akams-remoteconnect.com/
162.241.119.151301 Moved Permanently 0 B IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 03:53:56 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-Redirect-By: WordPress
Location: https://www.akams-remoteconnect.com/
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: HIT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5302
Expires: Sat, 26 Nov 2022 05:22:21 GMT
Date: Sat, 26 Nov 2022 03:53:59 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3500
Cache-Control: max-age=113735
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:53:59 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:29:34 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 03:19:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2087
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7530
Expires: Sat, 26 Nov 2022 05:59:29 GMT
Date: Sat, 26 Nov 2022 03:53:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4GFqsKjazpvshztRcydohYGXaQPR0ojA6rpFE/fo63N8w0bi/A+D1FoPNC+lUtLnkwVlwUSQ9sw=
x-amz-request-id: 8H4FCJP3Z5QTYEHC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 03:41:03 GMT
age: 776
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:53:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 03:08:53 GMT
cache-control: public,max-age=3600
age: 2706
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3162
Cache-Control: max-age=108334
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:53:59 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:59:33 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b20e766d2e25a287dd1136f50f2087b
aeb13fa9da825b46e9a79e4e4569acea989bc05a
b36b3b42f9a6ea4e86de32157f3ce7fc07fdc062f473779d89eff2e381c106b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B36B3B42F9A6EA4E86DE32157F3CE7FC07FDC062F473779D89EFF2E381C106B0"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21521
Expires: Sat, 26 Nov 2022 09:52:41 GMT
Date: Sat, 26 Nov 2022 03:54:00 GMT
Connection: keep-alive
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wcSadXWg313Sw8tOBCcYNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TqXtoWxNs+VbRMWsLF/y4/LXwIQ=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1790c23b4d4ee37d46a499e6ec6b85cc
2e67f53dbd3f83ec90cbd8d595d377c7d514b858
81fc93fcb73865f7dfd4a87246e01195a851017d22d2f1381bf4e261eec1a128
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "81FC93FCB73865F7DFD4A87246E01195A851017D22D2F1381BF4E261EEC1A128"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8978
Expires: Sat, 26 Nov 2022 06:23:38 GMT
Date: Sat, 26 Nov 2022 03:54:00 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b45afff1c2385d7de41c073f86e242
0de268570cf402bf7ad1a04fa9ba4f541fd358b9
59f62c917dfa9635338b708fdc36a17586d0c20a738a53b0b3822304bf1b2ad5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59F62C917DFA9635338B708FDC36A17586D0C20A738A53B0B3822304BF1B2AD5"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5743
Expires: Sat, 26 Nov 2022 05:29:43 GMT
Date: Sat, 26 Nov 2022 03:54:00 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-222722748-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-222722748-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9e6bab0de893812d474cb2642db8f54d
378b55c0eb61b99a6e9ea107a79d3a880d7944c2
3018216c278f99d86e202c75394087c815c0426f2e1fe1e2f69e09d545b869b9
GET /gtag/js?id=UA-222722748-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 03:54:00 GMT
expires: Sat, 26 Nov 2022 03:54:00 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 8.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
Hash fa4c586c260b7edf973d5042927ae9d7
369c6ced03f69bcc246a558df01aa4b7d90a25c9
5a9ffe55e3b40f5b9395b50441190d11e1b1c9cae5f584f68bf07b822b175c72
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 03:54:00 GMT
date: Sat, 26 Nov 2022 03:54:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-5.css?ver=1667879479
162.241.119.151200 OK 389 B URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-5.css?ver=1667879479
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1160), with no line terminators
Hash 263a6c975882212623ba58a5ebdddcf8
bb791468394ebafb01db3bf92b8d0e50fda7a766
9ca87178f00e8693fa3890bd72b81ed86187edeb820cbdc5d731a2f888ede64c
GET /wp-content/uploads/elementor/css/post-5.css?ver=1667879479 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:51:19 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 389
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-9.css?ver=1668752094
162.241.119.151200 OK 2.3 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-9.css?ver=1668752094
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11980), with no line terminators
Hash 5111ce38d4145afec98ffb6ce0782df7
2c309687c69bdca7f035ba3140c35025af16b684
6a1caa9ebc681b95620cd51daaf198a26484ffe91f33d2cd1d40dda6156b3714
GET /wp-content/uploads/elementor/css/post-9.css?ver=1668752094 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 18 Nov 2022 06:14:54 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2261
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/qhchrfn8/c5440.css
162.241.119.151200 OK 5.8 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/qhchrfn8/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18184)
Hash f774db6c3d4d3af48575f9b8203cf1ce
0030d1b1d3771bf2a79558879d88baace8ff3143
6db25e20b75a4c3adcac93d403b5cdeb2b7fb33797d6bf02f5df9980a37d076c
GET /wp-content/cache/wpfc-minified/qhchrfn8/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5817
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/dgrsi4o3/c5440.css
162.241.119.151200 OK 12 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/dgrsi4o3/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (38518), with no line terminators
Hash f002ccd1a29256afdac7e04d14c6e2f0
d672a13ad061bc529fda1657b76f67b8c5f96a24
7e790d5b8c068a74cbf87c264f9237ce8ad110900f283ca5e589cce8fcc1211f
GET /wp-content/cache/wpfc-minified/dgrsi4o3/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12052
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/1qy54oit/c5440.css
162.241.119.151200 OK 13 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/1qy54oit/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (58689), with no line terminators
Hash 4183f12fadf52b23466f4dd31f6b9850
33a73e1018d476e30b5bbbaa32993024d63d1adb
02fca830e26aef52e49c9677495cddb9d58c0318b780ef3fa47d4f657c8e73bd
GET /wp-content/cache/wpfc-minified/1qy54oit/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 12711
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 10bdd1fc5b7bd4dbc3170c3f6fcb52a5
f71eea9b40d160e788708289bb488dc010170320
12d39f876c6d655ef96e83c807c5e8495e8c4675eb871ecce7445e928b593948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12D39F876C6D655EF96E83C807C5E8495E8C4675EB871ECCE7445E928B593948"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10563
Expires: Sat, 26 Nov 2022 06:50:03 GMT
Date: Sat, 26 Nov 2022 03:54:00 GMT
Connection: keep-alive
www.akams-remoteconnect.com/wp-content/uploads/2022/06/Aka-ms-remoteconnect.jpeg
162.241.119.151200 OK 7.3 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/2022/06/Aka-ms-remoteconnect.jpeg
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], progressive, precision 8, 300x213, components 3\012- data
Hash 806847dfed73da19363714d6226495af
eda58026370e92ca9b41b0c0d32357b4a4200178
2a4094beafafe7f83b3214b4b67abcfae8295cb6c4c6195d8332272f63574710
GET /wp-content/uploads/2022/06/Aka-ms-remoteconnect.jpeg HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
content-type: image/jpeg
content-length: 7326
last-modified: Thu, 16 Jun 2022 10:01:38 GMT
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/9k9fma1c/c5440.css
162.241.119.151200 OK 3.0 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/9k9fma1c/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10019)
Hash c2b5af6052f630a96e450e5e2a3cea52
00ca76a8828a1bbec1534eb10786804fd36492f2
58f6cc2d4fa3e528622102975fb62949dc0170bd47b588a67318d18552a57d59
GET /wp-content/cache/wpfc-minified/9k9fma1c/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2997
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
162.241.119.151200 OK 2.5 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5141)
Hash e92d73bfd5d684da23198db30a3315c5
da8d7dd5bc412f94ca13c456fdc4a0dcc3372717
4f9b527f4651e06d87a6b21088fb507140b7dfe563315192c59959aaf97ff3f4
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.6 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Sep 2022 09:07:46 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2451
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
162.241.119.151200 OK 2.3 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash cec23e5a0777df58b888ad2aaa3fe428
3904542fe17b29426f4f964d63e1d45d4bc2f3b7
7ac1b9ea37ea3bcf867bbabd8de828b2e6d7a8e3cb2acaa16b2ae9cbd79b740a
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.8.0 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2312
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.3.5
162.241.119.151200 OK 2.9 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.3.5
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6770)
Hash 503ee5b0e387c56f88cf39a569b30e36
1217d4ae66db0906107ac2e29997ed5c7e736c7b
f5408c578d9d89f91d0818371f1a15e28f949800f61c03c06cd94b0405c24882
GET /wp-content/themes/neve/assets/js/build/modern/frontend.js?ver=3.3.5 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:51:34 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2878
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
162.241.119.151200 OK 13 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32907)
Hash 37e06ea4e37d465ce76adb3954eaf201
d1d2f06cdfad134d4638de2ab2bfc54e47d02552
f839cbc0157e8e2efe0bb74b33bfa248b4ebb59d3d968d08124c8263a44dcfa6
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.8.0 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13291
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.119.151200 OK 4.6 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4618
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
162.241.119.151200 OK 4.2 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:03:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 4233
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
162.241.119.151200 OK 1.7 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 05:49:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1712
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.241.119.151200 OK 3.7 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash e2a8decccf4d0a6b925af707a36077a9
26a0febc9c3d91e75410f74b9ec62099ba1cbe90
09e0e638a6f53c0fdcfeeb8ae91f3a404bef47b471324e335e29be14a2aa87f7
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3747
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.119.151200 OK 2.7 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 05:49:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2675
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.119.151200 OK 7.6 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:03:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7621
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
162.241.119.151200 OK 7.6 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21374)
Hash deda6829c9586c80d9026b3c020828cd
67cb6f9e8c8c811ef5b0e438d5a6df9b71786fd0
37039a881c3608c346a4c6c5bbb11de1ae44241d13e1dc54ddbac50223c13339
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.6 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Sep 2022 09:07:46 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7577
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.241.119.151200 OK 8.3 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:03:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 8344
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
162.241.119.151200 OK 16 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40474)
Hash 85b4389c079ac11b75c6c592b3ce1dc6
c355e852f0c801191f2138cdeea752d40ec3a078
5dbb8236a5133a22c314a0090ccfcbaa009aeba7d5141cccc67c078c10ad079c
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.8.0 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16151
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
162.241.119.151200 OK 7.0 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (24339)
Hash 01e620cb09036c90ecc01363c0b0dd47
daa8a68df0edf685b9ab3768546622d68f962364
7bccd0834a58031ae8de504ce60535fc91abb17257935a90fa3033735917432e
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.6 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Sep 2022 09:07:46 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7048
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akams-remoteconnect.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.241.119.151200 OK 40 kB URL HTTP/2 www.akams-remoteconnect.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash b7686ae1777d8cefcfd249b2e2e7f9e7
d2afc01f6d3a981f197bb374c9ddec5617fe5cee
79a82c610b6f05e2fedfc1ae5439fb6034e91759e0d00508eebc3112a38a3a52
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 05:03:04 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akams-remoteconnect.com/
162.241.119.151200 OK 0 B URL HTTP/2 www.akams-remoteconnect.com/
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: User-Agent,Accept-Encoding
last-modified: Fri, 18 Nov 2022 06:24:11 GMT
accept-ranges: bytes
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 205212
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tobaltoyon.com/ntfc.php?p=5507385
139.45.197.251200 OK 22 kB URL HTTP/2 tobaltoyon.com/ntfc.php?p=5507385
IP 139.45.197.251:0
Hash 9459f812157029a9dfdb177b26741f4e
bf757505b3289e92c5d912df147d26113541094d
903552fb68310ba74ee607fbff3bdd81100da1c29b955c879c15e60c7775d9c5
GET /ntfc.php?p=5507385 HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:00 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-38a8"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/lldiojft/c5440.css
162.241.119.151200 OK 42 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/lldiojft/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 783d6340326f68d8295fe2a784e126e2
61c0b80ea8b7f44512f529caee239daab166cb41
8d705409950cc89ed1ff9521fd4c8e9829fe9e4fd640faf3cd79ca00893afe69
GET /wp-content/cache/wpfc-minified/lldiojft/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 205063
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/6w8jmqs9/c5440.css
162.241.119.151200 OK 34 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/6w8jmqs9/c5440.css
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d514fbbfa4aa23265667a49cc494aca2
88283d04e59ea01518cc1ed38836c7f79901aa36
70910b6460f366c4f5ecb10b107b827850898987ba4365b0df95d536cd17d1f8
GET /wp-content/cache/wpfc-minified/6w8jmqs9/c5440.css HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 10:05:00 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/
162.241.119.151200 OK 0 B URL HTTP/2 www.akams-remoteconnect.com/
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: User-Agent,Accept-Encoding
last-modified: Fri, 18 Nov 2022 06:24:11 GMT
accept-ranges: bytes
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd57c6a1fed689f147c77ba9f920cf42
278f038d8663234e13bcdc07cc7cdcdeff6b0d17
596e3645eac8f9e16b40c791090ea9cc4d8b0cd17798ed3c7c17b1f63d10c134
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "596E3645EAC8F9E16B40C791090EA9CC4D8B0CD17798ED3C7C17B1F63D10C134"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 26 Nov 2022 09:54:01 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.akams-remoteconnect.com/wp-content/uploads/2022/03/bg-wool-dark.png
162.241.119.151200 OK 1.6 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/2022/03/bg-wool-dark.png
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 800 x 400, 8-bit grayscale, non-interlaced\012- data
Hash 80a55748e7b4c539cbd79b9657bede96
d515a0a502262ab5c084b69c48297cdf0719ed96
3cada8f13ba3073d027ca94c87805f7b970475caacf2473da41aa9b6e9f56b4b
GET /wp-content/uploads/2022/03/bg-wool-dark.png HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-9.css?ver=1668752094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Mar 2022 05:48:30 GMT
accept-ranges: bytes
content-length: 1606
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/uploads/2022/03/aka-ms-remoteconnect.jpg
162.241.119.151200 OK 157 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/2022/03/aka-ms-remoteconnect.jpg
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x600, components 3\012- data
Size 157 kB (157370 bytes)
Hash e98e8eedbf2a377808da1c395f276f56
375097a00232dc7e741fcfeaac9afb7f853d2502
3f09b87bdbe24de30c1d838ace007035bd475afd01a39e8c895708aa6bdea036
GET /wp-content/uploads/2022/03/aka-ms-remoteconnect.jpg HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/wp-content/uploads/elementor/css/post-9.css?ver=1668752094
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Mar 2022 05:23:06 GMT
accept-ranges: bytes
content-length: 157370
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/
162.241.119.151200 OK 0 B URL HTTP/2 www.akams-remoteconnect.com/
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: User-Agent,Accept-Encoding
last-modified: Fri, 18 Nov 2022 06:24:11 GMT
accept-ranges: bytes
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
162.241.119.151200 OK 78 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/1qy54oit/c5440.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
content-length: 78196
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/font-woff2
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
tobaltoyon.com/zone?pub=0&zone_id=5507385&is_mobile=false&domain=www.akams-remoteconnect.com&var=&ymid=&var_3=
139.45.197.251200 OK 664 B URL HTTP/2 tobaltoyon.com/zone?pub=0&zone_id=5507385&is_mobile=false&domain=www.akams-remoteconnect.com&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 8721969664bf1ca5d332dc09cf3bb771
8ffa554efd7bbb725ad42a88eb0fccd60cba1eeb
b8e4bbb3491aeaef110aaa36c183a7636ec591037437c5eb4f1130a75bbb256f
GET /zone?pub=0&zone_id=5507385&is_mobile=false&domain=www.akams-remoteconnect.com&var=&ymid=&var_3= HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: b8b6bceecbb42a87582219e212480dbb
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3028.71611172294!2d-74.07464638490491!3d40.61408675153736!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fabf222a59b%3A0x31f7c93281c9be25!2sSt%20Marys%20Ave%2C%20Staten%20Island%2C%20NY%2010305%2C%20USA!5e0!3m2!1sen!2sin!4v1634051334371!5m2!1sen!2sin
142.250.74.164200 OK 907 B URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3028.71611172294!2d-74.07464638490491!3d40.61408675153736!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fabf222a59b%3A0x31f7c93281c9be25!2sSt%20Marys%20Ave%2C%20Staten%20Island%2C%20NY%2010305%2C%20USA!5e0!3m2!1sen!2sin!4v1634051334371!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1543)
Hash f39a1e08af789756868fa815008d12e2
27c102b52ae6cc1bb0e2e00a52360a256424e083
d645d0c758cbcc6069d11f2d6361f5f2eaf33744c3be08bd9369816fc2668828
GET /maps/embed?pb=!1m18!1m12!1m3!1d3028.71611172294!2d-74.07464638490491!3d40.61408675153736!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x89c24fabf222a59b%3A0x31f7c93281c9be25!2sSt%20Marys%20Ave%2C%20Staten%20Island%2C%20NY%2010305%2C%20USA!5e0!3m2!1sen!2sin!4v1634051334371!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 03:54:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-A2_-i-7PajV0bUqkxShYPA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 907
x-xss-protection: 0
server-timing: gfet4t7; dur=162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.242200 OK 124 kB URL HTTP/2 arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.242:0
Size 124 kB (123503 bytes)
Hash cf5a7667d4daea3772f00005c5198320
d26bd00636ed502552d60fe577c71a7820fab162
452809c175a95c1ed7777683e7a984791e534c6df960fa7fff77623bf77788bf
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=c4911730dee847ec8f4920cdf2fa4833; oaidts=1669434840
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
162.241.119.151200 OK 93 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/wp-content/cache/wpfc-minified/lldiojft/c5440.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
content-length: 93372
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/font-woff2
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/uploads/2022/03/cropped-Minecraft_Core-Logo.png
162.241.119.151200 OK 7.4 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/2022/03/cropped-Minecraft_Core-Logo.png
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 200 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 2659d42ea758f11ca9235e3f13c42df1
28830ed679550ed9d3905df886da95ae48e6d1db
d1fed2165e1985c5aa195a4a927d88442b65d3325b026fd12aeb4db2ebe3236d
GET /wp-content/uploads/2022/03/cropped-Minecraft_Core-Logo.png HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Mar 2022 05:43:18 GMT
accept-ranges: bytes
content-length: 7430
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6519
Cache-Control: max-age=108811
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Etag: "63807a6d-118"
Expires: Sun, 27 Nov 2022 10:07:32 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bc8d456542f88a5e3712f8679104234f
a4bc16d08d7a947bbe90d88dc91bb62e84e53897
eb150b7f1125829f285ce9921321db482eb89099687d14f9f80796a60052f6b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6519
Cache-Control: max-age=108811
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 03:54:01 GMT
Etag: "63807a6d-118"
Expires: Sun, 27 Nov 2022 10:07:32 GMT
Last-Modified: Fri, 25 Nov 2022 08:18:53 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de5d4025500d69d327f49266a18e538a
47d3275d0f92686a8e86cb09b16627cddb82984b
25b35f377f53fda43ecae3487f7dd289bfca1caca6631a7f9990f405aee77094
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25B35F377F53FDA43ECAE3487F7DD289BFCA1CACA6631A7F9990F405AEE77094"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9103
Expires: Sat, 26 Nov 2022 06:25:44 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de5d4025500d69d327f49266a18e538a
47d3275d0f92686a8e86cb09b16627cddb82984b
25b35f377f53fda43ecae3487f7dd289bfca1caca6631a7f9990f405aee77094
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25B35F377F53FDA43ECAE3487F7DD289BFCA1CACA6631A7F9990F405AEE77094"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9103
Expires: Sat, 26 Nov 2022 06:25:44 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11481
Expires: Sat, 26 Nov 2022 07:05:22 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
www.akams-remoteconnect.com/
162.241.119.151200 OK 97 kB URL HTTP/2 www.akams-remoteconnect.com/
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 825732d3a214f19aca3b8a4096b6e8ad
c6a8bcabe4a32e960d15f1a982a2e933a7f1a069
e1231d94d6308b333d096d5e7d9362a6a17fcd1861368d4fe2a4f8a225dee5c5
GET / HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 26 Nov 2022 03:54:00 GMT
server: Apache
content-type: text/html; charset=UTF-8
vary: User-Agent,Accept-Encoding
last-modified: Fri, 18 Nov 2022 06:24:11 GMT
accept-ranges: bytes
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yM8EHyxy6pUHVZhGUOHuFOU-Z4eTyL2N3Ooa6QMrPlIfp6X5I_JBRw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 22075
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tobaltoyon.com/pfe/current/universal.min.js?v=3.1.405
139.45.197.251200 OK 34 kB URL HTTP/2 tobaltoyon.com/pfe/current/universal.min.js?v=3.1.405
IP 139.45.197.251:0
Hash 7a91db40ea4ab6ca823535e349da4504
cdbabc64cbb36b113ce1da1f7ed496ec00780444
09105aefbf94c34116e705adc3f853233e56ce22ced8bfa4577001068e271372
GET /pfe/current/universal.min.js?v=3.1.405 HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-180b9"
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9443750de7962c9e235cbb6dbda24df0
05de7f68103849bd0cd80a704ef97685d0150800
d84e37f9bfd9888a385364c52cdc0d817aa680ee0a83e579ca1f1083f1131468
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53b989dd-5b05-43e6-807e-30a5611591c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12505
x-amzn-requestid: a89c780f-e1a4-451e-842b-656ba43958be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOeHzfIAMFpGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381358f-3478b6c81d94ec65388bd3da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mUic7CJjKQ8l7EKhTTSs2LTLaCqnVQUBuxzmfzET4TwSa_LX8na-MA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:28 GMT
age: 22233
etag: "05de7f68103849bd0cd80a704ef97685d0150800"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a82cc688f934411a894427bd493c429
fd67260f92d7faee2360956e8d2ed50a00c1dbcf
fbd1a487dac7233861d173e711218d3e3402bc71f538025c540b93696309dc67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56b1fea9-e9cd-44f8-a1ed-26557538d958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12319
x-amzn-requestid: 6973e196-9eb3-4aea-9c60-b8e2158641ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVOoGkgIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813590-62965d4c607d4f0a060265d9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: U2lRuGTHsBCJ7HqZcNbwMXTuNJsghqL0p-hMJyUfiWAdXla2pJ6JRw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
etag: "fd67260f92d7faee2360956e8d2ed50a00c1dbcf"
content-type: image/jpeg
age: 22075
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKxrYxVsJWOXAbrn6IpwLycF3rknFLkQeDyKOLq5WyflvTLeUjg_Lg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:18:42 GMT
age: 20119
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SRN-oOfa8Z0mQZFYkWAv32XFiXChfGjfwZkfWz-IzHubwrKgzwoTxQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 06:35:07 GMT
age: 76734
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 83717
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/uploads/2022/03/aka-ms-remoteconnect-150x150.png
162.241.119.151200 OK 7.4 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/uploads/2022/03/aka-ms-remoteconnect-150x150.png
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 75771e61abc8b7260b427217ef5e5b6c
a650838b973130ecdb14eaa0986a7be403d43ac1
8d39f92994890daf1aff7ef8baffe4e9dc3ec01679a6116cd272b5ce011f9c27
GET /wp-content/uploads/2022/03/aka-ms-remoteconnect-150x150.png HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Mar 2022 06:11:28 GMT
accept-ranges: bytes
content-length: 7424
cache-control: max-age=10368000
expires: max-age=A10368000, public
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 26 Nov 2022 03:54:01 GMT
server: Apache
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 36 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash 1ee0736173abdeeec11a7dae7855748f
93f1fc7a07c8df30fd34f56662e0146f8b5f8147
0f29f479002e72a62b67c14e1a5e7db868694d86b7f329f563d326ed3de1c391
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5916
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBJ4jx9V9o3AT7OVfa2D7uDS%2BmCaxciAgIeBjV6U%2FQwnWRMcdIo9rzIi4Ekw9xcG%2FT9oEuQB0iTks8Ltph2SqcuR58KzRmOy%2BZUaSHuOrjAksslyHI%2FrZhDz8cShrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ffae2e7918b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94d86bd8aa3fb64d5ef4ba39b2093f46
f6f8b969e6d14af88dcd584c72ad52d904d459e9
43bbb48a1a37a33c18036773457c75408e907c1fd7297a42152aee29f396066e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10654
Expires: Sat, 26 Nov 2022 06:51:35 GMT
Date: Sat, 26 Nov 2022 03:54:01 GMT
Connection: keep-alive
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 07:12:45 GMT
expires: Thu, 23 Nov 2023 07:12:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 247276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ca306f5018ddd8228669c838025c205f
1c7d797088cc81c3247fc08879cdba01a470371b
cf83d2366cd90cfccd702ac444faf2dd1f22875a0edc06549238f4185a09b517
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:01 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 02:41:08 GMT
expires: Sat, 26 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 4373
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=104
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=104
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=104 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=aa64f20333a74108874557339acddd8a; oaidts=1669434840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 1892295bb3129fbc12182a3ca7c5fff2
access-control-expose-headers: X-Sc
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
oaidts=1669434840; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash eb7b989b3377c96ae331f6deeab33ad6
e975c9f5121852023ef22cbee9738cd8db575686
234fb878cf2edc873b7e273491a9054db9ad1264e0e375f83e05a10bc9d60399
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:02 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 12:52:19 GMT
Expires: Thu, 01 Dec 2022 12:52:18 GMT
Etag: "e975c9f5121852023ef22cbee9738cd8db575686"
Cache-Control: max-age=463695,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ffae33bf780b31-OSL
tobaltoyon.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
tobaltoyon.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a
139.45.197.242200 OK 2.8 kB URL HTTP/2 arsnivyr.com/9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a
IP 139.45.197.242:0
Hash ff7db5fd9e079ff74ca77c2455b0c99f
15ca2b439e6c40e9c525a95286b7b24cc5ed4872
9065b29dd7fefb22a5c43eabe8752e218eb1983c0055f9c097ca7c18a8e813d2
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5507382&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=aa64f20333a74108874557339acddd8a HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 230
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=c4911730dee847ec8f4920cdf2fa4833; oaidts=1669434840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 36280aa031933b14fef0bed638eeff5b
access-control-expose-headers: X-Sc
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
oaidts=1669434840; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
tobaltoyon.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akams-remoteconnect.com/
Content-Type: application/json
Origin: https://www.akams-remoteconnect.com
Content-Length: 391
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0a14d71151a036047bab242df74baa79
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tobaltoyon.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: tobaltoyon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akams-remoteconnect.com/
Content-Type: application/json
Origin: https://www.akams-remoteconnect.com
Content-Length: 780
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b034978bd81217b1fc4301ab8ee7025a
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&ttfb_yellow=1389.000&ttfb_yellow_cnt=1
95.211.66.35200 OK 42 B URL HTTP/2 clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&ttfb_yellow=1389.000&ttfb_yellow_cnt=1
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
POST /utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&ttfb_yellow=1389.000&ttfb_yellow_cnt=1 HTTP/1.1
Host: clickiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: *
cache-control: no-cache
x-error: limit exceeded
x-error-host: amn-ams-5-7
iseu: eu
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=123604869&z=5507382&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&bag=p3KJ2kNgTjIE2n46ecSYVMjPpwYypiM5&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=123604869&z=5507382&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&bag=p3KJ2kNgTjIE2n46ecSYVMjPpwYypiM5&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /121?rnd=123604869&z=5507382&b=15484935&c=6264466&var=&d=https%3A%2F%2Fmediasama.com%2Fstarharem%2F01%2Fs%2Findex_rt.html&cln={CELL_NUMBER}&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&bag=p3KJ2kNgTjIE2n46ecSYVMjPpwYypiM5&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=aa64f20333a74108874557339acddd8a; oaidts=1669434840
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-length: 0
location: https://mediasama.com/starharem/01/s/index_rt.html
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c56679c8f648c188f3ea4f0c14efc74c
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
gloaphoo.net/500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 gloaphoo.net/500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3353984826&z=5507382&b=15484935&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=aa64f20333a74108874557339acddd8a; oaidts=1669434840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 4fa1f3c9ab06a93895d4256748d58acc
access-control-expose-headers: X-Sc
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
oaidts=1669434840; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 26 Nov 2023 03:54:02 GMT; secure; SameSite=None
CNT=1_v1_B0jsAAEAAAB6S3Yg; expires=Sat, 26 Nov 2022 04:54:02 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
agamagcargoan.com/500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 agamagcargoan.com/500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: agamagcargoan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.akams-remoteconnect.com/
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/table-of-contents.a695231ee79a390b7620.bundle.min.js
162.241.119.151200 OK 3.0 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor-pro/assets/js/table-of-contents.a695231ee79a390b7620.bundle.min.js
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7525)
Hash e6bcd41bb8510735cbb222604cf87a0e
e079e7fad73072d37d45527b7990fb8eeb870c66
1f8f920dd91ffb24b700b2d03606e205d7a270fd2bad1d1e5ef32e825bc8a887
GET /wp-content/plugins/elementor-pro/assets/js/table-of-contents.a695231ee79a390b7620.bundle.min.js HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: _ga=GA1.2.2039869957.1669434841; _gid=GA1.2.394961673.1669434841; _gat_gtag_UA_222722748_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Sep 2022 09:07:46 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2981
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:02 GMT
server: Apache
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
162.241.119.151200 OK 671 B URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1320)
Hash 06336a3301ee0a49c87c5b6dd622200e
58894e1a1614214394257edcb009e302cb9c60ca
62b0ea6bbd905f11d687a1fdf9d99dfef393ff5c89a56927fd809313a38d76cc
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: _ga=GA1.2.2039869957.1669434841; _gid=GA1.2.394961673.1669434841; _gat_gtag_UA_222722748_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 671
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:02 GMT
server: Apache
X-Firefox-Spdy: h2
offerimage.com/www/images/1f9c9754cea8c2cf711c41bdd7562f32.png
172.67.22.216200 OK 100 kB URL HTTP/2 offerimage.com/www/images/1f9c9754cea8c2cf711c41bdd7562f32.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size 100 kB (100369 bytes)
Hash 1f9c9754cea8c2cf711c41bdd7562f32
0c2825deedb392c12c8bfc33ac3f993dc2284156
2c54b03d5045cc5e660b43c334da23e11596811157c225f71549bbf3c4b04042
GET /www/images/1f9c9754cea8c2cf711c41bdd7562f32.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: image/png
content-length: 100369
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-18811"
expires: Sat, 26 Nov 2022 18:25:27 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 34115
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ffae350ec40af6-OSL
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js
162.241.119.151200 OK 1.6 kB URL HTTP/2 www.akams-remoteconnect.com/wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3740)
Hash 94cb5a248d4434c34487969c850d0188
6c36a7006049b1a90a81f9a65bef3e1f1f19a46a
76924f854b2f8d03158961e3c6fa5a8c65eb2c763d78d239bc16b5e44ad8d714
GET /wp-content/plugins/elementor/assets/js/toggle.933918840481dcc64242.bundle.min.js HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: _ga=GA1.2.2039869957.1669434841; _gid=GA1.2.394961673.1669434841; _gat_gtag_UA_222722748_1=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 08 Nov 2022 03:50:15 GMT
accept-ranges: bytes
cache-control: max-age=10368000
expires: max-age=A10368000, public
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1621
content-type: application/javascript
date: Sat, 26 Nov 2022 03:54:02 GMT
server: Apache
X-Firefox-Spdy: h2
gloaphoo.net/500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.8 kB URL HTTP/2 gloaphoo.net/500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash b51376eed2e136e6409406e6638269fc
0411cc73f04296dbb7f954fb4fd2a49b75e39c04
d21c2e3245ae75206697e96d4d59a9605fa53ac276923992b66289e9f21591a4
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5507383?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: OAID=23a48a4d326d406a9e4ccaa193895563
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: application/javascript
x-trace-id: e4224d9776eabfb3b6a10cd27049704a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/index_rt.html
144.217.67.42200 OK 1.5 kB URL HTTP/1.1 mediasama.com/starharem/01/s/index_rt.html
IP 144.217.67.42:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 30597b59f3cb1eadf603fcfb21952340
baca3a552764959edd4fc56947acc9a4f33822de
6ac92da5b37d94c53f231a18bb88be006ae20f1724a63151a97ed918d86cb25d
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/index_rt.html HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:02 GMT
Server: Apache
Last-Modified: Wed, 20 Jul 2022 09:11:51 GMT
ETag: "17a0-5e438fdce23c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1525
Content-Type: text/html
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 15:30:11 GMT
expires: Fri, 24 Nov 2023 15:30:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 131031
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/styles.css
144.217.67.42200 OK 2.4 kB URL HTTP/1.1 mediasama.com/starharem/01/s/styles.css
IP 144.217.67.42:0
File type ASCII text, with very long lines (420)
Hash 8e7117f5f47cb6cde0a8e8eb38b16dbb
617fd3f0d3f420ee1967a20fb0b0af4ac34eca03
794f8aa66b6afcf9b7d9bfe5952860436dcfee6bf82e4368af6bc838ce89be98
GET /starharem/01/s/styles.css HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:02 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:29 GMT
ETag: "2638-5dc0be6400e82-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2406
Content-Type: text/css
mediasama.com/starharem/01/s/js/main.js
144.217.67.42200 OK 549 B URL HTTP/1.1 mediasama.com/starharem/01/s/js/main.js
IP 144.217.67.42:0
Hash d8fa8e233a4db9fbce0c20d9a57a06fe
2366b2969771aa164bfdca6b5baf916806f6758a
f496e19ead804367daa801860cd95a7ec6854965a7c5cf2c49dda71532c19932
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/js/main.js HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:02 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:50 GMT
ETag: "516-5dc0be78000b5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Content-Type: application/javascript
fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Hash 70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a
GET /s/luckiestguy/v18/_gP_1RrxsjcxVyin9l9n_j2hTd52.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mediasama.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 07:02:56 GMT
expires: Fri, 24 Nov 2023 07:02:56 GMT
cache-control: public, max-age=31536000
age: 161466
last-modified: Tue, 19 Apr 2022 18:58:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.632%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.632%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.632%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=aa64f20333a74108874557339acddd8a; oaidts=1669434840; oaidvc=1; CNT=1_v1_B0jsAAEAAAB6S3Yg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 03:54:03 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3685fb9a0fb42fd3d6ab612786a98335
access-control-expose-headers: X-Sc
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:03 GMT; secure; SameSite=None
oaidts=1669434840; expires=Sun, 26 Nov 2023 03:54:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/audio/btn_1.mp3
144.217.67.42206 Partial Content 20 kB URL HTTP/1.1 mediasama.com/starharem/01/s/audio/btn_1.mp3
IP 144.217.67.42:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 192 kbps, 44.1 kHz, JntStereo\012- data
Hash d857acaef2cdf5ec88ea6128c1ceb7b3
5f67419243f34232a4da8cb1a1eaecfc192ff1a7
df83bc888086ae84b5d532a39023b0db17e8f3ccd3ffdcd6f35c8d4f39558d24
Analyzer Verdict Alert fortinet Phishing
GET /starharem/01/s/audio/btn_1.mp3 HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 206 Partial Content
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Thu, 07 Apr 2022 08:02:31 GMT
ETag: "4f61-5dc0be65fcb81"
Accept-Ranges: bytes
Content-Length: 20321
Content-Range: bytes 0-20320/20321
Content-Type: audio/mpeg
mediasama.com/starharem/01/s/img/1.jpg
144.217.67.42200 OK 397 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/1.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 397 kB (397097 bytes)
Hash 43c140ec16ce96d582782ea93eeaa4fe
3390bf8e8708620fc0a851455e4729cb4f0248a2
3e176a04debe08dd522e7f0fbc9f7530880a92fb9845afd7391bbaa764a4ad55
GET /starharem/01/s/img/1.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "60f29-5dc622dfac0e8"
Accept-Ranges: bytes
Content-Length: 397097
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/2.jpg
144.217.67.42200 OK 370 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/2.jpg
IP 144.217.67.42:0
File type gzip compressed data, max compression\012- data
Size 370 kB (369903 bytes)
Hash 071ebb495f1bdc6962bb245b5310cc33
69039d8ebbb077c1bb7478a0507d482c0b1c21d2
3d4179511a4acb5cbb8b4c4cd3e37dd7d3f13cfbac612acafde42862fc92dd3b
GET /starharem/01/s/img/2.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5a257-5dc622e1424eb"
Accept-Ranges: bytes
Content-Length: 369239
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/7.jpg
144.217.67.42200 OK 327 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/7.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 327 kB (326553 bytes)
Hash c67c9fb0268eea7d188c4c9bc54a0bf4
216b83374ba6f011041b31dd381f22e99ea7a8c1
95ae6eba3fad2ff05cadc95b27fc79a198a9e873371ab5fb7bb97c1661cd4654
GET /starharem/01/s/img/7.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:45 GMT
ETag: "4fb99-5dc622e5033f2"
Accept-Ranges: bytes
Content-Length: 326553
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/8.jpg
144.217.67.42200 OK 682 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/8.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 0-3584, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 0.000000, slope 211035008.000000\012- data
Size 682 kB (682050 bytes)
Hash cedcd46e956dee6a28f87198962b0477
7b38f1de654971e436983fb6a34a71540ba526c9
08c08ef6f1ed9da65259719bbcc97e9aec700d3b486a9f0a741cb5800be34db5
GET /starharem/01/s/img/8.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "a6842-5dc622e757ed6"
Accept-Ranges: bytes
Content-Length: 682050
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/9.jpg
144.217.67.42200 OK 342 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/9.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 342 kB (341673 bytes)
Hash a3a888cf217de9be2aa727dd1cc64757
b7bd361dfdceecfc5775d0ed32e5798abd271d5e
2fd4025336ad8a5edd704651a216cf6b9739089ad1c204bd1ea8e114d11770b9
GET /starharem/01/s/img/9.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:47 GMT
ETag: "536a9-5dc622e6fb276"
Accept-Ranges: bytes
Content-Length: 341673
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/4.jpg
144.217.67.42200 OK 325 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/4.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 325 kB (325446 bytes)
Hash ec18d276822ab5772f3458da7dbedfbc
f7a38f944aaba3e6b848f496bf4b8fee50b58161
da6b7082767f0ddffbec031c7f84b859c7a1f20624445bb26aa93895b75d7c09
GET /starharem/01/s/img/4.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:43 GMT
ETag: "4f746-5dc622e2da82e"
Accept-Ranges: bytes
Content-Length: 325446
Content-Type: image/jpeg
agamagcargoan.com/500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 463 kB URL HTTP/2 agamagcargoan.com/500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Size 463 kB (462638 bytes)
Hash 066c3de5f418ce999386cf2fb404d9cf
2e19d3918fe22d7d8997fb691ed521a22e84e2ae
137ad9b866b647b2a9546174e20cd4d0b22e2aa90cad3d61f01968ffd5c9f84d
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5507380?excludes=&oaid=aa64f20333a74108874557339acddd8a&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: agamagcargoan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: OAID=f3adac55d4ef43a18ca6a70dd7a5d6c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:02 GMT
content-type: application/javascript
x-trace-id: ca3b1f0fdbd765b10c5d0cbf06a18434
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:02 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
mediasama.com/starharem/01/s/img/10.jpg
144.217.67.42200 OK 237 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/10.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 237 kB (236974 bytes)
Hash e0046cc1f34ff0701ec4874a0a8c5d43
c6a46db14dfc50d67307a9855f4dd2688d576a01
8589d73053f4bb258d888488403564bdcc94fb2d87c7388f943bf06fb85865a1
GET /starharem/01/s/img/10.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:39 GMT
ETag: "39dae-5dc622df755e8"
Accept-Ranges: bytes
Content-Length: 236974
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/6.jpg
144.217.67.42200 OK 261 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/6.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 261 kB (261364 bytes)
Hash 4b7cf78d93f3f009f850bedb6829d7f6
cc55cad898df47a2f089946aee9398fea7fa2ae6
44d0a6f8e7f7fe0354c05417445137070431686d671c51e9f3d3869867f2448f
GET /starharem/01/s/img/6.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:44 GMT
ETag: "3fcf4-5dc622e471bd1"
Accept-Ranges: bytes
Content-Length: 261364
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/11.jpg
144.217.67.42200 OK 403 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/11.jpg
IP 144.217.67.42:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 403 kB (402740 bytes)
Hash c10654a068f849e614885c983ac9ab02
8d69da78045560f1c2de7bafc47b2c8a12e86424
3a864743d27da3ef1cea10d293532f84f9d564a98b34afef2a8f4b380472dfc2
GET /starharem/01/s/img/11.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 09:18:06 GMT
ETag: "62534-5dc5d6c134c3d"
Accept-Ranges: bytes
Content-Length: 402740
Content-Type: image/jpeg
mediasama.com/starharem/01/s/img/3.jpg
144.217.67.42200 OK 375 kB URL HTTP/1.1 mediasama.com/starharem/01/s/img/3.jpg
IP 144.217.67.42:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1080, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1920x1080, components 3\012- data
Size 375 kB (375159 bytes)
Hash 84c5f704120f28ad7bcde2ebab7442a0
fd2745300ba7ad59ff8044c7e9f76b1326ddd120
6227de9cf2198a85639d3808c134b85dc1e6a5ee5ee5709189c5e58d1b91b7c2
GET /starharem/01/s/img/3.jpg HTTP/1.1
Host: mediasama.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mediasama.com/starharem/01/s/index_rt.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 03:54:03 GMT
Server: Apache
Last-Modified: Mon, 11 Apr 2022 14:58:41 GMT
ETag: "5b977-5dc622e17edac"
Accept-Ranges: bytes
Content-Length: 375159
Content-Type: image/jpeg
arsnivyr.com/15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.634%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.634%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /15?rnd=1553848126&z=5507382&var=&rb=L5aJxcrerOOwt4a2iv2aF92CANcQ-QYNtvSSptKJMVTvOIRFJStDZb5B7lc6_RY4cRy2IgL5bX-xyjMyJRMWZCcp4GZdo6yaZ7zosrW9B7nBmjbKqJFCHzOJ_qSZqYS5dHN0Szx-jvI5hgXH6kUsB4KETt-dUy-HWsJIQ-DUIqoxBfy_rw5QQzQn4mJpfm-qQ4-NRllVxPNyvZMef96S41Rfq_bQ-UfRQxwHl4rU_p4utjWUsvQ1uUh6A-nv-NG1ruKzOws5FruBwBQPU3H_xzqMsm1LEKhPEvrPSou2eMiI556_0bMnJdluIGEoM7DgleMxfiU6LS08xik185sgYxWNuqcTYUJYRi5yHXLiFA2ztZZ6icTPcHNTzSk3GpQ6Q6aEKVQWyWZR6_PPo-ReAUhIa4EHKD978Tui7JCeQGbGVZMlp6EbfUYzwsp-8rLkQjA5Z82jGN1Et72LsXGT6zN4efexeL_tawC4vZ0goy22EWiH0yusqK8pTstS8Mr9Z4gPWWGP6lpDgkkSs7dcDzUvVPogav9ox7vt4GMVjEAFwGTD6QjJBzeU20v8BJurhRxnJLDLCU6EkI0Z6iZBvhFSUirr_y2SM9TVBwCx6GVsxE93wxWQAnF1786HjnyIzMbkslPjWweGhtQWMtuVhpHuqi4u1DK-FDGUolvdKHwut-WB32kN9ARw4n9eaGvT7YF9t0kQSZsSywN1OUe0Yp0qNdOAnGsGFrD3NOSPEOeRV8g20GL_tC7tCqxYgwgynaP6msgWFToDr0nG8dHdi9Np_n2YzGmkRB4USoYdswp3_FJ_78pNA-TpJ8CJk25Jb3dL_k_fQkRkVJQSJDRc7w8ZD8n_2OvmzShyUQ==&ruid=4a265381-0fa1-4514-96f1-3aa2372d9132&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.634%2C%22location%22%3A%22https%3A%2F%2Fwww.akams-remoteconnect.com%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22wvr%22%3A1%2C%22wiv%22%3Atrue%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: scm=1; OAID=aa64f20333a74108874557339acddd8a; oaidts=1669434840; oaidvc=1; CNT=1_v1_B0jsAAEAAAB6S3Yg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 26 Nov 2022 03:54:05 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.akams-remoteconnect.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5753ed0ca2b132b1c2628a30d4661cf7
access-control-expose-headers: X-Sc
set-cookie: OAID=aa64f20333a74108874557339acddd8a; expires=Sun, 26 Nov 2023 03:54:05 GMT; secure; SameSite=None
oaidts=1669434840; expires=Sun, 26 Nov 2023 03:54:05 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
gloaphoo.net/impression/KntA3E9RIfLrg1kHPQF4z0jnSsnfn5EVOOyVr750BcqQ-BBjsCkwpLPZcaZCjvfB5CoTpsPzSrytyRo7aoJeeYxY_Jxxbn8hW2KWosiX3rduRyVPwUPMUryx8jFlVZ20x3PG8QiMffG8ZeXHY1l5nndoM70gwoMoyP9fVfURZj8AIR3m9HPv2YELm32XQ2Kk6g8XDCOOAcVnkKf6F0DJa9uXw8Vb-X1GHOgeFxHzHKlpNsQhNxzATu08RnXH9Yv2JQM7aeUdcIRwWi9l6CyEa1QJNGqOvhHqtFbZ6DaDassKLR6t6LOiFjWOOA1w1u7_GEQbx7JPysaO4PD7OdHC2e1-TYLIQbYc_-IjBABELX00CVEyVU5MTgoTQ5k0FylYtxOPoPDJ2A0mzRpbmOeW21bRv-kGoXY-8SScpGshuUMXMBAHDtCHPSftpwiEO7lDhMQH2qbrc68YQsRLciTu73Q1scglqp8Bbq6UvonxcBv7ZV0uSdB59S9x_z5ICijNZQQUcuSz-5tfud4VAlKp2woGpgaW72bNj3wzWM-sJyggDmN5vNqcEhA5ZASJFDAsA48Y6_rUdqU8_jiZRTKDGYykvKeUcanw7Tn9r-wnlnhlADYm3sKWTar29LwJK5mGzJLPF5k9wHFmfWMMDy5D4lqmdTiW4urC8YvgR4S8s-DUMYL5xBw4t73XFmac37bjSDL3wRf1_dc=?_z=5507383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 gloaphoo.net/impression/KntA3E9RIfLrg1kHPQF4z0jnSsnfn5EVOOyVr750BcqQ-BBjsCkwpLPZcaZCjvfB5CoTpsPzSrytyRo7aoJeeYxY_Jxxbn8hW2KWosiX3rduRyVPwUPMUryx8jFlVZ20x3PG8QiMffG8ZeXHY1l5nndoM70gwoMoyP9fVfURZj8AIR3m9HPv2YELm32XQ2Kk6g8XDCOOAcVnkKf6F0DJa9uXw8Vb-X1GHOgeFxHzHKlpNsQhNxzATu08RnXH9Yv2JQM7aeUdcIRwWi9l6CyEa1QJNGqOvhHqtFbZ6DaDassKLR6t6LOiFjWOOA1w1u7_GEQbx7JPysaO4PD7OdHC2e1-TYLIQbYc_-IjBABELX00CVEyVU5MTgoTQ5k0FylYtxOPoPDJ2A0mzRpbmOeW21bRv-kGoXY-8SScpGshuUMXMBAHDtCHPSftpwiEO7lDhMQH2qbrc68YQsRLciTu73Q1scglqp8Bbq6UvonxcBv7ZV0uSdB59S9x_z5ICijNZQQUcuSz-5tfud4VAlKp2woGpgaW72bNj3wzWM-sJyggDmN5vNqcEhA5ZASJFDAsA48Y6_rUdqU8_jiZRTKDGYykvKeUcanw7Tn9r-wnlnhlADYm3sKWTar29LwJK5mGzJLPF5k9wHFmfWMMDy5D4lqmdTiW4urC8YvgR4S8s-DUMYL5xBw4t73XFmac37bjSDL3wRf1_dc=?_z=5507383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/KntA3E9RIfLrg1kHPQF4z0jnSsnfn5EVOOyVr750BcqQ-BBjsCkwpLPZcaZCjvfB5CoTpsPzSrytyRo7aoJeeYxY_Jxxbn8hW2KWosiX3rduRyVPwUPMUryx8jFlVZ20x3PG8QiMffG8ZeXHY1l5nndoM70gwoMoyP9fVfURZj8AIR3m9HPv2YELm32XQ2Kk6g8XDCOOAcVnkKf6F0DJa9uXw8Vb-X1GHOgeFxHzHKlpNsQhNxzATu08RnXH9Yv2JQM7aeUdcIRwWi9l6CyEa1QJNGqOvhHqtFbZ6DaDassKLR6t6LOiFjWOOA1w1u7_GEQbx7JPysaO4PD7OdHC2e1-TYLIQbYc_-IjBABELX00CVEyVU5MTgoTQ5k0FylYtxOPoPDJ2A0mzRpbmOeW21bRv-kGoXY-8SScpGshuUMXMBAHDtCHPSftpwiEO7lDhMQH2qbrc68YQsRLciTu73Q1scglqp8Bbq6UvonxcBv7ZV0uSdB59S9x_z5ICijNZQQUcuSz-5tfud4VAlKp2woGpgaW72bNj3wzWM-sJyggDmN5vNqcEhA5ZASJFDAsA48Y6_rUdqU8_jiZRTKDGYykvKeUcanw7Tn9r-wnlnhlADYm3sKWTar29LwJK5mGzJLPF5k9wHFmfWMMDy5D4lqmdTiW4urC8YvgR4S8s-DUMYL5xBw4t73XFmac37bjSDL3wRf1_dc=?_z=5507383&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.akams-remoteconnect.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Cookie: OAID=aa64f20333a74108874557339acddd8a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:06 GMT
content-type: image/gif
content-length: 43
x-trace-id: d89e4cd767e4281a63c502fd046d7369
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5088223f5973e3cd56f03f50a1e84b79
0b6c9b51d10762a4747286ab5b1c2354fa39c622
8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8913
x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWXEpeIAMFnzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: whO__FB0B2ywDP_p63eQ044RXbT207sX1i87I6nPAFUB85nSYc0Cuw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:06 GMT
age: 22082
etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&fid_green=2.000&fid_green_cnt=1
95.211.66.35200 OK 300 B URL HTTP/2 clickiocdn.com/utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&fid_green=2.000&fid_green_cnt=1
IP 95.211.66.35:0
ASN #60781 LeaseWeb Netherlands B.V.
File type gzip compressed data, max compression\012- data
Hash 0471b1e0f54062f1ea116cdaa2a1ae83
9464fc4106769339f694d46223e655d5d214cbb2
8abf4804a56573c22e3cba7d5ddfd09199d317a7c2cdb7c03591d8d8a02b990a
POST /utr/wv/?prism=0&url=%2F&eid=227939&wh=1280x1024&rnd=48405580075&lid=0&tid=0&fid_green=2.000&fid_green_cnt=1 HTTP/1.1
Host: clickiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.akams-remoteconnect.com
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 26 Nov 2022 03:54:08 GMT
content-type: image/gif
content-length: 42
access-control-allow-origin: *
cache-control: no-cache
x-error: limit exceeded
x-error-host: amn-ams-5-7
iseu: eu
X-Firefox-Spdy: h2
s.clickiocdn.com/t/227939_wv.js
95.211.66.34200 OK 0 B URL HTTP/2 s.clickiocdn.com/t/227939_wv.js
IP 95.211.66.34:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /t/227939_wv.js HTTP/1.1
Host: s.clickiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 26 Nov 2022 03:54:00 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 21 Sep 2022 09:43:34 GMT
etag: W/"632adcc6-1ada"
expires: Sat, 26 Nov 2022 04:24:00 GMT
cache-control: max-age=1800
access-control-allow-origin: *
iseu: eu
content-encoding: gzip
X-Firefox-Spdy: h2
gloaphoo.net/400/5507383
139.45.197.239200 OK 0 B IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5507383 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/javascript
x-trace-id: 8cbbadce54ae8332f3a5e7ea27210054
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=23a48a4d326d406a9e4ccaa193895563; expires=Sun, 26 Nov 2023 03:54:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
agamagcargoan.com/400/5507380
139.45.197.238200 OK 0 B URL HTTP/2 agamagcargoan.com/400/5507380
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5507380 HTTP/1.1
Host: agamagcargoan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.akams-remoteconnect.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 03:54:01 GMT
content-type: application/javascript
x-trace-id: dfd0f7325414681c6cda0275b5bb3c78
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f3adac55d4ef43a18ca6a70dd7a5d6c6; expires=Sun, 26 Nov 2023 03:54:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.akams-remoteconnect.com/sw.js
162.241.119.151404 Not Found 0 B URL HTTP/2 www.akams-remoteconnect.com/sw.js
IP 162.241.119.151:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /sw.js HTTP/1.1
Host: www.akams-remoteconnect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.akams-remoteconnect.com/
Connection: keep-alive
Cookie: _ga=GA1.2.2039869957.1669434841; _gid=GA1.2.394961673.1669434841; _gat_gtag_UA_222722748_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.akams-remoteconnect.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 03:54:02 GMT
server: Apache
X-Firefox-Spdy: h2