.1
Host: neogenesiseng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/wp-admin/aa/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Server: Apache
Last-Modified: Wed, 22 Mar 2023 01:29:11 GMT
Accept-Ranges: bytes
Content-Length: 4286
Cache-Control: max-age=604800
Expires: Sat, 01 Apr 2023 03:12:33 GMT
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/x-icon

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.10.207

200 OK

14 kB

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (50758)
Size
14 kB (14464 bytes)
Hash
5f3a91c8acb6361aa365053d15c1dfd1
030b19f760e26a4ec66875fb69bbc93ee3d1ab31
6791d9e56ca61f265410ab2eb26506a125091d45e4eb28aec84d49f118cd5c5e

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 22757801
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ad3f90e3f97b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144

104.18.20.229

200 OK

15 kB

URL HTTP/1.1
pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144
IP
104.18.20.229:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (38008)
Size
15 kB (14667 bytes)
Hash
fc3a19a27665ea5ebfb1edde986f2e56
0b8453826df118834dce32cfef24cdc7696bc5b0
d6e3a99f9177b802d6a2f9fd046b4d58b8c66aa18876afe3267564bc3bbfa4a6

HTTP Headers

GET /gb/js/assets/probe/probe.min.js?r=1634120031144 HTTP/1.1
Host: pylon.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 07:16:33 GMT
ETag: W/"6412c251-9497"
test: mic_test
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 103430
Expires: Sat, 25 Mar 2023 07:12:33 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=lNilJww52Xmkspqe53MA_CahVcCojm21bMbEdxsMDhQ-1679713953-0-AUjclNPxiiwvch0MOplhiIV1RL4w2kxLSh0GfVrNgq9BMpUNJeTZ2oi8zu62+OxSQekwrIFBPRZb/GKLQfINY60=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad3f9142ab80b45-OSL

www.made-in-china.com/faw-store.html

104.18.30.240

301 Moved Permanently

178 B

URL HTTP/1.1
www.made-in-china.com/faw-store.html
IP
104.18.30.240:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 25 Mar 2023 03:12:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.made-in-china.com/faw-store.html
Timing-Allow-Origin: *
Origin-Agent-Cluster: ?0
CF-Cache-Status: HIT
Expires: Sat, 25 Mar 2023 07:12:33 GMT
Cache-Control: public, max-age=14400
Set-Cookie: __cf_bm=wFJVR11KmJi942M0XpyIec2LNuxlnqx7gDLFM2zOAgQ-1679713953-0-AQsJzBEJpm7CmyF66jYkESW6YQ0DOEszUHbyQ9UqtECZ2qtHOkJu3hSObJtLRqjhwCkr+36EsuG0xwcisJWvQP8=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.made-in-china.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad3f9142e39b51d-OSL

www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144

104.18.21.229

200 OK

28 kB

URL HTTP/1.1
www.micstatic.com/common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (63558), with no line terminators
Size
28 kB (28025 bytes)
Hash
435743edf0763266dc81342587030ffe
9f7ee8fd696b0f5b1789e8d637d24c380d7a1deb
99e961a017508f68db747ee5cf7e92b427b078be60771eb3eec5f4f35c858eb1

HTTP Headers

GET /common/js/libs/sensors/sensorsdata.min-1.15.13_faw.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 09:19:47 GMT
ETag: W/"612f45b3-1461f"
Expires: Tue, 22 Mar 2033 03:12:34 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?0
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 103431
Set-Cookie: __cf_bm=XA3zTfmibdgQ5YfiT3jQQcFDa_WjyDQxWsLOSeRqxb4-1679713954-0-AYRqwDjygdyhqqowtRBqCvBcOaiG7hPodX+5WzOFzu7P7Rq7B0OL3FY2getUqELWfZhusCVImwqAvM8eGR9DafQ=; path=/; expires=Sat, 25-Mar-23 03:42:34 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad3f914bcb50b51-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144

142.250.74.168

200 OK

88 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (38615)
Size
88 kB (88086 bytes)
Hash
5f24f52cec549b1810668a4b6a0fb03e
2c040b4d9d6abb292fbc07712fe625e5dcd91fdf
16688874b9af29777ae9e4d9cf07b2a8060c9212f587ed1e95c988c8d0b73c62

HTTP Headers

GET /gtm.js?id=GTM-T39J99&r=1634120031144 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Mar 2023 03:12:34 GMT
expires: Sat, 25 Mar 2023 03:12:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88086
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144

104.18.21.229

200 OK

9.5 kB

URL HTTP/1.1
www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
IP
104.18.21.229:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (42866)
Size
9.5 kB (9504 bytes)
Hash
4d6ce72ad9695254146290e6cedfa7b4
7111482b0f4386dcf9fef4cdbfe23deabcdc3094
5785808818423e9b15a9284c925cd8484e604709808d875a4dd1e1ea7bce4387

HTTP Headers

GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 03:12:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 Nov 2021 07:38:32 GMT
ETag: W/"61975478-a860"
Expires: Tue, 22 Mar 2033 03:12:34 GMT
Cache-Control: public, max-age=315360000
Access-Control-Allow-Origin: *
Origin-Agent-Cluster: ?0
Content-Encoding: gzip
CF-Cache-Status: HIT
Set-Cookie: __cf_bm=OZbqy6LL3dnUnYZMiwbPRDwiYtnR4GgXSbqEVu4cVTU-1679713954-0-AbS70u5rTRz2+k+t0KxYtqyyIGpGcgE3NPKvYhL3DqAT4KlviEZCMF4nB70pqG6wg6vkU7wFzklv4bKS3FxrMHU=; path=/; expires=Sat, 25-Mar-23 03:42:34 GMT; domain=.micstatic.com; HttpOnly; SameSite=None
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ad3f9160d1a0b51-OSL

bat.bing.com/bat.js

13.107.21.200

200 OK

12 kB

URL HTTP/2
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Size
12 kB (11894 bytes)
Hash
04651bf0c51742f9007b1ae2b4486dee
6ffc71fcb5db1cf0283b60150a62f2c219ac3dbd
5d7392c44731e52810337eb1a3eb3ae1ffab31b8f8d55daba20d658701604666

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11894
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4F418E87DBE4D53BE0C8DE51745C799 Ref B: OSL30EDGE0220 Ref C: 2023-03-25T03:12:34Z
date: Sat, 25 Mar 2023 03:12:34 GMT
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.142

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 25 Mar 2023 02:05:11 GMT
expires: Sat, 25 Mar 2023 04:05:11 GMT
cache-control: public, max-age=7200
age: 4043
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1265
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Etag: "641d1809-1d7"
Last-Modified: Sat, 25 Mar 2023 02:51:29 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%223%22%2Cc%3A%22137%22%2Cd%3A%2217%22%2Ce%3A%22140%22%2Cf%3A%224%22%2Cst%3A%22-1%22%2Cg%3A%221028%22%2Ch%3A%221454%22%2Ci%3A%221469%22%2Cj%3A%22-1%22%2Cl%3A%2221%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221102%22%2Cm%3A%220%22%2Ck%3A%221720%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D

104.18.25.206

204 No Content

0 B

URL HTTP/1.1
fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%223%22%2Cc%3A%22137%22%2Cd%3A%2217%22%2Ce%3A%22140%22%2Cf%3A%224%22%2Cst%3A%22-1%22%2Cg%3A%221028%22%2Ch%3A%221454%22%2Ci%3A%221469%22%2Cj%3A%22-1%22%2Cl%3A%2221%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221102%22%2Cm%3A%220%22%2Ck%3A%221720%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%22105.0%22%2Con%3A%22Windows%22%2Cov%3A%2210%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%223%22%2Cc%3A%22137%22%2Cd%3A%2217%22%2Ce%3A%22140%22%2Cf%3A%224%22%2Cst%3A%22-1%22%2Cg%3A%221028%22%2Ch%3A%221454%22%2Ci%3A%221469%22%2Cj%3A%22-1%22%2Cl%3A%2221%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221102%22%2Cm%3A%220%22%2Ck%3A%221720%22%2Cp%3A%220%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 204 No Content
Date: Sat, 25 Mar 2023 03:12:34 GMT
Connection: keep-alive
Timing-Allow-Origin: *, *
Origin-Agent-Cluster: ?0, ?0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad3f9194cd5b50f-OSL

googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1679713966276&cv=11&fst=1679713966276&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=234482785.1679713966&rfmt=3&fmt=4

142.250.74.66

200 OK

1.3 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1679713966276&cv=11&fst=1679713966276&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=234482785.1679713966&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2614), with no line terminators
Size
1.3 kB (1256 bytes)
Hash
714fd541c915b6145aa0f17bbbfef67a
3c4f41acabdfa415c2724b4888fdf2bf9cd99e51
2de6f237632f7266471a8891b25ff6eb781d4e6736905086cb7b7b542f84bdb6

HTTP Headers

GET /pagead/viewthroughconversion/731984560/?random=1679713966276&cv=11&fst=1679713966276&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&hn=www.googleadservices.com&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&auid=234482785.1679713966&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 03:12:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1256
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 25-Mar-2023 03:27:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.205.11

200 OK

28 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.205.11:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64347)
Size
28 kB (27907 bytes)
Hash
7fc8bce5d342b4898e6c82cc61313763
4aa4da15b55d59fc1a3a640a443cbde675d5e407
e456006ad9bc83651e868be3c53fa3fe93247a23b4fedf3b8c836fdf2c0c7de2

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: FYlNFH7noogkETq7hfC7xT6CWDsX033TcltVsjDevzRztdkiq6j8Mw/NoFDpqqj/FQWo7ATXuyToWnb2wFH2uw==
content-length: 27907
x-fb-trip-id: 1679558926
date: Sat, 25 Mar 2023 03:12:34 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1&z=1373732005

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1&z=1373732005
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1&z=1373732005 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 03:12:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e9709c5b359505700458d5e8a9ff2ad8
fddde5b378dba0f5efe406ebc5a1ffeb35ddeeae
1c86ea5bca04e726d60b3868f71151ddbaba02b129e2ea38699d5c03f19b0898

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1208
Cache-Control: max-age=88351
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Etag: "641d1809-1d7"
Expires: Sun, 26 Mar 2023 03:45:05 GMT
Last-Modified: Fri, 24 Mar 2023 03:24:57 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je33m0&_p=1583429817&_gaz=1&cid=332584177.1679713966&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1679713966&sct=1&seg=0&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=neogenesiseng.com&ep.page_URL=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je33m0&_p=1583429817&_gaz=1&cid=332584177.1679713966&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1679713966&sct=1&seg=0&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=neogenesiseng.com&ep.page_URL=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&gtm=45je33m0&_p=1583429817&_gaz=1&cid=332584177.1679713966&ul=en-us&sr=1280x1024&_eu=BA&_s=1&sid=1679713966&sct=1&seg=0&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_ss=1&ep.Page_Hostname=neogenesiseng.com&ep.page_URL=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neogenesiseng.com
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://neogenesiseng.com
date: Sat, 25 Mar 2023 03:12:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1

74.125.205.156

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1
IP
74.125.205.156:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-VEFCZRQMG4&cid=332584177.1679713966&gtm=45je33m0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neogenesiseng.com
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://neogenesiseng.com
date: Sat, 25 Mar 2023 03:12:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Sat, 25 Mar 2023 05:23:22 GMT
Date: Sat, 25 Mar 2023 03:12:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Sat, 25 Mar 2023 05:23:22 GMT
Date: Sat, 25 Mar 2023 03:12:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Sat, 25 Mar 2023 05:23:22 GMT
Date: Sat, 25 Mar 2023 03:12:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7847
Expires: Sat, 25 Mar 2023 05:23:22 GMT
Date: Sat, 25 Mar 2023 03:12:35 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9ba4de6-98de-4bbb-8cee-1e9406df15a7.jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9ba4de6-98de-4bbb-8cee-1e9406df15a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13966 bytes)
Hash
2bd487b862ec91320ede1a5c1baaa622
a8d3459c0e8da97377572f535ab66edac7aa864b
15f2c6582922c0924062cb3c8b9f4cfa8707141369a7a5202c1a3656c16077ec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9ba4de6-98de-4bbb-8cee-1e9406df15a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13966
x-amzn-requestid: 76c8e3c8-5d75-4e31-95b9-cb2bb007105e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK9SEG3KoAMFsQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa8d9-6f6c7c9e762f902705821c1a;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:06:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y2ApHwpvFUTMc_kEhje_SXgUJUNShd77At-BqIqPC4-4xcDZ5AJDnQ==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:20:42 GMT
age: 71513
etag: "a8d3459c0e8da97377572f535ab66edac7aa864b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 19722
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644f61ad-59fd-4171-83b9-7bcc66bb6067.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (15418 bytes)
Hash
4fde777f6873c8532e6d5b8f1eadab56
5df18e308fe21cb5466d839d52a63a92b51d0ff4
ab805e2ce663c4df10af28ee58e6bdcd0618e602971cc5fdb841d865d824e858

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F644f61ad-59fd-4171-83b9-7bcc66bb6067.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15418
x-amzn-requestid: 8341421b-a004-404b-be63-837e3e093fda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzHu1oAMFWZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-36bcecd1567f6180628b621e;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: nJLIxder3QMBDbb05YsfWzHPpaZgy5EmBALQfCxncPQzcLfUJLyQIQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:49:32 GMT
age: 19383
etag: "5df18e308fe21cb5466d839d52a63a92b51d0ff4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5556 bytes)
Hash
c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: U1WnpJASpWxPY-8kq-3g3_dKqm5l6UqhA0xUYijO5FDLGAxI2mLthg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 05:35:57 GMT
age: 77798
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90f7f42d-55b4-48d6-ac0f-68faec7bcf42.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12343 bytes)
Hash
73239f51990f06eec0446b0a32b00dc3
75cd874c3d30f9521452930b0c1838d541eb98ae
1c61e1fc2f4d9f882a11fe0def8fd2cd50c4cd84be49dd3079d10b28f7ebee43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90f7f42d-55b4-48d6-ac0f-68faec7bcf42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12343
x-amzn-requestid: 6b20e5bb-1756-41d2-b0b6-7577ebaa51cc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CORNuH7ooAMFpRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfbf1-7f3ea6577546a7f476d52484;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:12:49 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: bAOnEw8ootShXo5zoMdVJ2b9IDVTrBMjT6a_4NpMNePMAfK11iajIQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:17:50 GMT
age: 71685
etag: "75cd874c3d30f9521452930b0c1838d541eb98ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6af5ce8-4a1c-4312-80cc-4e2d0c3e1022.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4109 bytes)
Hash
e1dae6c76e813109286aed4725146c48
697a101206278be31fb865d20c8f299f03d382ea
d60cedbd4a136e6b302891797be6bd3fc07c337d277389122276c0e73f9ac55d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6af5ce8-4a1c-4312-80cc-4e2d0c3e1022.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4109
x-amzn-requestid: a1c43a0f-9d85-4dbf-a02f-3db49128f2f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiu1EtXoAMFclA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-31d9d3297a1fbee74d59a136;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 7-sRZ7fQcy8Kc2gx_5v0XrzNR8-JrgKQfhwNtkDYYO__liI-0WAlMw==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:46:49 GMT
age: 19546
etag: "697a101206278be31fb865d20c8f299f03d382ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIiwiJHVybF9wYXRoIjoiL3dwLWFkbWluL2FhLyIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODcxNmMxMTgxM2M0LTAzMTk2MTgxYjE2Njc1OC1jNTA1NDI1LTEzMTA3MjAtMTg3MTZjMTE4MTQyNjYiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6ODQ5OTM2MTEzfQ%3D%3D&ext=crc%3D1678105192

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIiwiJHVybF9wYXRoIjoiL3dwLWFkbWluL2FhLyIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODcxNmMxMTgxM2M0LTAzMTk2MTgxYjE2Njc1OC1jNTA1NDI1LTEzMTA3MjAtMTg3MTZjMTE4MTQyNjYiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6ODQ5OTM2MTEzfQ%3D%3D&ext=crc%3D1678105192
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRyZWZlcnJlciI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIiwiJHVybF9wYXRoIjoiL3dwLWFkbWluL2FhLyIsIiR0aXRsZSI6Ik1lc3NhZ2VzIHwgTWFkZSBsbiBDaGxuYSIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRpc19maXJzdF90aW1lIjp0cnVlLCIkcmVmZXJyZXJfaG9zdCI6IiIsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiJ9LCJhbm9ueW1vdXNfaWQiOiIxODcxNmMxMTgxM2M0LTAzMTk2MTgxYjE2Njc1OC1jNTA1NDI1LTEzMTA3MjAtMTg3MTZjMTE4MTQyNjYiLCJ0eXBlIjoidHJhY2siLCJldmVudCI6IiRwYWdldmlldyIsIl90cmFja19pZCI6ODQ5OTM2MTEzfQ%3D%3D&ext=crc%3D1678105192 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Cookie: __cf_bm=fHugtiiIqZ9X8RiJEfyq_iIofZpK8__vFG3k3itmllQ-1679713953-0-ASRJ3OSV3OuAKg9mbC+bklnAxsr36j5p4uheF3yIi9SPwqGdThcOPdlmtkCpfabvEBnhnPFT+/0E/afzc6GoUPg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad3f9197c55b4f3-OSL
X-Firefox-Spdy: h2

fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIn0sImFub255bW91c19pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiZm9ybUFjdGlvbiIsIl90cmFja19pZCI6NzEzMTY2MTE3fQ%3D%3D&ext=crc%3D2130871521

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIn0sImFub255bW91c19pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiZm9ybUFjdGlvbiIsIl90cmFja19pZCI6NzEzMTY2MTE3fQ%3D%3D&ext=crc%3D2130871521
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJHRpbWV6b25lX29mZnNldCI6MCwiJHNjcmVlbl9oZWlnaHQiOjEwMjQsIiRzY3JlZW5fd2lkdGgiOjEyODAsIiRsaWIiOiJqcyIsIiRsaWJfdmVyc2lvbiI6IjEuMTUuMTMiLCIkbGF0ZXN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkbGF0ZXN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIiwiJGxhdGVzdF9yZWZlcnJlciI6IiIsInB2X2lkIjoiMWdzYmMyNW42NmEwIiwicGxhdGZvcm1fdHlwZSI6IjEiLCJsYW5ndWFnZSI6IjEiLCJsb2dpbl9pZCI6IiIsIiRpc19maXJzdF9kYXkiOnRydWUsIiRsYXRlc3RfcmVmZXJyZXJfaG9zdCI6IiIsIiR1cmwiOiJodHRwOi8vbmVvZ2VuZXNpc2VuZy5jb20vd3AtYWRtaW4vYWEvIn0sImFub255bW91c19pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiZm9ybUFjdGlvbiIsIl90cmFja19pZCI6NzEzMTY2MTE3fQ%3D%3D&ext=crc%3D2130871521 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Cookie: __cf_bm=fHugtiiIqZ9X8RiJEfyq_iIofZpK8__vFG3k3itmllQ-1679713953-0-ASRJ3OSV3OuAKg9mbC+bklnAxsr36j5p4uheF3yIi9SPwqGdThcOPdlmtkCpfabvEBnhnPFT+/0E/afzc6GoUPg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad3f9197c57b4f3-OSL
X-Firefox-Spdy: h2

104.18.25.206

200 OK

43 B

URL HTTP/2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAzLTI1IDAzOjEyOjQ2LjEwOCIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg3MTZjMTE4MTNjNC0wMzE5NjE4MWIxNjY3NTgtYzUwNTQyNS0xMzEwNzIwLTE4NzE2YzExODE0MjY2IiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjQ0ODA2NjExMH0%3D&ext=crc%3D1598155300
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4NzE2YzExODEzYzQtMDMxOTYxODFiMTY2NzU4LWM1MDU0MjUtMTMxMDcyMC0xODcxNmMxMTgxNDI2NiIsImxpYiI6eyIkbGliIjoianMiLCIkbGliX21ldGhvZCI6ImNvZGUiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIn0sInByb3BlcnRpZXMiOnsiJGZpcnN0X3Zpc2l0X3RpbWUiOiIyMDIzLTAzLTI1IDAzOjEyOjQ2LjEwOCIsIiRmaXJzdF9yZWZlcnJlciI6IiIsIiRmaXJzdF9icm93c2VyX2xhbmd1YWdlIjoiZW4tVVMiLCIkZmlyc3RfYnJvd3Nlcl9jaGFyc2V0IjoiR0JLIiwiJGZpcnN0X3RyYWZmaWNfc291cmNlX3R5cGUiOiLpkKnlrZjluLTlqLTkvoDlmboiLCIkZmlyc3Rfc2VhcmNoX2tleXdvcmQiOiLpj4jugYTlvYfpjZLmnb%2Figqzns63pkKnlrZjluLTpjrXmkrPntJEifSwiYW5vbnltb3VzX2lkIjoiMTg3MTZjMTE4MTNjNC0wMzE5NjE4MWIxNjY3NTgtYzUwNTQyNS0xMzEwNzIwLTE4NzE2YzExODE0MjY2IiwidHlwZSI6InByb2ZpbGVfc2V0X29uY2UiLCJfdHJhY2tfaWQiOjQ0ODA2NjExMH0%3D&ext=crc%3D1598155300 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Cookie: __cf_bm=fHugtiiIqZ9X8RiJEfyq_iIofZpK8__vFG3k3itmllQ-1679713953-0-ASRJ3OSV3OuAKg9mbC+bklnAxsr36j5p4uheF3yIi9SPwqGdThcOPdlmtkCpfabvEBnhnPFT+/0E/afzc6GoUPg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:35 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
origin-agent-cluster: ?0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ad3f9198c63b4f3-OSL
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=bcafd144-742b-477b-9d2b-fc83be6c5653&sid=eaaf5d20caba11eda01315a72199e2da&vid=eaaf9180caba11ed809a8fb04755ed91&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&r=&lt=1722&evt=pageLoad&sv=1&rn=242902

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=bcafd144-742b-477b-9d2b-fc83be6c5653&sid=eaaf5d20caba11eda01315a72199e2da&vid=eaaf9180caba11ed809a8fb04755ed91&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&r=&lt=1722&evt=pageLoad&sv=1&rn=242902
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=bcafd144-742b-477b-9d2b-fc83be6c5653&sid=eaaf5d20caba11eda01315a72199e2da&vid=eaaf9180caba11ed809a8fb04755ed91&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&r=&lt=1722&evt=pageLoad&sv=1&rn=242902 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=295FEB8683CA65F902D4F959823F64BB; domain=.bing.com; expires=Thu, 18-Apr-2024 03:12:35 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A574A253FAD94DCE850D9F5F60543A7E Ref B: OSL30EDGE0220 Ref C: 2023-03-25T03:12:35Z
date: Sat, 25 Mar 2023 03:12:34 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b762efe5751eb25cd26ca67ad6dcf22
661f1247ecc842236957d05747967ec4f20835a2
c51c54e54ffc33cc7643bb0a64da2265f93efaf38838351ec0f2a2fe102efa2e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=332584177.1679713966&jid=60336755&_u=YADAAEAAAAAAACAAI~&z=1715547603

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=332584177.1679713966&jid=60336755&_u=YADAAEAAAAAAACAAI~&z=1715547603
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-37452587-1&cid=332584177.1679713966&jid=60336755&_u=YADAAEAAAAAAACAAI~&z=1715547603 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 03:12:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/731984560/?random=1679713966276&cv=11&fst=1679713200000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1036894706&rmt_tld=0&ipr=y

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/731984560/?random=1679713966276&cv=11&fst=1679713200000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1036894706&rmt_tld=0&ipr=y
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/731984560/?random=1679713966276&cv=11&fst=1679713200000&bg=ffffff&guid=ON&async=1&gtm=45He33m0&u_w=1280&u_h=1024&url=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&label=v7ktCOKJmaMBELDlhN0C&frm=0&tiba=Messages%20%7C%20Made%20ln%20Chlna&fmt=3&is_vtc=1&random=1036894706&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 03:12:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

bat.bing.com/p/action/13001299.js

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/13001299.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/13001299.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D0B88B55AA74D249A7CDA9EC74EA22B Ref B: OSL30EDGE0220 Ref C: 2023-03-25T03:12:35Z
date: Sat, 25 Mar 2023 03:12:34 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f0f306ea49f1bd3f358f7579513e7377
c2845c696f6685a211bc040895d28ebf23fa1bc0
cda7588d5040ef3c8e83955838618a0ed0a6ee242d24abf5af697b2289fc8bdb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 03:12:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&rl=&if=false&ts=1679713967890&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679713967889.250873668&it=1679713966907&coo=false&rqm=GET

157.240.205.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&rl=&if=false&ts=1679713967890&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679713967889.250873668&it=1679713966907&coo=false&rqm=GET
IP
157.240.205.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=2037053586588160&ev=PageView&dl=http%3A%2F%2Fneogenesiseng.com%2Fwp-admin%2Faa%2F&rl=&if=false&ts=1679713967890&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679713967889.250873668&it=1679713966907&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 25 Mar 2023 03:12:35 GMT
X-Firefox-Spdy: h2

fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%228929%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D

104.18.25.206

204 No Content

0 B

URL HTTP/1.1
fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%228929%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D
IP
104.18.25.206:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gsbc25tl755%22%2Clinkid%3A%221gsbc25tl755%22%2Curl%3A%22neogenesiseng.com%252Fwp-admin%252Faa%252F%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%228929%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neogenesiseng.com/

HTTP/1.1 204 No Content
Date: Sat, 25 Mar 2023 03:12:41 GMT
Connection: keep-alive
Timing-Allow-Origin: *, *
Origin-Agent-Cluster: ?0, ?0
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad3f9420febb50f-OSL

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neogenesiseng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 22757699
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ad3f90e2f90b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.made-in-china.com/faw-store.html

104.18.30.240

200 OK

0 B

URL HTTP/2
www.made-in-china.com/faw-store.html
IP
104.18.30.240:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neogenesiseng.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 03:12:33 GMT
content-type: text/html
last-modified: Thu, 28 Oct 2021 09:16:24 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 66853
expires: Sat, 25 Mar 2023 07:12:33 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=E4iPzLI1Z3yrEHqlA0ExA8jaLr2Mv.F8WMNSEXXZtzU-1679713953-0-AVWHZYTyM64MV8mXiDwaxqKKsOJP6QdxYz5o/LdZNhwTDf14ZEJuqMB9Kx+n8Etr5qOlB92dnzlJncnO898icUQ=; path=/; expires=Sat, 25-Mar-23 03:42:33 GMT; domain=.made-in-china.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad3f9146d3cb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML