batfordapt.buzz/verify.html
172.67.169.42301 Moved Permanently 0 B URL HTTP/1.1 batfordapt.buzz/verify.html
IP 172.67.169.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /verify.html HTTP/1.1
Host: batfordapt.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 22 Nov 2022 18:35:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 22 Nov 2022 19:35:29 GMT
Location: https://batfordapt.buzz/verify.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNo4C693egfbsWPlDAe5oP7uRJPSNq62j4wijCE%2BlU5vpnmEjS8mseWcr%2BP6%2FdiGyeA8HUIQix20AZP3iSfM0%2FtwWuUdXV7qYPEmRu9MyanpS4b1WP%2FtXrx0LezZn3kz3kk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e3c3e27e040af6-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12491
Expires: Tue, 22 Nov 2022 22:03:40 GMT
Date: Tue, 22 Nov 2022 18:35:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6435
Cache-Control: max-age=150181
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:29 GMT
Etag: "637ca4f3-1d7"
Expires: Thu, 24 Nov 2022 12:18:30 GMT
Last-Modified: Tue, 22 Nov 2022 10:31:15 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12264
Expires: Tue, 22 Nov 2022 21:59:53 GMT
Date: Tue, 22 Nov 2022 18:35:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 18:09:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1570
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5O0a0z/oZ1T5x5qh2iiWmfOgWHl6RotOf7kQ+kcua3xBbCxDB+hQDKgL2IeLBvOV3yxZYAfiWLI=
x-amz-request-id: Z7SA0CK9780X25GV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 17:42:39 GMT
age: 3170
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 18:35:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438a4a95fb99a4b15ad5774879b8f39
64d8c5fe8079c41f704f72e36627b0dc80f8c4ec
82cd4e2237d05350d3e711e56655f3094b81e0831322e172f7f12d7601f7d8e4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "82CD4E2237D05350D3E711E56655F3094B81E0831322E172F7F12D7601F7D8E4"
Last-Modified: Mon, 21 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Wed, 23 Nov 2022 00:34:13 GMT
Date: Tue, 22 Nov 2022 18:35:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 18:08:53 GMT
cache-control: public,max-age=3600
age: 1596
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f438a4a95fb99a4b15ad5774879b8f39
64d8c5fe8079c41f704f72e36627b0dc80f8c4ec
82cd4e2237d05350d3e711e56655f3094b81e0831322e172f7f12d7601f7d8e4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "82CD4E2237D05350D3E711E56655F3094B81E0831322E172F7F12D7601F7D8E4"
Last-Modified: Mon, 21 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Wed, 23 Nov 2022 00:34:13 GMT
Date: Tue, 22 Nov 2022 18:35:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3055
Cache-Control: max-age=141740
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:30 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 09:57:50 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CtacWHZ+sscaIicPlO1j0g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6dsXJiHdyGyCqV002EnyOJBr0rM=
virtualhost.gq/css/css/link-initialize.js
74.208.236.14200 OK 89 kB URL HTTP/2 virtualhost.gq/css/css/link-initialize.js
IP 74.208.236.14:0
File type Unicode text, UTF-8 text, with very long lines (43488), with NEL line terminators
Hash df0bdf8f51774481aeef73c5c15c9100
afc7e976a3b9076b5d9de3ad31dfb6380f72f7d6
65209ef69475b6856a29f6914aa35bc0b2ee975580397006113fc969185acd1f
GET /css/css/link-initialize.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 88626
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "15a32-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/64.css
74.208.236.14200 OK 1.6 kB URL HTTP/2 virtualhost.gq/css/css/64.css
IP 74.208.236.14:0
File type ASCII text, with very long lines (1509)
Hash 5a9f00b1432cb63a95aa32791fab2223
6ff6c7b4abdff771fa83848524453599876a3d4a
b073725f2776f6f73ff3f03ec5e685f0847a6dbbd630c66144f67d01eeb8e4be
GET /css/css/64.css HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 1594
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "63a-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/app.css
74.208.236.14200 OK 477 B URL HTTP/2 virtualhost.gq/css/css/app.css
IP 74.208.236.14:0
File type ASCII text, with very long lines (392)
Hash 226670b47451a148f7ab75cc6fd42139
869a6fbc3e97ace418a3bc6fe66423eaf1f209ff
157ec10a0054c789fc67299eed557baacf137ac80438eec2156edce77587077a
GET /css/css/app.css HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 477
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "1dd-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/chunk-common.css
74.208.236.14200 OK 9.2 kB URL HTTP/2 virtualhost.gq/css/css/chunk-common.css
IP 74.208.236.14:0
File type ASCII text, with very long lines (9112)
Hash ac102b006b2d35d2096fa1c62d7c3248
4a13b5cfde0339575005366b45b3fe3e60ff526f
318f90cb49fa7a96684fb88cc9836311576b17774c663c5caa8580fc090f41f3
GET /css/css/chunk-common.css HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 9197
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "23ed-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/64.js
74.208.236.14200 OK 18 kB URL HTTP/2 virtualhost.gq/css/css/64.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (17443)
Hash f364696a6cf4eceacfa6486c5800fcb9
b49858690b5e2881957648ab6fa57a504f01cf8b
7e53398cb69297b2f9ec5fe0156163714dff5841dcfc0efba121554eeb7d1168
GET /css/css/64.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 17523
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "4473-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/2.css
74.208.236.14200 OK 833 B URL HTTP/2 virtualhost.gq/css/css/2.css
IP 74.208.236.14:0
File type ASCII text, with very long lines (748)
Hash f9c1013d261d2ef075acfce6a151005e
39700b7ca239cf5c69b18ddcca4d510ad89b1e1e
067a5d58e362740c6eefe23905b83b214f98b4dda6a11ef9e27dbf435b75fbb9
GET /css/css/2.css HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 833
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "341-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb526d16fc4a304286cf261dc5d8abea
0aed946d28abc21cb11657e6f864b561a0c68fba
551520b0344d58c1b4ddc9dfb452da2acf43080871a7037f4530eec48fb86362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
virtualhost.gq/css/css/chunk-common.js
74.208.236.14200 OK 190 kB URL HTTP/2 virtualhost.gq/css/css/chunk-common.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (65456)
Size 190 kB (190184 bytes)
Hash 1c0d42aa04a92246054e04cd291be0aa
015bcce104985929d6db366d2391109e3a8d8219
1d5e0cd97de0a83f08deb10a2f5ee0dde3036f8c37ab379b9674b0a40ed82268
GET /css/css/chunk-common.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 190184
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "2e6e8-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/launch-1574d0b03693.js
74.208.236.14200 OK 221 kB URL HTTP/2 virtualhost.gq/css/css/launch-1574d0b03693.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (32755)
Size 221 kB (220661 bytes)
Hash 08057af9cc58f0b0f0332c23a1a0e2f3
e1357a21f024ea2ae6347e72970ca4c21e57b09f
27f4fdf39bb87d0c3255f4785bd1eda6667a5a43b5078c0e8f368fd0abf9ed18
GET /css/css/launch-1574d0b03693.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 220661
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "35df5-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/loadScripts
74.208.236.14200 OK 508 B URL HTTP/2 virtualhost.gq/css/css/loadScripts
IP 74.208.236.14:0
Hash 8aa3bf05b890cde1ee2ddb4ba16f88ae
a3de797c3bdd842640643827ed8b5bda1a4452f2
f09ef29cfdc24b9bdd781f21f867c89890e2e136bea6bece71ecd195a2bcb120
GET /css/css/loadScripts HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 508
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "1fc-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/AppMeasurement_Module_ActivityMap.js
74.208.236.14200 OK 3.3 kB URL HTTP/2 virtualhost.gq/css/css/AppMeasurement_Module_ActivityMap.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (3157)
Hash 8b210658d66894c896047ae490138f1c
0cf1d3e81a40978cea4f33d195ec27fc998623c1
0821bd2158b7c2d4165a43a999f30fdc1dc977c6f216ae950298b0237189c0e2
GET /css/css/AppMeasurement_Module_ActivityMap.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3303
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "ce7-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/AppMeasurement.js
74.208.236.14200 OK 34 kB URL HTTP/2 virtualhost.gq/css/css/AppMeasurement.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (32759)
Hash 4635bffccc756e9a52eae8011adb9137
8c6d308daac07e23764c6dcf2f0d305931dfddb7
92c5b25edbc4647c55be848b92ea22fd4618cc3252a2364025262e18a7430f84
GET /css/css/AppMeasurement.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 33481
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "82c9-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/logo.js
74.208.236.14200 OK 477 B URL HTTP/2 virtualhost.gq/css/css/logo.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (377)
Hash 976b019a3c5c1d5508c581ba2102fce3
5bed49d312e28a89531531a6e5f683e898bb2462
f715fa02011e87023f090ac0cb5a62947ccb6d0079979b2de395354f4fc501b9
GET /css/css/logo.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 477
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "1dd-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/default.css
74.208.236.14200 OK 15 kB URL HTTP/2 virtualhost.gq/css/css/default.css
IP 74.208.236.14:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash d2af66527a7e75ae005e697bea87c4c9
043b571f5a151e56e3c1fdf61d2c718201e989a7
10e46ebcf9fe46baec7cb20be370427d03f5055b8e74fff302b9cdced0a9193e
GET /css/css/default.css HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 14656
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "3940-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/customer.js
74.208.236.14200 OK 1.2 MB URL HTTP/2 virtualhost.gq/css/css/customer.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.2 MB (1217897 bytes)
Hash a01a6989e59cef1ba0bbc89ce05459f7
c4b893a7d53d9963d09f8819c886ca373f6059ed
d55699b5f1b349972378895193b0faad5a8052712a5bd17827e98121ceefc429
GET /css/css/customer.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1217897
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "129569-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/vendor.js
74.208.236.14200 OK 3.0 MB URL HTTP/2 virtualhost.gq/css/css/vendor.js
IP 74.208.236.14:0
File type Unicode text, UTF-8 text, with very long lines (35609)
Size 3.0 MB (2953924 bytes)
Hash 751191f122d79cdd570db6be443d644a
3ab25cb5a9e53a8e3b87278c308f9bac6555c2f1
fb839c1c2ae65576b27adfa94954a154912d84f9948018d980c870f6a20eace0
GET /css/css/vendor.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 2953924
date: Tue, 22 Nov 2022 18:35:30 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "2d12c4-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/app.js
74.208.236.14300 Multiple Choices 545 B URL HTTP/2 virtualhost.gq/css/css/app.js
IP 74.208.236.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash adf1e99961a65bb5599686fd457cbc83
014ed618e399a40389dabaa91086af78ff4358d1
bcf63f2e17a7216308068d85e656617d711c3df87cd61beaa2462799ce90be62
GET /css/css/app.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 300 Multiple Choices
content-type: text/html; charset=iso-8859-1
content-length: 545
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
X-Firefox-Spdy: h2
virtualhost.gq/css/css/config.js
74.208.236.14200 OK 232 B URL HTTP/2 virtualhost.gq/css/css/config.js
IP 74.208.236.14:0
Hash 29590ec73f4bfce61e29a5468c458814
94a57b258cd809da256a945034927d3f1293e6ad
87a894989a7ae45b371f755d7d48825403e168acaf99d9a5c28744674ca73632
GET /css/css/config.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 232
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "e8-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/dcuLogoDark.png
74.208.236.14200 OK 7.7 kB URL HTTP/2 virtualhost.gq/css/css/dcuLogoDark.png
IP 74.208.236.14:0
File type PNG image data, 217 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash ae64e87365d6e6696145c8c53ce3632e
09337bd0289c432bffab6f653297fe2534ad0c68
d1093fceb5f8b35c09e5d3329c8dc55509d7f46096efeea840f6e433212ba45e
GET /css/css/dcuLogoDark.png HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7743
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "1e3f-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/loader_only.js
74.208.236.14200 OK 3.7 kB URL HTTP/2 virtualhost.gq/css/css/loader_only.js
IP 74.208.236.14:0
File type ASCII text, with very long lines (3581)
Hash e8e0c8a702a1ff12788960e004b5d5ed
5b4394cbf655f4cac02de6c4fada70851a58067d
dc8cfe959eee90ba1799f5636ec796672c7cda79a510334bca6e3965be2f2c96
GET /css/css/loader_only.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 3661
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "e4d-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
virtualhost.gq/css/css/static_wdp.htm
74.208.236.14300 Multiple Choices 565 B URL HTTP/2 virtualhost.gq/css/css/static_wdp.htm
IP 74.208.236.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cbd60c590e65c2e9b52c8542d377b899
4b07e85e007df5191dd4b1895eb6a02eec62bf62
aa8576434e3217ce1c7a78c77ed0cd3459fb9678df10afdc60e24f44be336072
GET /css/css/static_wdp.htm HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 300 Multiple Choices
content-type: text/html; charset=iso-8859-1
content-length: 565
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
X-Firefox-Spdy: h2
batfordapt.buzz/verify.html
104.21.95.18200 OK 48 kB URL HTTP/2 batfordapt.buzz/verify.html
IP 104.21.95.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3570), with CRLF line terminators
Hash 2944ca818470a00303eef4facced3f40
2941a62c6bfe20e8292c1bdfebe1bdca64a41a4c
5d6501cd44399c06a1355ddbbeb915a13628c566676e6149fe87b816d7e55fc1
Analyzer Verdict Alert fortinet Phishing
GET /verify.html HTTP/1.1
Host: batfordapt.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:29 GMT
content-type: text/html
last-modified: Tue, 22 Nov 2022 15:06:24 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M8R1tjGxiDb0Uuhv0qlG%2BsyPPMxx1WntR37jo%2F0GIuaZVA%2Fb4ImkDO3Org2HIUXVEQnFqQT8i5eJXWYdgK1ZVTo2FycI2F9NU6OmtNsPjb8KYNc0KS0n%2BuwqipwSH5UIW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e3c3e5bb93b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11428
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11428
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11428
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11428
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11428
Expires: Tue, 22 Nov 2022 21:45:59 GMT
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: keep-alive
virtualhost.gq/css/css/2.js
74.208.236.14200 OK 54 kB URL HTTP/2 virtualhost.gq/css/css/2.js
IP 74.208.236.14:0
File type Unicode text, UTF-8 text, with very long lines (54134)
Hash 96644f9c70a9a6622562762a7bae15f5
d740975b5a20ecb45e7ce38196d435e319e2af37
22ed145c8320f63ca03e9c60b6aa68e9506999ebe775207987624dc238dd4fa6
GET /css/css/2.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 54217
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:30 GMT
etag: "d3c9-5dc929c597e80"
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z_LKFsiB_s81UenxBOVg9_qX_7vBHUZix7XF8YguDCytRn5opLkLRA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:10 GMT
age: 74061
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:26:05 GMT
age: 72566
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9e0f5c07511d0f6ad0f2441db92797d
2dcc6187d7173ce741975ad4ec24435c9dcb0880
3c57bf58bab9d54dd152eb0260a203b1cb201a9e2d960f25a0cea685b539ea04
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e2c726b-e91a-4cf6-95b8-c267e110416c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5342
x-amzn-requestid: e396cea4-ddae-4b88-a73a-ceafb1e11620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0b91EMLoAMFYYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63780d25-7f1187713f288a0c158508ea;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 22:54:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: j7GPHu9Gq8cF2_j3-uXucAzJPSBWsFelX1EWZa_2sEW-Vo7b4WlaFg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:55:58 GMT
age: 74373
etag: "2dcc6187d7173ce741975ad4ec24435c9dcb0880"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:17:57 GMT
age: 37054
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 73965
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ab62c5a7c3296600de924eb0b283bc1
bc4a2dc43898e3fb78ba7301d8b09b280991d221
f2a4c0829a4fb9a585113ed358832d16470ec391035a302a8f3c4666172f02bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d50a0d2-05bc-4c0c-8961-2b8cc49ccc8f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10556
x-amzn-requestid: d2426c6d-5e78-496c-8649-0496a872b380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-Iq0GPVoAMF9bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee45-1ee6dc09394731cc4dbfc38a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eHLf2DFK-3yN5dEG22XItPxRzmODRdThIYJI2oZqDJpgTGQGSQnGzQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:46:07 GMT
age: 74964
etag: "bc4a2dc43898e3fb78ba7301d8b09b280991d221"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
virtualhost.gq/css/css/static_wdp.htm
74.208.236.14300 Multiple Choices 565 B URL HTTP/2 virtualhost.gq/css/css/static_wdp.htm
IP 74.208.236.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cbd60c590e65c2e9b52c8542d377b899
4b07e85e007df5191dd4b1895eb6a02eec62bf62
aa8576434e3217ce1c7a78c77ed0cd3459fb9678df10afdc60e24f44be336072
GET /css/css/static_wdp.htm HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 300 Multiple Choices
content-type: text/html; charset=iso-8859-1
content-length: 565
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 250c38ab40f8f7dfc87403e5af7cc294
928a6a87b523fa9b1fecd43ebdfcb8c5e0e704f5
8b5d5b32f274563352e5109f4434c99e77ca3ff2e7ca30830976024b67ca09b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6251
Cache-Control: max-age=162192
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Etag: "637cd498-1d7"
Expires: Thu, 24 Nov 2022 15:38:43 GMT
Last-Modified: Tue, 22 Nov 2022 13:54:32 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mpsnare.iesnare.com/star
54.228.71.178101 Switching Protocols 0 B IP 54.228.71.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /star HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://batfordapt.buzz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IWZIihOFI8ulxrnrz8ncBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Tue, 22 Nov 2022 18:35:31 GMT
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Accept: owD+7EtqV+WGi6IsYWGcltSfjgA=
Upgrade: WebSocket
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Hash bcf3a3fb620dfbee774f84e2c8e71530
40a79d240acdd7e5a95e165515ac7c0958a37971
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:55:35 GMT
expires: Tue, 21 Nov 2023 21:55:35 GMT
cache-control: public, max-age=31536000
age: 74396
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Hash 8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 08:32:12 GMT
expires: Thu, 16 Nov 2023 08:32:12 GMT
cache-control: public, max-age=31536000
age: 554599
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 7e344afc10a492d516789f072fa6edfd
f38bd0b4e9d0577528f533b8ecd80801a0c6340f
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 21:48:51 GMT
expires: Thu, 16 Nov 2023 21:48:51 GMT
cache-control: public, max-age=31536000
age: 506800
last-modified: Mon, 09 May 2022 18:33:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
23.38.200.237200 OK 1.6 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (3157)
Hash 9b757c8ddda8add3d5d64f334666ea2d
97bf9df06f87f16500c80f45f536dc0269a883f5
f8f4b02295fdbc463dad91d02f03af1b8bd9f5e6c15732845ecb210cab062485
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement_Module_ActivityMap.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "8b210658d66894c896047ae490138f1c:1629320642.068491"
last-modified: Wed, 18 Aug 2021 21:04:02 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1593
expires: Tue, 22 Nov 2022 19:35:31 GMT
date: Tue, 22 Nov 2022 18:35:31 GMT
cache-control: no-cache
access-control-allow-origin: https://batfordapt.buzz
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
23.38.200.237200 OK 12 kB URL HTTP/2 assets.adobedtm.com/extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (32759)
Hash dbf589df4bd831d6548e8954e7556730
2bc550a57481a772c1a419541f1f79741e6cbf37
6abe28734929b843eb071472b578fc8d485465502bb3e4d94f11c589d747eb95
GET /extensions/EP40e3bec801244c59a61bf06eb622a63c/AppMeasurement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "4635bffccc756e9a52eae8011adb9137:1629320641.842128"
last-modified: Wed, 18 Aug 2021 21:04:01 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12188
expires: Tue, 22 Nov 2022 19:35:31 GMT
date: Tue, 22 Nov 2022 18:35:31 GMT
cache-control: no-cache
access-control-allow-origin: https://batfordapt.buzz
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36c40931f200b053661f419c9548c26b
f87e73222e34a158745517f3c60e70754007b710
c73d5254d4cc5b686a91cacf534f7487d8c34025eea21084947a3a11b4efd130
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6000
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:31 GMT
Last-Modified: Tue, 22 Nov 2022 16:55:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
virtualhost.gq/css/css/time.mp3
74.208.236.14206 Partial Content 504 B URL HTTP/2 virtualhost.gq/css/css/time.mp3
IP 74.208.236.14:0
File type MPEG ADTS, layer III, v2.5, 32 kbps, 8 kHz, JntStereo\012- data
Hash e22a3bd8ecec0201b7c87edc17b1355a
5fe017120f66a7b141acb93f23012ad656d92350
cf377a1e870462c4feba4e902b741f44e9bfa9e1f5b3a6acc3f51b95db71ce71
GET /css/css/time.mp3 HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 504
date: Tue, 22 Nov 2022 18:35:31 GMT
server: Apache
last-modified: Thu, 14 Apr 2022 00:45:28 GMT
etag: "1f8-5dc929c3afa00"
accept-ranges: bytes
content-range: bytes 0-503/504
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1669142131579
3.248.130.194200 OK 837 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1669142131579
IP 3.248.130.194:0
File type JSON data\012- , ASCII text, with very long lines (2304), with no line terminators
Hash 6dda3ed094d1e020cdd7d747522fa64d
df87782c5dd947d5ac348382198a1d72e7908549
e118df021f3fb4371cd3d56753ae78fa51a7aee22d8b25ac93c9dcf0825b623d
GET /id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=46051B125B89FACB0A495DD6%40AdobeOrg&d_nsid=0&ts=1669142131579 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://batfordapt.buzz
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-04fb65ba6.edge-irl1.demdex.com 9 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=30947846826831555293653395601749674921; Max-Age=15552000; Expires=Sun, 21 May 2023 18:35:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: b9NllW8qT/g=
Content-Length: 837
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash f385a7b9a73c554640c3420d44f37662
91304ff5b88b1be8ab4c2008d02fe6647b9299bf
892d97f50ba360eea3c7d50bad7aaf0775b51730958a6040357b0d4e216ced40
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 18:35:32 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 18:21:27 GMT
Expires: Wed, 23 Nov 2022 18:21:27 GMT
ETag: "91304ff5b88b1be8ab4c2008d02fe6647b9299bf"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
virtualhost.gq/css/css/app.js
74.208.236.14300 Multiple Choices 545 B URL HTTP/2 virtualhost.gq/css/css/app.js
IP 74.208.236.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash adf1e99961a65bb5599686fd457cbc83
014ed618e399a40389dabaa91086af78ff4358d1
bcf63f2e17a7216308068d85e656617d711c3df87cd61beaa2462799ce90be62
GET /css/css/app.js HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 300 Multiple Choices
content-type: text/html; charset=iso-8859-1
content-length: 545
date: Tue, 22 Nov 2022 18:35:32 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash cfc9a864888db85a02ae9b0dd2adecb6
5219fd5ba6d17e51edd96cc4193ee1480b704d0f
981514aa2d26180a69b6411fcc09b95ab4efc77f357d0b356abf0c1bafe6a1e7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4416
Cache-Control: max-age=107816
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:32 GMT
Etag: "637c075c-13a"
Expires: Thu, 24 Nov 2022 00:32:28 GMT
Last-Modified: Mon, 21 Nov 2022 23:18:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 59560478b41f0e353bae42ab6eefa229
aaf4dc0d9f4b03cf5fa6a17990fd394f95ea7202
8a0e9cec0a61368e9c7d4715cfa24480c7a0b826eb6f4f8a617411c1ad652eb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3442
Cache-Control: max-age=86334
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 18:35:32 GMT
Etag: "637bb740-1d7"
Expires: Wed, 23 Nov 2022 18:34:26 GMT
Last-Modified: Mon, 21 Nov 2022 17:37:04 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=30308188544231329533624891943837218041&ts=1669142131869
13.36.218.177200 OK 2 B URL HTTP/2 digitalfederalcreditunion.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=30308188544231329533624891943837218041&ts=1669142131869
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&mid=30308188544231329533624891943837218041&ts=1669142131869 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://batfordapt.buzz
access-control-allow-credentials: true
date: Tue, 22 Nov 2022 18:35:32 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dcu.demdex.net/dest5.html?d_nsid=0
34.248.30.105200 OK 2.8 kB URL HTTP/1.1 dcu.demdex.net/dest5.html?d_nsid=0
IP 34.248.30.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: dcu.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Tue, 22 Nov 2022 18:35:32 GMT
DCS: dcs-prod-irl1-2-v045-083f91df3.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 9t7mONd9SV8=
Content-Length: 2791
Connection: keep-alive
digitalfederalcredit.tt.omtrdc.net/m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=072276ec28c94bbf8f03b0ba94fd30b1&mboxPC=&mboxPage=48710361c8f04693b1000ecc1c4cc1af&mboxRid=60c28774b22d4d169f57ce6d214ff4e3&mboxVersion=1.8.2&mboxCount=1&mboxTime=1669142131599&mboxHost=batfordapt.buzz&mboxURL=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxMCSDID=005A4A532A712400-70435E58EC65F3BA&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=30308188544231329533624891943837218041&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
108.129.53.90200 OK 96 B URL HTTP/2 digitalfederalcredit.tt.omtrdc.net/m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=072276ec28c94bbf8f03b0ba94fd30b1&mboxPC=&mboxPage=48710361c8f04693b1000ecc1c4cc1af&mboxRid=60c28774b22d4d169f57ce6d214ff4e3&mboxVersion=1.8.2&mboxCount=1&mboxTime=1669142131599&mboxHost=batfordapt.buzz&mboxURL=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxMCSDID=005A4A532A712400-70435E58EC65F3BA&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=30308188544231329533624891943837218041&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
IP 108.129.53.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9bae6365035060773045a3a9b6d06c7f
21e23f6557b2899f38c914f6d33f6eddbc465b2b
e942d5c6655309900e5136882d0e9534c3fe731c6ca3d2d745b4e2fed1110bdf
GET /m2/digitalfederalcredit/mbox/json?mbox=target-global-mbox&mboxSession=072276ec28c94bbf8f03b0ba94fd30b1&mboxPC=&mboxPage=48710361c8f04693b1000ecc1c4cc1af&mboxRid=60c28774b22d4d169f57ce6d214ff4e3&mboxVersion=1.8.2&mboxCount=1&mboxTime=1669142131599&mboxHost=batfordapt.buzz&mboxURL=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxReferrer=&browserHeight=939&browserWidth=1280&browserTimeOffset=0&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&pageurl=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&mboxMCSDID=005A4A532A712400-70435E58EC65F3BA&vst.trk=digitalfederalcreditunion.sc.omtrdc.net&vst.trks=digitalfederalcreditunion.sc.omtrdc.net&mboxMCGVID=30308188544231329533624891943837218041&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6 HTTP/1.1
Host: digitalfederalcredit.tt.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: application/json;charset=UTF-8
content-length: 96
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://batfordapt.buzz
access-control-allow-credentials: true
x-request-id: 60c28774b22d4d169f57ce6d214ff4e3
pragma: no-cache
cache-control: no-cache
timing-allow-origin: *
X-Firefox-Spdy: h2
us.cobrowse.pega.com/cobrowse/loadScripts
54.173.103.247200 OK 508 B URL HTTP/2 us.cobrowse.pega.com/cobrowse/loadScripts
IP 54.173.103.247:0
Hash 9cdb6851bb88c14e6033ca658ac8aa88
ee1d43de555319019f8b0713a683a463803a9b41
fa05f2814bdcd558f6b652532c66d74a995b0a05f464bda6e9375fcb3c02cf82
GET /cobrowse/loadScripts HTTP/1.1
Host: us.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 508
set-cookie: AWSALB=DsGPWoRrhiBbtL/yEM0XYApjzgnTotFJPhsd56MOqBIMJ6lK9GagJzRsAzAYd19gSvRoPYjAFae12LNuhScliC/saILi2tX+UyuU87lfPRS6OYRLPkrZhaUhV5xR; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/
AWSALBCORS=DsGPWoRrhiBbtL/yEM0XYApjzgnTotFJPhsd56MOqBIMJ6lK9GagJzRsAzAYd19gSvRoPYjAFae12LNuhScliC/saILi2tX+UyuU87lfPRS6OYRLPkrZhaUhV5xR; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/; SameSite=None; Secure
connect.sid=s%3A0XOAgx-Vs2KpDu8rdRnD08gldti0dpGK.GaLtAlCfiZqrYBe7UeNGWWfJNfHVAtnwKcBJHr1GN8E; Path=/; Expires=Thu, 24 Nov 2022 18:35:32 GMT; Secure; SameSite=None
server: nginx
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"1fc-7h1D3lVTGQGfiwcTpoOkY4A6m0E"
X-Firefox-Spdy: h2
usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.6.1
54.173.103.247200 OK 261 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.6.1
IP 54.173.103.247:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 261 kB (261370 bytes)
Hash eb9524e46cc30efd2673a51baa3a655e
f9860cf1e6dc646899418909a7bf2156df4556a4
c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
GET /assets/scripts/final/customer.js?v=8.6.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: application/javascript
content-length: 261370
set-cookie: AWSALB=nzdgpTFH8dXNXDsDKxYaoAZCklL3kU8UXwpqFUYZir2fIpFe/+XykUm+YBQIkPbDgWwNBZ5Ni5ENFOVIbkdJxe75kIfUaO+qZrNcEHKCWvo62/RZ8Q/UT5cEwob8; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/
AWSALBCORS=nzdgpTFH8dXNXDsDKxYaoAZCklL3kU8UXwpqFUYZir2fIpFe/+XykUm+YBQIkPbDgWwNBZ5Ni5ENFOVIbkdJxe75kIfUaO+qZrNcEHKCWvo62/RZ8Q/UT5cEwob8; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
54.173.103.247200 OK 261 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/scripts/final/customer.js?v=8.7.1
IP 54.173.103.247:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 261 kB (261370 bytes)
Hash eb9524e46cc30efd2673a51baa3a655e
f9860cf1e6dc646899418909a7bf2156df4556a4
c1898417dc51a18a977daaea237101556511c77a676d51982c6c035cbf15f1c1
GET /assets/scripts/final/customer.js?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Cookie: AWSALBCORS=nzdgpTFH8dXNXDsDKxYaoAZCklL3kU8UXwpqFUYZir2fIpFe/+XykUm+YBQIkPbDgWwNBZ5Ni5ENFOVIbkdJxe75kIfUaO+qZrNcEHKCWvo62/RZ8Q/UT5cEwob8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: application/javascript
content-length: 261370
set-cookie: AWSALB=s5TH3duid8FWMTnMdfVbJlUP0Ql+l81mSu4BiCr3PifiuUiLNtmKRcMVUVPPqMN1IIY9eInzeLly7klSTN0+QCzWYxc02qht/UFKFID2YirZRddz6l0LjwyLu/KW; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/
AWSALBCORS=s5TH3duid8FWMTnMdfVbJlUP0Ql+l81mSu4BiCr3PifiuUiLNtmKRcMVUVPPqMN1IIY9eInzeLly7klSTN0+QCzWYxc02qht/UFKFID2YirZRddz6l0LjwyLu/KW; Expires=Tue, 29 Nov 2022 18:35:32 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Mon, 18 Jul 2022 06:30:25 GMT
etag: "62d4fe01-3fcfa"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.1-LBWB/s02839836551656?AQB=1&ndh=1&pf=1&t=22%2F10%2F2022%2018%3A35%3A32%202%200&sdid=005A4A532A712400-70435E58EC65F3BA&vid=30308188544231329533624891943837218041&mid=30308188544231329533624891943837218041&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.html&g=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&cc=USD&ch=verify.html&server=batfordapt.buzz&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.html&c9=D%3Dv9&v9=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.html&v12=year%3D2022%20%7C%20month%3DNovember%20%7C%20date%3D22%20%7C%20day%3DTuesday%20%7C%20time%3D6%3A35%20PM&v13=New&c14=30&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=30308188544231329533624891943837218041&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
13.36.218.177200 OK 43 B URL HTTP/2 digitalfederalcreditunion.sc.omtrdc.net/b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.1-LBWB/s02839836551656?AQB=1&ndh=1&pf=1&t=22%2F10%2F2022%2018%3A35%3A32%202%200&sdid=005A4A532A712400-70435E58EC65F3BA&vid=30308188544231329533624891943837218041&mid=30308188544231329533624891943837218041&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.html&g=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&cc=USD&ch=verify.html&server=batfordapt.buzz&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.html&c9=D%3Dv9&v9=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.html&v12=year%3D2022%20%7C%20month%3DNovember%20%7C%20date%3D22%20%7C%20day%3DTuesday%20%7C%20time%3D6%3A35%20PM&v13=New&c14=30&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=30308188544231329533624891943837218041&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/dfcudigbankingprod,dfcumainglobal/1/JS-2.22.1-LBWB/s02839836551656?AQB=1&ndh=1&pf=1&t=22%2F10%2F2022%2018%3A35%3A32%202%200&sdid=005A4A532A712400-70435E58EC65F3BA&vid=30308188544231329533624891943837218041&mid=30308188544231329533624891943837218041&aamlh=6&ce=UTF-8&pageName=projectfinance%3Aen%3Averify.html&g=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&cc=USD&ch=verify.html&server=batfordapt.buzz&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=verify.html&c9=D%3Dv9&v9=https%3A%2F%2Fbatfordapt.buzz%2Fverify.html&v10=D%3Dc10&v11=projectfinance%3Aen%3Averify.html&v12=year%3D2022%20%7C%20month%3DNovember%20%7C%20date%3D22%20%7C%20day%3DTuesday%20%7C%20time%3D6%3A35%20PM&v13=New&c14=30&v14=D%3Dc14&c15=New%20Visitor&c16=1&c17=first%20hit%20of%20visit&v20=Project%20Finance&v41=30308188544231329533624891943837218041&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=46051B125B89FACB0A495DD6%40AdobeOrg&AQE=1 HTTP/1.1
Host: digitalfederalcreditunion.sc.omtrdc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Tue, 22 Nov 2022 18:35:32 GMT
expires: Mon, 21 Nov 2022 18:35:32 GMT
last-modified: Wed, 23 Nov 2022 18:35:32 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3584455435858444288-4619704705476526870
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
54.228.71.178200 OK 19 kB URL HTTP/1.1 mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false
IP 54.228.71.178:0
File type ASCII text, with very long lines (1056)
Hash d73b65f0ae50212b6b8c03d4489932cd
01671d26955a502a52dfb947204b46a2bc3afc35
211e3bd517fb8d7b2d155d0d64f6a1a4795eccb3fcb7f96bc98e952b8905afed
GET /general5/wdp.js?loaderVer=5.2.2&compat=false&tp=true&tp_split=false&fp_static=true&fp_dyn=true&flash=false HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 18:35:32 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef=XVjY5sUZCXzq4lbWF4GCnXPati0e+uOZVQsq7tZqsgo=;Path=/;Expires=Wed, 22-Nov-2023 18:35:32 GMT;Max-Age=31536000;Secure;HttpOnly;SameSite=None
Cache-Control: no-cache, private
Pragma: no-cache
Expires: 0
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.36200 OK 1.7 kB IP 192.124.249.36:0
Hash f4ccbcbe2dfc8a33f7ccb801ed66843e
238268933ba6633d6518b35f02f7259b80f4d8c2
dc2f599eda5c16b4862b5694f6fc87851f633d72e3d65d1ce53edb419f6badcb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 18:35:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 17:41:12 GMT
Expires: Wed, 23 Nov 2022 17:41:12 GMT
ETag: "238268933ba6633d6518b35f02f7259b80f4d8c2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
mpsnare.iesnare.com/5.4.0/logo.js
54.228.71.178200 OK 405 B URL HTTP/1.1 mpsnare.iesnare.com/5.4.0/logo.js
IP 54.228.71.178:0
File type ASCII text, with very long lines (377)
Hash 15d63a0fe65792b16d6aaa5e19a3b3f4
f725586bff794868d56c3f3cd8275eccd154b6ea
ca17ecf0dc26431619ff5ead142087debb4d14ceb830eb6294ce1ff15aa04a4f
GET /5.4.0/logo.js HTTP/1.1
Host: mpsnare.iesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 22 Nov 2022 18:35:32 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 May 2014 00:01:40 GMT
Expires: Wed, 22 Nov 2023 18:35:32 GMT
Cache-Control: private
p3p: CP="NON DSP COR CURa"
Accept-CH: ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version
Strict-Transport-Security: max-age=15552000; includeSubDomains
Content-Encoding: gzip
virtualhost.gq/css/css/dest5.htm
74.208.236.14404 Not Found 897 B URL HTTP/2 virtualhost.gq/css/css/dest5.htm
IP 74.208.236.14:0
Hash dced2349a1ce33c2d3471ecd9b7de6b3
2ed20f75b30eab936502a3a4a7d32948eabea22b
00acd8c2f0ae358db6b54aa6670207c798d1870b5d1d8bfb1c6a5a517cba9d11
GET /css/css/dest5.htm HTTP/1.1
Host: virtualhost.gq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
date: Tue, 22 Nov 2022 18:35:32 GMT
server: Apache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.7 kB IP 192.124.249.36:0
Hash f4ccbcbe2dfc8a33f7ccb801ed66843e
238268933ba6633d6518b35f02f7259b80f4d8c2
dc2f599eda5c16b4862b5694f6fc87851f633d72e3d65d1ce53edb419f6badcb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 68
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 18:35:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1731
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 22 Nov 2022 17:41:12 GMT
Expires: Wed, 23 Nov 2022 17:41:12 GMT
ETag: "238268933ba6633d6518b35f02f7259b80f4d8c2"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4382eefba736dd30d231d1fde46bf345
e7ef92d3b52cce36bed872b889f604bdbf289adc
ce3ec1fcb1252c8ef32783b4aab740cb555e44964de5e18001b0a43e5d18f456
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 18:35:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 22:15:19 GMT
Expires: Tue, 22 Nov 2022 22:15:19 GMT
ETag: "e7ef92d3b52cce36bed872b889f604bdbf289adc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 40c88d70b5c149a5035df4029d0c771a
aa7f844e7e0663ab5f4d1c2f48e6f55ac8d358c0
d8437bad8650159abf4fbe194b2002cb3fdf2b07d6c0a9d5f3709b6271b27d65
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157299
Date: Tue, 22 Nov 2022 18:35:32 GMT
Etag: "637cd61d-1d7"
Expires: Thu, 24 Nov 2022 14:17:11 GMT
Last-Modified: Tue, 22 Nov 2022 14:01:01 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xt8p9vtGhAnbkPZz4-RTPduU-u_rvhwUwvBYVRjkEwVAROINVRKwqg==
Age: 970
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 4382eefba736dd30d231d1fde46bf345
e7ef92d3b52cce36bed872b889f604bdbf289adc
ce3ec1fcb1252c8ef32783b4aab740cb555e44964de5e18001b0a43e5d18f456
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 18:35:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 22:15:19 GMT
Expires: Tue, 22 Nov 2022 22:15:19 GMT
ETag: "e7ef92d3b52cce36bed872b889f604bdbf289adc"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.dcu.org/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/favicon-16x16.png
104.17.115.72200 OK 1.1 kB URL HTTP/2 www.dcu.org/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/favicon-16x16.png
IP 104.17.115.72:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 414d99abbdc026b925083131bead7772
29a161f355738459f3564a587d4e3b8a2c9c0da2
6d2f4d1923705abbcf68264b60d21b32037923c2b5ceaf934150cd92f50d497f
GET /etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/favicon-16x16.png HTTP/1.1
Host: www.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: image/png
content-length: 1133
x-dispatcher: dispatcher2useast1
x-vhost: publish
cache-control: public, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2019 15:45:59 GMT
etag: "46d-58f88d667bbc0"
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src *.quantummetric.com 'unsafe-inline' 'unsafe-eval' 'self' blob:; worker-src blob:; child-src blob:; object-src 'self'; media-src 'self' blob: usassets.chat.pega.com firefly-chat-production.s3.amazonaws.com https://www.dcu.org https://manifest.prod.boltdns.net/ https://dcu-dev-65.adobecqms.net/ https://players.brightcove.net/ https://vjs.zencdn.net/ https://bcbolt446c5271-a.akamaihd.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://usuat.cobrowse.pega.com/ https://usuatassets.cobrowse.pega.com https://player.vimeo.com/ https://memchat.dcu-online.org/ https://geolocation.onetrust.com https://www.google.com https://cdn.cookielaw.org https://js-staging.poshdevelopment.com/ https://js.poshdevelopment.com https://api.poshdevelopment.com https://staging.poshdevelopment.com *.quantummetric.com http://dfcumanagedservicesstageenvironment.112.2o7.net https://analytics.twitter.com/ *.ads-twitter.com https://us.cobrowse.pega.com https://usassets.cobrowse.pega.com *.steelhousemedia.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://www.calcxml.com/ *.cloudflare.com https://googleads.g.doubleclick.net https://chat.usefirefly.com https://usefirefly.com https://connect.facebook.net www.google-analytics.com assets.adobedtm.com *.timevaluecalculators.com *.bazaarvoice.com *.iesnare.com https://ajax.googleapis.com/ *.googleapis.com *.dcuinsurance.com tagmanager.google.com www.googletagmanager.com https://www.google-analytics.com https://firefly-chat-production.s3.amazonaws.com http://www.googleadservices.com https://connect.facebook.net http://digitalfederalcreditunion.sc.omtrdc.net https://digitalfederalcreditunion.sc.omtrdc.net https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage-65.adobecqms.net/ https://stage.dcu.org/ *.dcu.org https://dculocator.wave2.io/ https://snap.licdn.com https://bat.bing.com https://up.pixel.ad https://ssl.google-analytics.com/ https://www.dcu.org/ https://static.ads-twitter.com/ https://players.brightcove.net/ https://vjs.zencdn.net/ https://bcbolt446c5271-a.akamaihd.net/ https://widget.use1.chat.pega.digital/; connect-src 'self' *.ads-twitter.com *.quantummetric.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com wss://usefirefly.com https://usefirefly.com * *.cloudflare.com https://www.calcxml.com/ *.dcu.org *.omtrdc.net *.demdex.net *.bazaarvoice.com wss://chat.usefirefly.com https://www.google-analytics.com https://www.dcuinsurance.com http://digitalfederalcreditunion.sc.omtrdc.net https://digitalfederalcreditunion.sc.omtrdc.net https://www.dcu.org/ https://static.ads-twitter.com/; img-src 'self' *.com *.yahoo.com http://t.co/ dsum.casalemedia.com su.addthis.com s.thebrighttag.com image2.pubmatic.com ads.scorecardresearch.com t.mookie1.com x.bidswitch.net usermatch.krxd.net match.sharethrough.com cm.g.doubleclick.net ads.yahoo.com pixel.advertising.com insight.adsrvr.org www.facebook.com usassets.chat.pega.com firefly-chat-production.s3.amazonaws.com *.bazaarvoice.com https://www.dcu.org https://www.google.co.in https://www.google.com *.timevaluecalculators.com *.everesttech.net *.demdex.net *.omtrdc.net *.googleapis.com *.gstatic.com *.112.2o7.net https://stats.g.doubleclick.net https://www.calcxml.com/ www.google-analytics.com *.doubleclick.net/ https://bcbolt446c5271-a.akamaihd.net/ https://players.brightcove.net/ https://www.dcu.org/ data:; style-src 'self' 'unsafe-inline' *.cloudflare.com https://usuatassets.cobrowse.pega.com https://usassets.cobrowse.pega.com https://usefirefly.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://www.calcxml.com/ https://tagmanager.google.com usassets.chat.pega.com *.timevaluecalculators.com https://fonts.googleapis.com/ *.googleapis.com *.bazaarvoice.com https://match.adsrvr.org https://match.prod.bidr.io https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage-65.adobecqms.net/ https://stage.dcu.org/ *.dcu.org https://dculocator.wave2.io/ https://www.dcu.org/; font-src 'self' https://fonts.gstatic.com/ fonts.gstatic.com https://www.dcu.org/ data:; frame-src 'self' https://player.vimeo.com/ *.quantummetric.com https://dcu.secure.nonprofitsoapbox.com https://americasaves.org/ https://app.loanspq.com/ https://dcu.mortgagewebcenter.com/ https://apps.rps.ascensus.com/ https://forms.fivision.com/ *.doubleclick.net *.culookup.com *.dcu.org *.demdex.net https://dcu.demdex.net *.locatorsearch.com *.bazaarvoice.com https://www.fmsi-lts.com/DIG_WS https://fmsi-lts.com/ *.adobecqms.net http://cookies.onetrust.mgr.consensu.org/ stage.dcu.org https://stage.dcu.org/ https://dcu-stage-65.adobecqms.net/ http://dcu-stage-65.adobecqms.net/ https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage.adobecqms.net/ *.dcu.org https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://js-staging.poshdevelopment.com/ https://js.poshdevelopment.com https://api.poshdevelopment.com https://staging.poshdevelopment.com *.youtube.com https://dculocator.wave2.io/ https://www.dcu.org/ https://pixel.sitescout.com/ https://memchat.dcu-online.org/
content-disposition: inline
x-cache: Miss from cloudfront
via: 1.1 d661c8f821b4dd0011bb1bb50baf07c2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: J0nZ-UclYBj1fFPPpTo8YLxsVa4D4VTCMIuooTM_1ZLQTlHJt2Mf9g==
cf-cache-status: HIT
age: 76952
expires: Wed, 22 Nov 2023 18:35:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e3c3fabc1efab8-OSL
X-Firefox-Spdy: h2
www.dcu.org/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/android-icon-192x192.png
104.17.115.72200 OK 9.4 kB URL HTTP/2 www.dcu.org/etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/android-icon-192x192.png
IP 104.17.115.72:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 7216a21919985c76db508e4a4970b336
cebc61315ef6c571077cc8320a022fad579da63a
d10834ba712b4029f758befeb40c55920c3873a0de72e287b712184f3a8c8afb
GET /etc.clientlibs/dcu/clientlibs/clientlib-site/resources/favicons/android-icon-192x192.png HTTP/1.1
Host: www.dcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:32 GMT
content-type: image/png
content-length: 9441
x-dispatcher: dispatcher2useast1
x-vhost: publish
cache-control: public, max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 07 Aug 2019 15:45:59 GMT
etag: "24e1-58f88d667bbc0"
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src *.quantummetric.com 'unsafe-inline' 'unsafe-eval' 'self' blob:; worker-src blob:; child-src blob:; object-src 'self'; media-src 'self' blob: usassets.chat.pega.com firefly-chat-production.s3.amazonaws.com https://www.dcu.org https://manifest.prod.boltdns.net/ https://dcu-dev-65.adobecqms.net/ https://players.brightcove.net/ https://vjs.zencdn.net/ https://bcbolt446c5271-a.akamaihd.net/; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://usuat.cobrowse.pega.com/ https://usuatassets.cobrowse.pega.com https://player.vimeo.com/ https://memchat.dcu-online.org/ https://geolocation.onetrust.com https://www.google.com https://cdn.cookielaw.org https://js-staging.poshdevelopment.com/ https://js.poshdevelopment.com https://api.poshdevelopment.com https://staging.poshdevelopment.com *.quantummetric.com http://dfcumanagedservicesstageenvironment.112.2o7.net https://analytics.twitter.com/ *.ads-twitter.com https://us.cobrowse.pega.com https://usassets.cobrowse.pega.com *.steelhousemedia.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://www.calcxml.com/ *.cloudflare.com https://googleads.g.doubleclick.net https://chat.usefirefly.com https://usefirefly.com https://connect.facebook.net www.google-analytics.com assets.adobedtm.com *.timevaluecalculators.com *.bazaarvoice.com *.iesnare.com https://ajax.googleapis.com/ *.googleapis.com *.dcuinsurance.com tagmanager.google.com www.googletagmanager.com https://www.google-analytics.com https://firefly-chat-production.s3.amazonaws.com http://www.googleadservices.com https://connect.facebook.net http://digitalfederalcreditunion.sc.omtrdc.net https://digitalfederalcreditunion.sc.omtrdc.net https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage-65.adobecqms.net/ https://stage.dcu.org/ *.dcu.org https://dculocator.wave2.io/ https://snap.licdn.com https://bat.bing.com https://up.pixel.ad https://ssl.google-analytics.com/ https://www.dcu.org/ https://static.ads-twitter.com/ https://players.brightcove.net/ https://vjs.zencdn.net/ https://bcbolt446c5271-a.akamaihd.net/ https://widget.use1.chat.pega.digital/; connect-src 'self' *.ads-twitter.com *.quantummetric.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com wss://usefirefly.com https://usefirefly.com * *.cloudflare.com https://www.calcxml.com/ *.dcu.org *.omtrdc.net *.demdex.net *.bazaarvoice.com wss://chat.usefirefly.com https://www.google-analytics.com https://www.dcuinsurance.com http://digitalfederalcreditunion.sc.omtrdc.net https://digitalfederalcreditunion.sc.omtrdc.net https://www.dcu.org/ https://static.ads-twitter.com/; img-src 'self' *.com *.yahoo.com http://t.co/ dsum.casalemedia.com su.addthis.com s.thebrighttag.com image2.pubmatic.com ads.scorecardresearch.com t.mookie1.com x.bidswitch.net usermatch.krxd.net match.sharethrough.com cm.g.doubleclick.net ads.yahoo.com pixel.advertising.com insight.adsrvr.org www.facebook.com usassets.chat.pega.com firefly-chat-production.s3.amazonaws.com *.bazaarvoice.com https://www.dcu.org https://www.google.co.in https://www.google.com *.timevaluecalculators.com *.everesttech.net *.demdex.net *.omtrdc.net *.googleapis.com *.gstatic.com *.112.2o7.net https://stats.g.doubleclick.net https://www.calcxml.com/ www.google-analytics.com *.doubleclick.net/ https://bcbolt446c5271-a.akamaihd.net/ https://players.brightcove.net/ https://www.dcu.org/ data:; style-src 'self' 'unsafe-inline' *.cloudflare.com https://usuatassets.cobrowse.pega.com https://usassets.cobrowse.pega.com https://usefirefly.com https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://www.calcxml.com/ https://tagmanager.google.com usassets.chat.pega.com *.timevaluecalculators.com https://fonts.googleapis.com/ *.googleapis.com *.bazaarvoice.com https://match.adsrvr.org https://match.prod.bidr.io https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage-65.adobecqms.net/ https://stage.dcu.org/ *.dcu.org https://dculocator.wave2.io/ https://www.dcu.org/; font-src 'self' https://fonts.gstatic.com/ fonts.gstatic.com https://www.dcu.org/ data:; frame-src 'self' https://player.vimeo.com/ *.quantummetric.com https://dcu.secure.nonprofitsoapbox.com https://americasaves.org/ https://app.loanspq.com/ https://dcu.mortgagewebcenter.com/ https://apps.rps.ascensus.com/ https://forms.fivision.com/ *.doubleclick.net *.culookup.com *.dcu.org *.demdex.net https://dcu.demdex.net *.locatorsearch.com *.bazaarvoice.com https://www.fmsi-lts.com/DIG_WS https://fmsi-lts.com/ *.adobecqms.net http://cookies.onetrust.mgr.consensu.org/ stage.dcu.org https://stage.dcu.org/ https://dcu-stage-65.adobecqms.net/ http://dcu-stage-65.adobecqms.net/ https://dcu-dev-65.adobecqms.net/ https://dcu-qa-65.adobecqms.net/ https://dcu-stage.adobecqms.net/ *.dcu.org https://dcu-mkt-stage1.campaign.adobe.com https://dcu.campaign.adobe.com https://js-staging.poshdevelopment.com/ https://js.poshdevelopment.com https://api.poshdevelopment.com https://staging.poshdevelopment.com *.youtube.com https://dculocator.wave2.io/ https://www.dcu.org/ https://pixel.sitescout.com/ https://memchat.dcu-online.org/
content-disposition: inline
x-cache: Miss from cloudfront
via: 1.1 b862e3687b36a4ee0dbc1b9352fbfbb2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 5SoaAZ_4gHcXZPc6ByJPpCw2NOp67QHaPucKQvAcTGVfdfbLcyAi2g==
cf-cache-status: HIT
age: 76952
expires: Wed, 22 Nov 2023 18:35:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e3c3facc35fab8-OSL
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=30947846826831555293653395601749674921
54.77.60.152302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=30947846826831555293653395601749674921
IP 54.77.60.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=30947846826831555293653395601749674921 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Tue, 22 Nov 2022 18:35:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y30WdAAAAGUTEgN-; Domain=.everesttech.net; Expires=Wed, 22-Nov-2023 18:35:32 GMT; Path=/
everest_session_v2=Y30WdAAAAGUTEwN-; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
3.248.130.194302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
IP 3.248.130.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y30WdAAAAGUTEgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://batfordapt.buzz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-085e2ce89.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=00004399956200850191578001948568929219; Max-Age=15552000; Expires=Sun, 21 May 2023 18:35:32 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: NlNJGDLsTcM=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
3.248.130.194200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y30WdAAAAGUTEgN-
IP 3.248.130.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y30WdAAAAGUTEgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://batfordapt.buzz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0480615af.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: qWtOsDMnTCw=
Content-Length: 59
Connection: keep-alive
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.6.1
54.173.103.247200 OK 3.5 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.6.1
IP 54.173.103.247:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash c9e0ee1acc72fd18e3953cf614f7e879
bacc2349aab9dfac47cd153702e98e1fa48466f4
e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
GET /assets/stylesheets/customer/final/default.css?v=8.6.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Cookie: AWSALBCORS=s5TH3duid8FWMTnMdfVbJlUP0Ql+l81mSu4BiCr3PifiuUiLNtmKRcMVUVPPqMN1IIY9eInzeLly7klSTN0+QCzWYxc02qht/UFKFID2YirZRddz6l0LjwyLu/KW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:34 GMT
content-type: text/css
content-length: 3489
set-cookie: AWSALB=IqchIib2QpknQoG9xuMjxRUOtPG55DmSHR1EDnZLzeaNXcrX2HX2VBztRnd7oolzEWzm2GeKev7kD2EhRK1TEqK4fuUR78hyD9itcIdqzpdRi7wLVunJ2ZwwaTVK; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/
AWSALBCORS=IqchIib2QpknQoG9xuMjxRUOtPG55DmSHR1EDnZLzeaNXcrX2HX2VBztRnd7oolzEWzm2GeKev7kD2EhRK1TEqK4fuUR78hyD9itcIdqzpdRi7wLVunJ2ZwwaTVK; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
54.173.103.247200 OK 3.5 kB URL HTTP/2 usassets.cobrowse.pega.com/assets/stylesheets/customer/final/default.css?v=8.7.1
IP 54.173.103.247:0
File type Unicode text, UTF-8 text, with very long lines (14626)
Hash c9e0ee1acc72fd18e3953cf614f7e879
bacc2349aab9dfac47cd153702e98e1fa48466f4
e13c4a8b7d5d884e11579582e7e99198c7fdfbd2587a37f52add1783e49e5d8e
GET /assets/stylesheets/customer/final/default.css?v=8.7.1 HTTP/1.1
Host: usassets.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://batfordapt.buzz/
Cookie: AWSALBCORS=IqchIib2QpknQoG9xuMjxRUOtPG55DmSHR1EDnZLzeaNXcrX2HX2VBztRnd7oolzEWzm2GeKev7kD2EhRK1TEqK4fuUR78hyD9itcIdqzpdRi7wLVunJ2ZwwaTVK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:34 GMT
content-type: text/css
content-length: 3489
set-cookie: AWSALB=xyDj6EnqtCFglXZ7sSq7dihFK72/yqYGZldxNETmaaAqRkrVmSf6Qnf1SQd34JOif3+gsajug0JSkI6GonydS31yngQQh5qQLx1AkprTbMSlDmu/EPrQ4lLwUASw; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/
AWSALBCORS=xyDj6EnqtCFglXZ7sSq7dihFK72/yqYGZldxNETmaaAqRkrVmSf6Qnf1SQd34JOif3+gsajug0JSkI6GonydS31yngQQh5qQLx1AkprTbMSlDmu/EPrQ4lLwUASw; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/; SameSite=None; Secure
server: nginx
last-modified: Wed, 13 Jul 2022 12:04:58 GMT
etag: "62ceb4ea-da1"
access-control-allow-origin: *
content-encoding: gzip
accept-ranges: bytes
X-Firefox-Spdy: h2
us.cobrowse.pega.com/api/config?messagesType=customer&language=en-US&company=7e93b5d5-334d-4b59-b925-4db0d6b5d066
54.173.103.247200 OK 24 kB URL HTTP/2 us.cobrowse.pega.com/api/config?messagesType=customer&language=en-US&company=7e93b5d5-334d-4b59-b925-4db0d6b5d066
IP 54.173.103.247:0
Hash 03361138f1f5f837e31eeb35dde9c323
d180d75bc4f451d858ddc83437262a5f2ffa74b7
fdf721343683542c428e35fed6d6e7b2fe29dfd819844ac55282ad4a3c198ff7
GET /api/config?messagesType=customer&language=en-US&company=7e93b5d5-334d-4b59-b925-4db0d6b5d066 HTTP/1.1
Host: us.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://batfordapt.buzz/
Cookie: AWSALBCORS=DsGPWoRrhiBbtL/yEM0XYApjzgnTotFJPhsd56MOqBIMJ6lK9GagJzRsAzAYd19gSvRoPYjAFae12LNuhScliC/saILi2tX+UyuU87lfPRS6OYRLPkrZhaUhV5xR; connect.sid=s%3A0XOAgx-Vs2KpDu8rdRnD08gldti0dpGK.GaLtAlCfiZqrYBe7UeNGWWfJNfHVAtnwKcBJHr1GN8E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:34 GMT
content-type: application/json; charset=utf-8
content-length: 23494
set-cookie: AWSALB=2w7l+6KWTvQnXuN2q+k6B7FqvxBax3RZK4CXwwjZt8ywtM4mHGAdz6/CEWkxOAIcdH6GdwcW65Y1svqktI6zDpGwOOvi4N1OIXBsmjMc8dugGUM6tVJDVL+zgzGW; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/
AWSALBCORS=2w7l+6KWTvQnXuN2q+k6B7FqvxBax3RZK4CXwwjZt8ywtM4mHGAdz6/CEWkxOAIcdH6GdwcW65Y1svqktI6zDpGwOOvi4N1OIXBsmjMc8dugGUM6tVJDVL+zgzGW; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/; SameSite=None; Secure
server: nginx
x-powered-by: Express
access-control-allow-origin: https://batfordapt.buzz
access-control-allow-credentials: true
access-control-allow-headers: X-CSRF-Token, X-Requested-With, accept, x-j-token, content-type
etag: W/"5bc6-48DoYcJKijLaUFwVIIxji9ZHYnM"
X-Firefox-Spdy: h2
us.cobrowse.pega.com/logserver
54.173.103.247200 OK 0 B URL HTTP/2 us.cobrowse.pega.com/logserver
IP 54.173.103.247:0
POST /logserver HTTP/1.1
Host: us.cobrowse.pega.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 250
Origin: https://batfordapt.buzz
Connection: keep-alive
Referer: https://batfordapt.buzz/
Cookie: AWSALBCORS=2w7l+6KWTvQnXuN2q+k6B7FqvxBax3RZK4CXwwjZt8ywtM4mHGAdz6/CEWkxOAIcdH6GdwcW65Y1svqktI6zDpGwOOvi4N1OIXBsmjMc8dugGUM6tVJDVL+zgzGW; connect.sid=s%3A0XOAgx-Vs2KpDu8rdRnD08gldti0dpGK.GaLtAlCfiZqrYBe7UeNGWWfJNfHVAtnwKcBJHr1GN8E
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 18:35:34 GMT
content-type: text/plain
set-cookie: AWSALB=3z1uUF+/cV28BByp8C3BCqddE4NmrrArHFlZtMgeLgEOS1s1axR/6wKSuEh4TlgrE1Cr/gn9AwxA5r8swxDX0/synRenuTuylz7dxDwpS79aX7G6xuO1Z2m2vXHO6fmn4UI1P7y4L0aof3eVzmSVa1DlyvH9mdxDfVNbRQxW8pdooAtiVHue8Oz9QTwBng==; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/
AWSALBCORS=3z1uUF+/cV28BByp8C3BCqddE4NmrrArHFlZtMgeLgEOS1s1axR/6wKSuEh4TlgrE1Cr/gn9AwxA5r8swxDX0/synRenuTuylz7dxDwpS79aX7G6xuO1Z2m2vXHO6fmn4UI1P7y4L0aof3eVzmSVa1DlyvH9mdxDfVNbRQxW8pdooAtiVHue8Oz9QTwBng==; Expires=Tue, 29 Nov 2022 18:35:34 GMT; Path=/; SameSite=None; Secure
server: nginx
access-control-allow-origin: https://batfordapt.buzz
access-control-allow-methods: POST
access-control-allow-credentials: true
access-control-allow-headers: accept, x-csrf-token, content-type
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap
IP 142.250.74.10:0
GET /css2?family=Nunito+Sans:wght@300;400;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://virtualhost.gq/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 18:35:30 GMT
date: Tue, 22 Nov 2022 18:35:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2