donfitzsimmons.com/main/personal.html
79.137.192.45301 Moved Permanently 321 B URL HTTP/1.1 donfitzsimmons.com/main/personal.html
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ed87a124bb19795c0441b3fa1082448
f2e3c07a4c98a314da29f713b0f20875866c00ba
b69014e8cc946aaf239cff73645114de557ee1fb1c6bc6822fff5e09097f4b81
Analyzer Verdict Alert openphish Bank of Montreal
fortinet Phishing
GET /main/personal.html HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 21:25:50 GMT
Server: Apache
Location: https://donfitzsimmons.com/main/personal.html
Content-Length: 321
Connection: close
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 20:37:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TMyUpMAxyYlKlHa8ym9SWhIDoXa_gBoXyMrNCBIoinq2ezD6NAwUuQ==
Age: 2926
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6672
Expires: Wed, 28 Sep 2022 23:17:02 GMT
Date: Wed, 28 Sep 2022 21:25:50 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YXRJgXTA8We2CZ6KwPEVA4Tf4Hix0L5PByRdrOQwPJwCOg5mccORhg==
age: 57444
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 21:25:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5290ebce1cfc304e270f636f92ac7be
015cd4eeefa5f5c0a0e410456428351d86a50d91
e86bd534deccc05faa02bb4748df2540e3a2bf24c2885e1f3d5d5c9e7f9b2750
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E86BD534DECCC05FAA02BB4748DF2540E3A2BF24C2885E1F3D5D5C9E7F9B2750"
Last-Modified: Wed, 28 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Thu, 29 Sep 2022 03:25:35 GMT
Date: Wed, 28 Sep 2022 21:25:50 GMT
Connection: keep-alive
donfitzsimmons.com/main/personal.html
79.137.192.45200 OK 46 kB URL HTTP/2 donfitzsimmons.com/main/personal.html
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3457), with CRLF line terminators
Hash e76e0240728175d41b940af178486d1c
ae536a1630e55dcc44c7541bd4aae420ab7723db
a7f358267755f02bbcff8e27d866f3bff3512ec7dd561f27655e98a57c512382
Analyzer Verdict Alert openphish Bank of Montreal
fortinet Phishing
GET /main/personal.html HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 11:15:00 GMT
etag: "64f51-5e8146c72b500-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 45895
content-type: text/html
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/styles/main-ebiz.css
79.137.192.45200 OK 34 kB URL HTTP/2 donfitzsimmons.com/styles/main-ebiz.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type assembler source, ASCII text, with CRLF line terminators
Hash 80b04cac020ebf3935d6bf213278e4f1
95ea65b8cd7581dd1bcf0558fb20e8797ea03bb5
a64fa25a4eea2c0a2ff8bee4b96dca1389e067dfe129856d36acf542a82122c0
GET /styles/main-ebiz.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 29 Sep 2021 16:20:48 GMT
etag: "3bf80-5cd24b6815800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 34250
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/js/headJS.min.js
79.137.192.45200 OK 6.3 kB URL HTTP/2 donfitzsimmons.com/js/headJS.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document, ASCII text, with very long lines (15333), with no line terminators
Hash bddfb96c122a73c1a999e268fd41db49
87747349458e6eee095091947a00e965fcb84b86
29f44e6b8b2898dc8d433c27f0c87c4b7f1911fafaf3b190bdbb0e206d87c3ed
Analyzer Verdict Alert fortinet Phishing
GET /js/headJS.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "3be5-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6282
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 20:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 21:10:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JgIxReCfelvXw5n4DNUebs9pXts7rtCCLiCDUIzhLYUqM839b4Hw1A==
Age: 3377
donfitzsimmons.com/public-data/ssi/header/js/bmoharris.header.js
79.137.192.45200 OK 12 kB URL HTTP/2 donfitzsimmons.com/public-data/ssi/header/js/bmoharris.header.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (32812)
Hash a5a5959b2acfed97ac0c89f1de791b3d
e4104daa238d2fa6f6b936241e234286d50b5f7e
9aec7ca37ed8cf5684d4de40d42af6dcc1f3d36f0fc2fd9800bbc0e7bde7b96f
Analyzer Verdict Alert fortinet Phishing
GET /public-data/ssi/header/js/bmoharris.header.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 30 May 2022 18:57:12 GMT
etag: "b544-5e03f3945f200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11902
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/flag/thumbnail/united-states.png
79.137.192.45200 OK 1.1 kB URL HTTP/2 donfitzsimmons.com/dist/images/flag/thumbnail/united-states.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 7a131f5b50d3ebf9f784b8b3ba95f782
ba3a3cf0125004a29226897b04c0b60cb6a63a1c
7fc10751e4935e26a23cec5311745827a40816aa23f63b8f3049f5b05bc05b63
GET /dist/images/flag/thumbnail/united-states.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Dec 2017 21:28:18 GMT
etag: "42e-55f8a6595e080"
accept-ranges: bytes
content-length: 1070
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/bmoharris/logos/harris-blue-roundel.png
79.137.192.45200 OK 2.1 kB URL HTTP/2 donfitzsimmons.com/dist/images/bmoharris/logos/harris-blue-roundel.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 145 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 87b743c6b74b0ab1ae1b15171a5f0424
24d760088f0c7ac443ad3992fa997856391f8731
9435073bd6680f87022f3cf6ac9ca1de149b560c9a77be4e9362430392768ef0
GET /dist/images/bmoharris/logos/harris-blue-roundel.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Jun 2021 21:42:56 GMT
etag: "865-5c5da5f4d5800"
accept-ranges: bytes
content-length: 2149
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/public-data/ssi/header/js/header-harris-personal.js
79.137.192.45200 OK 90 B URL HTTP/2 donfitzsimmons.com/public-data/ssi/header/js/header-harris-personal.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Hash 226c153609866c1e74263f4704d87cd4
d245870dbe3948d31f9f82de093ab1ca763b5855
0d06fdc0cfe8d7de5744c5ebf5f82a8f1d646b6315d1a943b7b58002dc3b32f1
Analyzer Verdict Alert fortinet Phishing
GET /public-data/ssi/header/js/header-harris-personal.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 Aug 2021 19:09:16 GMT
etag: "4b-5cadfaf974f00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 90
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/styles/main.css
79.137.192.45200 OK 37 kB URL HTTP/2 donfitzsimmons.com/styles/main.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (540)
Hash db129c4c32c56c70905c6e0c340c353f
0475318b8de6f02e83c50dc7c5628c183190e583
b840010f3fab8fd402438289ca9076ba31051cbabf94e909bb70ae0918faa5cd
GET /styles/main.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Sep 2021 15:55:16 GMT
etag: "4a828-5cb69caaea100-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 36556
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/gtag/js?id=AW-967757432
79.137.192.45200 OK 45 kB URL HTTP/2 donfitzsimmons.com/gtag/js?id=AW-967757432
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (1615)
Hash c0346f3fbe4bacecf27850fe10409ff7
0f457dd0e725cf71601a0fa89a52f6c7f1715d8f
1f7c2b2e54e26deb4477a472991ece91a6f2fbd008f31b1b2e5fd3029735343f
GET /gtag/js?id=AW-967757432 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 12:00:00 GMT
etag: "1c72d-5e7d8b3db5000-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 45092
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/scripts/lightbox-js/featherlight.js
79.137.192.45200 OK 3.8 kB URL HTTP/2 donfitzsimmons.com/scripts/lightbox-js/featherlight.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Hash 534cf0325d1c08ac985675011cb90f7b
06ebc35169397a76c91b632f1e8aabb06a3ecaf7
c18a517dd2f696e13210a75d8b1fe87ebffa9103d07ee386b4f4735843fc4b27
Analyzer Verdict Alert fortinet Phishing
GET /scripts/lightbox-js/featherlight.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Sep 2021 20:22:06 GMT
etag: "2dec-5cb81a2cb3780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3808
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/css/lightbox/featherlight.css
79.137.192.45200 OK 5.3 kB URL HTTP/2 donfitzsimmons.com/css/lightbox/featherlight.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (8305)
Hash b2d343755d9586e40170e95a111dfced
8c66df01a4c3f1b8842cfdde51ec9aded1f9ce9e
fecb022cf5bada30c037d2dd74bc59d241981ac3260c40631850d2779dbfebce
GET /css/lightbox/featherlight.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 09 Sep 2014 20:03:06 GMT
etag: "3c24-502a76c75b280-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5320
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/flag/thumbnail/china.png
79.137.192.45200 OK 658 B URL HTTP/2 donfitzsimmons.com/dist/images/flag/thumbnail/china.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 84f986a50438c754fde1fcde2730edaa
f715708ac2f3dbd0594f49ab590dc3e6f4f317c9
3e760e001631f754a319ad1b2d51653438a04dc5798f57c7083721ba07b1dda7
GET /dist/images/flag/thumbnail/china.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Sep 2019 21:13:16 GMT
etag: "292-5938f5ac4b300"
accept-ranges: bytes
content-length: 658
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/css/lightbox/custom.css
79.137.192.45200 OK 775 B URL HTTP/2 donfitzsimmons.com/css/lightbox/custom.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Hash 38bc80b123834ea970145c34a8c43d87
cf8e66161fdaa592a040cd02d982d8407a5bee18
ed15a56c5e610ed3639dd0a5e7361efb1ccce13a1ae8bb92a93a2623883117f8
GET /css/lightbox/custom.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 21 Aug 2014 16:58:08 GMT
etag: "732-501269ffb8800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 775
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/flag/thumbnail/canada.png
79.137.192.45200 OK 679 B URL HTTP/2 donfitzsimmons.com/dist/images/flag/thumbnail/canada.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 1cbb25b3daa6e2a10a23026364776c2a
57d98b3db7d9798c2251d01398a28d0d96e686e8
2fd3abb2f3053c96dcc67d5649d9be7aa6a49fca673a7d25c406051d914787ce
GET /dist/images/flag/thumbnail/canada.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 27 Sep 2019 21:13:16 GMT
etag: "2a7-5938f5ac4b300"
accept-ranges: bytes
content-length: 679
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icons/svg/alert-white.svg
79.137.192.45200 OK 638 B URL HTTP/2 donfitzsimmons.com/img/icons/svg/alert-white.svg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 139957bb359a3ecc510081c94bb1fa68
ad31743747da7dd2995826fbab132584bbc41d87
985e2380e2f3aff0d5bcb7e8bab761ebcfeabfc693737e41e39c2c83d62f0a19
Analyzer Verdict Alert fortinet Phishing
GET /img/icons/svg/alert-white.svg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:31:00 GMT
etag: "458-50430ecb85d00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 638
content-type: image/svg+xml
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/bmoharris/logos/harris-blue.svg
79.137.192.45200 OK 1.9 kB URL HTTP/2 donfitzsimmons.com/dist/images/bmoharris/logos/harris-blue.svg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5047), with no line terminators
Hash fe5cb3ad7b2ef32b5d8b0ea19e6849cd
a182824db6e6d7c7788d639cfdfe4278cbda3014
e06034627edea96ae8d8592a54da2cb5834dccde18c739d84d65b8d465eba809
Analyzer Verdict Alert fortinet Phishing
GET /dist/images/bmoharris/logos/harris-blue.svg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Jun 2021 21:42:56 GMT
etag: "13b7-5c5da5f4d5800-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1947
content-type: image/svg+xml
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icons/svg/chevron-right-white.svg
79.137.192.45200 OK 182 B URL HTTP/2 donfitzsimmons.com/img/icons/svg/chevron-right-white.svg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash a4400ad93a2e693680f8f61366f53564
2eecfe749e1cc5236914a21fb9034b5a71816ecb
dcfcc17cf710e800d88ca8fa51047cdc3575f5aa7f209135f675a78f43e69f0c
Analyzer Verdict Alert fortinet Phishing
GET /img/icons/svg/chevron-right-white.svg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 14 Dec 2020 20:37:54 GMT
etag: "f1-5b6729dd40c80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 182
content-type: image/svg+xml
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icons/money-bags.jpg
79.137.192.45200 OK 3.0 kB URL HTTP/2 donfitzsimmons.com/img/icons/money-bags.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 70x55, components 3\012- data
Hash 00460784251d390fcbce0026e3cb9f10
b3aff67e116d24f2a529ef3cda8f225c3c36ca2d
0e3b5d90031b0e620deed3f35dc6db3df84e584043a47b6fa7a9e2fbdafe85a4
GET /img/icons/money-bags.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 26 Jul 2018 17:25:30 GMT
etag: "ba7-571ea48219680"
accept-ranges: bytes
content-length: 2983
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icon-app-store.png
79.137.192.45200 OK 7.4 kB URL HTTP/2 donfitzsimmons.com/img/icon-app-store.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 138 x 41, 8-bit/color RGB, non-interlaced\012- data
Hash fbca66a2aaa88ff93fe18760067af3c3
9daa12f193bb85f0a5cbf4db806f32c1c1f5836a
9771c6adfd6e5157277f73669f27b1f778721a06c25000b8b47650dbd663f4e2
GET /img/icon-app-store.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:31:24 GMT
etag: "1cfd-50430ee269300"
accept-ranges: bytes
content-length: 7421
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icons/piggy-icon.png
79.137.192.45200 OK 3.8 kB URL HTTP/2 donfitzsimmons.com/img/icons/piggy-icon.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 78 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash adb03891fb39f2fd21cbc09f89d12dd6
7d4cacbac5d0a0b9bb4b908a105f0c56f4d047d2
3f01ba6e2435be9315e3557ef21b31c7c7ae2d5d000deb14172ddaa38545683d
GET /img/icons/piggy-icon.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Jan 2019 19:24:34 GMT
etag: "efd-5804d46e80080"
accept-ranges: bytes
content-length: 3837
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/icon-google-play.png
79.137.192.45200 OK 9.0 kB URL HTTP/2 donfitzsimmons.com/img/icon-google-play.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 138 x 45, 8-bit/color RGB, interlaced\012- data
Hash 0d2d680e3e736c7ce388368805c45494
99bf22e1c571be196d8e181ab060be33721abb67
309c6f6046cefe8a652826e8f2787b8bceac36c7cf88a70d90e4716d0fed0baf
GET /img/icon-google-play.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:31:26 GMT
etag: "2313-50430ee451780"
accept-ranges: bytes
content-length: 8979
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/public-data/ssi/vendor/footer/js/bmoharris.footer.js
79.137.192.45200 OK 1.6 kB URL HTTP/2 donfitzsimmons.com/public-data/ssi/vendor/footer/js/bmoharris.footer.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (4931), with no line terminators
Hash b8e194d01c8941f9ba7961df403f2e59
e392f69dd4fdcd7c09480e995aff168c93b122ad
06a5bb7b9c51c3873f9455a30515502666d456e29d90a652dd5f192ca2f0fbfd
Analyzer Verdict Alert fortinet Phishing
GET /public-data/ssi/vendor/footer/js/bmoharris.footer.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 22:48:34 GMT
etag: "1343-5d8cb61c7d480-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1643
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/main/personal/credit-cards/cards/large/bmoharris-CC-WorldPremiumRewards.png
79.137.192.45200 OK 1.7 kB URL HTTP/2 donfitzsimmons.com/img/main/personal/credit-cards/cards/large/bmoharris-CC-WorldPremiumRewards.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 69 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash d5317a4e21743a6317d6ba56b8753be7
ceaffa15b6968d13b56f74a84b45e4fa34ccb5c4
a7e773ebd2aa01dd492076350701f29590d20abf78d7c903baf10cd523ee2d6e
GET /img/main/personal/credit-cards/cards/large/bmoharris-CC-WorldPremiumRewards.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 02 Dec 2019 20:17:16 GMT
etag: "69f-598be4405eb00"
accept-ranges: bytes
content-length: 1695
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/pagead/f.txt
79.137.192.45200 OK 17 kB URL HTTP/2 donfitzsimmons.com/pagead/f.txt
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (1953)
Hash 9f61f990a1690da3b94dbb613508afcb
9025d0e195469e3646d08c5be459104e7bd2884f
7712575803f52bc6e3ae60891f84e66f68cd8135c0f415f0a10f9dc8a7f8b494
Analyzer Verdict Alert fortinet Phishing
GET /pagead/f.txt HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 13:55:54 GMT
etag: "b3fd-5e7da5258ee80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17448
content-type: text/plain
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/img/large/d-personal-safe-secure.webp
79.137.192.45200 OK 7.7 kB URL HTTP/2 donfitzsimmons.com/img/large/d-personal-safe-secure.webp
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 235x234, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1c71b096380be6924d9246b6c1be1705
a67d7b048c1f6bb3b6831caed08f23a8c924dccc
fb8a7506485149b130d71d7c516f331406cf3a698a1a4250c1b0c1ac45658d1d
Analyzer Verdict Alert fortinet Phishing
GET /img/large/d-personal-safe-secure.webp HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 Aug 2021 22:29:02 GMT
etag: "1dde-5ca69c6f6e780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7669
content-type: image/webp
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/scripts/lightbox-js/jquery-1.11.1.min.js
79.137.192.45200 OK 33 kB URL HTTP/2 donfitzsimmons.com/scripts/lightbox-js/jquery-1.11.1.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (32086)
Hash 77c96b81bc26956680cd7813d2d4efd9
2f35ac87d37734bb8216c87f56079036109aeaa1
bf48f792ab036db71babef1dbea45dceff0b04212a7278ed08b6c997115352ad
Analyzer Verdict Alert fortinet Phishing
GET /scripts/lightbox-js/jquery-1.11.1.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Aug 2014 20:37:40 GMT
etag: "1762a-501159340ed00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33225
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/resources/scripts/libraries/jquery/1.11.1/jquery.min.js
79.137.192.45200 OK 33 kB URL HTTP/2 donfitzsimmons.com/resources/scripts/libraries/jquery/1.11.1/jquery.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (32086), with CRLF line terminators
Hash b80f183a435595b1dcf4f4c0b2afafc0
fe5c21942215c3d404b9a4ff2231858959c22250
915595d27e7c19de33f4f6efac541a358e804a9171fa900ace338a3d33b286da
Analyzer Verdict Alert fortinet Phishing
GET /resources/scripts/libraries/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 11 Feb 2015 03:43:26 GMT
etag: "1762e-50ec7ce4d3380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 33234
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/images/external-link_wh.png
79.137.192.45200 OK 103 B URL HTTP/2 donfitzsimmons.com/images/external-link_wh.png
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type PNG image data, 8 x 8, 8-bit gray+alpha, non-interlaced\012- data
Hash bd493960d7416fd0bfaeaf201ace0f24
d822acf027422e8a1b9051e50b9731e8835b7cd8
f47b236cdead4ce58cfa5a0ff87ad7998c763dc5ba5fe1d229c4f2491767ea5d
GET /images/external-link_wh.png HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 22 Sep 2017 16:43:52 GMT
etag: "67-559c9e9f50200"
accept-ranges: bytes
content-length: 103
content-type: image/png
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 442
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Last-Modified: Wed, 28 Sep 2022 21:18:29 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
donfitzsimmons.com/js/jquery.mobile.custom.min.js
79.137.192.45200 OK 55 kB URL HTTP/2 donfitzsimmons.com/js/jquery.mobile.custom.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document, ASCII text, with very long lines (65437), with CRLF line terminators
Hash b0f77308829dc0c3ac39a890021cd379
ab8ff7d5cb83d71dce499e71d9c12886a82c2c82
c7c65e6a496f66b2c6065b6244745408d12467499f8705734450da51c655288e
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery.mobile.custom.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "30006-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 54565
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/fall-hp-banner-image-375x400.jpg
79.137.192.45200 OK 167 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/fall-hp-banner-image-375x400.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 375x400, components 3\012- data
Size 167 kB (166961 bytes)
Hash 2317e07172a77d67802aafab016151b1
7591a65dd2aa389067d95ebfd014ee002c815a83
89f27bf82c87b669fad5993d250a41ff2a1a5bb621a0ae6d2915480e146da559
GET /dist/images/personal/homepage-banners/fall-hp-banner-image-375x400.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Sep 2022 12:51:08 GMT
etag: "28c31-5e79d11332700"
accept-ranges: bytes
content-length: 166961
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/checking-retail-june-2022-640x540px.jpg
79.137.192.45200 OK 202 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/checking-retail-june-2022-640x540px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x540, components 3\012- data
Size 202 kB (201804 bytes)
Hash cf1075628f698b32c55a7b42d9aa651f
84666109b3f0f15e2e0cfd874df54bec31c150fa
cd7133a4003730beec149b508c48d409b9087761e01dc68321dad698250d7363
GET /dist/images/personal/homepage-banners/checking-retail-june-2022-640x540px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 10 Jun 2022 19:28:34 GMT
etag: "3144c-5e11cf1b41c80"
accept-ranges: bytes
content-length: 201804
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-640x540.jpg
79.137.192.45200 OK 260 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-640x540.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x540, components 3\012- data
Size 260 kB (259976 bytes)
Hash c7955f406a3163d4a10792b6f725a4aa
e8f53baf491c7a1b687db5c9ab5db0490c956aed
e11fa309edd723b70259a6e2529395c2353a9524bf3e782db5f1c137712f1e2e
GET /dist/images/personal/homepage-banners/savings-builder-640x540.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Apr 2022 13:39:40 GMT
etag: "3f788-5db97e90c5f00"
accept-ranges: bytes
content-length: 259976
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-640x540px.jpg
79.137.192.45200 OK 318 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-640x540px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x540, components 3\012- data
Size 318 kB (318332 bytes)
Hash 56195e96c16feffa3fd0f6ee4365a08e
9cb00312f529909507c9027ffa9bbd38520dab3e
1b4c624830c8bc941d83448c6f6ea5ebad96301a10ad9c877ae204dc19f93e79
GET /dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-640x540px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2022 19:09:00 GMT
etag: "4db7c-5df76390f6b00"
accept-ranges: bytes
content-length: 318332
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-2-1200x370.jpg
79.137.192.45200 OK 326 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-2-1200x370.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1200x370, components 3\012- data
Size 326 kB (326239 bytes)
Hash cddf9383b39e3b93f3aba37b6eafe565
0047b67de79ed314f1908c3296e39d5f25cc6e91
2bb7b186652f201aae5dcdacfd61f804c127d49ca161c083d1919bf68259354a
GET /dist/images/personal/homepage-banners/savings-builder-2-1200x370.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Apr 2022 13:38:36 GMT
etag: "4fa5f-5db97e53bcf00"
accept-ranges: bytes
content-length: 326239
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/credit-card-feb-23-2022-1200x370px.jpg
79.137.192.45200 OK 540 kB URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/credit-card-feb-23-2022-1200x370px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1200x370, components 3\012- data
Size 540 kB (539551 bytes)
Hash 83626ff6c6335a14b7c88b24e156c9b2
6628ed0673747da62748ec792af8ee76a33ce87e
e0fb35361bb1c95f2edb8b3bf533f7162f53df0c0c0112e71b1d32ae3d42d645
GET /dist/images/personal/homepage-banners/credit-card-feb-23-2022-1200x370px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 24 Feb 2022 00:29:18 GMT
etag: "83b9f-5d8b8ac309380"
accept-ranges: bytes
content-length: 539551
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/resources/fonts/dax.woff
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/resources/fonts/dax.woff
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /resources/fonts/dax.woff HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/styles/main.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/fe50ebd82464/EXb087acb1f2cd44b8b49a3c550a958fd1-libraryCode_source.min.js
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/fe50ebd82464/EXb087acb1f2cd44b8b49a3c550a958fd1-libraryCode_source.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /js/launch/5aebfc6032e6/8857e2b59892/fe50ebd82464/EXb087acb1f2cd44b8b49a3c550a958fd1-libraryCode_source.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.162.110.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.110.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FGNup2WauL3A9dDEDH9QQw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BtMtpoiJ/8UPSUzl9wFk6SmHPW0=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 90526cc7b6602cb1e55aa857f5b4e862
b5911a9bac95aac73decfe8cf51559d61f3f66f4
71f904c7cd9b9f2c0f4e4fbf89754f62bca5af44a30b6009e78447765fb59b1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Last-Modified: Wed, 28 Sep 2022 20:54:26 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
donfitzsimmons.com/js/main.min.js
79.137.192.45200 OK 111 kB URL HTTP/2 donfitzsimmons.com/js/main.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Size 111 kB (110892 bytes)
Hash d2ab698c3587bc620dc3fec13b2aa722
075b602c8d2f9efe7f530877a21ec714161977fc
9565e86c967c000bb2f560d10683fcfdb9ec6bc1b82537a3922a31adce8f0fe0
Analyzer Verdict Alert fortinet Phishing
GET /js/main.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Sep 2021 16:31:50 GMT
etag: "65e46-5cc83ef3ba980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-1200x370px.jpg
79.137.192.45200 OK 265 B URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-1200x370px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
GET /dist/images/personal/homepage-banners/bb-checking-campaign-july-2022-1200x370px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 May 2022 19:09:00 GMT
etag: "61f14-5df76390f6b00"
accept-ranges: bytes
content-length: 401172
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-medium-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625
52.18.235.86302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625
IP 52.18.235.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v043-0bc1b80d9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=87058411260318365583802218337535012344; Max-Age=15552000; Expires=Mon, 27 Mar 2023 21:25:51 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: LsnjBHRhQck=
Content-Length: 0
Connection: keep-alive
donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-1200x370.jpg
79.137.192.45200 OK 265 B URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/savings-builder-1200x370.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
GET /dist/images/personal/homepage-banners/savings-builder-1200x370.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 01 Apr 2022 13:38:36 GMT
etag: "505de-5db97e53bcf00"
accept-ranges: bytes
content-length: 329182
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-medium-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-medium-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/fonts/BMO-icon.woff?-sys3mr
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/fonts/BMO-icon.woff?-sys3mr
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
GET /fonts/BMO-icon.woff?-sys3mr HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/styles/main-ebiz.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-light-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
5200603.fls.doubleclick.net/activityi;src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917?
142.250.74.70200 OK 357 B URL HTTP/2 5200603.fls.doubleclick.net/activityi;src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (464), with no line terminators
Hash 444855ff951cb2f840d0d34e14e5a74d
39e575be3c5c0e7172e768817b6280e6b6f5a82a
acd76664b32e149c5698a68db66abe39e267be625117391c9cee4735da17b8ee
GET /activityi;src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917? HTTP/1.1
Host: 5200603.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 357
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 21:40:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48c5720d1542d9416514a15e613b73f8
a989809c621d6e5f50ea2a49dd6af453755d9929
cc5bb9132357ad32ca02ce9fa389939abfe55ec4d4a42497abb4faa923544f3f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Last-Modified: Wed, 28 Sep 2022 20:20:24 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471
donfitzsimmons.com/xml/rates/deposit_rates.xml
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/xml/rates/deposit_rates.xml
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /xml/rates/deposit_rates.xml HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/resources/data/notices.js
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/resources/data/notices.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /resources/data/notices.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/js/highcharts.js
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/js/highcharts.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /js/highcharts.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/resources/scripts/pmc.js?_=1664400348955
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/resources/scripts/pmc.js?_=1664400348955
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /resources/scripts/pmc.js?_=1664400348955 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625
52.18.235.86200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625
IP 52.18.235.86:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&ts=1664400348625 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://donfitzsimmons.com
Content-Type: application/x-www-form-urlencoded
Referer: https://donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-0a7d2760b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: GPeDc8l6T5s=
Content-Length: 124
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
donfitzsimmons.com/fonts/BMO-icon.ttf?-sys3mr
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/fonts/BMO-icon.ttf?-sys3mr
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /fonts/BMO-icon.ttf?-sys3mr HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/styles/main-ebiz.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-light-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-light-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /sZJV5aglLM-YTvaCqjN9jKNm/5huafbVr/O0lncRp8PRA/UGQs/FCIWcBg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/
142.250.74.98200 OK 357 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (463), with no line terminators
Hash 008d4b36e3a3565597cca1ece6e98bf3
bdc0ff9326117886259edb6ae070cee3af874f5e
80c9aff9cf0ef0198e289b156500bc3ca85869f715ca096618a4e669c3684924
GET /ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5200603.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 357
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/dist/fonts/heebo-bold-latin.woff2
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
Analyzer Verdict Alert fortinet Phishing
GET /dist/fonts/heebo-bold-latin.woff2 HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true; _gcl_au=1.1.38716863.1664400349
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-968920444&l=dataLayer&cx=c
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-968920444&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 49bcb382e1f160702729bfbec1e76df1
8a2267450b6fc4f20fcadbed82ae8e75c81264ca
09c19c14a908c6465276da6b3ea6e3412f0778fb6bf525b66cad78e82f9fb716
GET /gtag/js?id=AW-968920444&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Wed, 28 Sep 2022 21:25:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-969436560&l=dataLayer&cx=c
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-969436560&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash e57149ad2d18e98d823b3dec222c962f
97fdf5b5a7395f6ad5fb0161b38c2e89ce8f148f
22f7a5b97cd47d9c457c49fdf68e426310248bb14f8b4240fef6ba87646a1974
GET /gtag/js?id=AW-969436560&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Wed, 28 Sep 2022 21:25:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46700
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-969792230&l=dataLayer&cx=c
142.250.74.72200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-969792230&l=dataLayer&cx=c
IP 142.250.74.72:0
File type ASCII text, with very long lines (1848)
Hash 6f0cffbb73ef4a03dc5a9cf86b0e4b0a
95b206eb6417d31715da36e25624be5fb2e63e32
862fe1c0f511b7b69151a913bb3d823b1dda2d85b08912fa3b81e8b3081f5b95
GET /gtag/js?id=AW-969792230&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Wed, 28 Sep 2022 21:25:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 59429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/
142.250.74.130200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=5200603;type=bmo_helo;cat=bmoho0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5943221189144.917;~oref=https://donfitzsimmons.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:51 GMT
expires: Wed, 28 Sep 2022 21:25:51 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 64efebb51e5b4f12f97825c5944d0cfa
fc6830187fd786f3d7fefeda96bf0fbe15509927
a33a76aa921357b856b0f68c84f500cd12c40cce3172723b8cd77c250422ac43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 52ffef0d2d997dd4e459f10ec8d29dbf
defbd633a54f929ea0ab343e754904a8c126f544
8c7cd542dc13712336db010bdd1bdca94dcc6dcbc57c8c4045ac2a42b3b5f58a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 21:25:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 25 Sep 2022 09:46:09 GMT
Expires: Sun, 02 Oct 2022 09:46:08 GMT
Etag: "defbd633a54f929ea0ab343e754904a8c126f544"
Cache-Control: max-age=303016,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751f8dd6bf711c0e-OSL
api.ipify.org/?format=json
3.220.57.224200 OK 21 B URL HTTP/1.1 api.ipify.org/?format=json
IP 3.220.57.224:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Access-Control-Allow-Origin: https://donfitzsimmons.com
Content-Type: application/json
Vary: Origin
Date: Wed, 28 Sep 2022 21:25:52 GMT
Content-Length: 21
Via: 1.1 vegur
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfcf84a1932e1069e7e4dffbbf18fed9
71e800e97d5ff95e9b2a7d8693e603bd594a4a6b
7964008d5d120cb48fdec30f1d09f3a783fd41adff7092352b10798b55241c50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Last-Modified: Wed, 28 Sep 2022 19:57:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.bmoharris.com/img/logos/ehl_wh.png
104.110.19.154200 OK 1.8 kB URL HTTP/2 www.bmoharris.com/img/logos/ehl_wh.png
IP 104.110.19.154:0
File type PNG image data, 56 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 63a76cab53be5a59cf6b91787695c738
7b5bae385ea1ab103e2569c370f5a0ed8f667e6f
be680dabeb0db6e5722618845a2f9182545a57429cde2cb3112bf853a3ffa1eb
GET /img/logos/ehl_wh.png HTTP/1.1
Host: www.bmoharris.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 21:18:03 GMT
last-modified: Mon, 02 Mar 2015 18:27:11 GMT
cache-control: max-age=600, must-revalidate
x-ihs-timer: D=603 t=1632016026645965
x-frame-options: SAMEORIGIN
accept-ranges: none
content-length: 1750
x-bmo-correlation_request_id: BMOH::W4::35cc26de20c28ab71bfbcd394e24d5cede752d2c::V4k1zawcOq8AAGZfFCcAAABV
x-ua-compatible: IE=edge
content-type: image/png
date: Wed, 28 Sep 2022 21:25:52 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; preload
X-Firefox-Spdy: h2
smetrics.bmo.com/id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=121534B8527830F30A490D44%40AdobeOrg&ts=1664400349371
13.36.218.177200 OK 89 B URL HTTP/2 smetrics.bmo.com/id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=121534B8527830F30A490D44%40AdobeOrg&ts=1664400349371
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 22443b7b73b8b72381cb81565f341b76
1f39fdf53b731377b9c89341c137fdc78dbd35a5
a2d0c758dbfd68e2684811bb5714d11329bbe1b4a30c7a51546ecd3c9d7ffd1e
GET /id?d_visid_ver=4.5.2&d_fieldgroup=MC&mcorgid=121534B8527830F30A490D44%40AdobeOrg&ts=1664400349371 HTTP/1.1
Host: smetrics.bmo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://donfitzsimmons.com
access-control-allow-credentials: true
date: Wed, 28 Sep 2022 21:25:52 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|319A5DF014B16C07-400001BD0CF86083[CE]; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 21:25:25 GMT;
AMCV_121534B8527830F30A490D44%40AdobeOrg=0%7CMCMID%7C54470216024141502903098714482600506296; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 21:25:25 GMT;
s_ecid=MCMID%7C54470216024141502903098714482600506296; Path=/; Domain=bmo.com; Max-Age=63072000; Expires=Fri, 27 Sep 2024 21:25:25 GMT; SameSite=Lax;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 89
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&d_mid=54470216024141502903098714482600506296&d_cid_ic=AVID%01319A5DF014B16C07-400001BD0CF86083&ts=1664400349539
52.18.235.86200 OK 2.1 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&d_mid=54470216024141502903098714482600506296&d_cid_ic=AVID%01319A5DF014B16C07-400001BD0CF86083&ts=1664400349539
IP 52.18.235.86:0
File type JSON data\012- , ASCII text, with very long lines (7760), with no line terminators
Hash 16f0674940915299fdb3259acd64b28a
1875d150e47b3b0ba46437cb50a3555879279b40
59753e9b083f0b88c2e66ae5868450e3525c33f06b7563949df95b7c69153a36
GET /id?d_visid_ver=4.5.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=121534B8527830F30A490D44%40AdobeOrg&d_nsid=0&d_mid=54470216024141502903098714482600506296&d_cid_ic=AVID%01319A5DF014B16C07-400001BD0CF86083&ts=1664400349539 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v043-0543cf70e.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=54740827589526457803125696512956483006; Max-Age=15552000; Expires=Mon, 27 Mar 2023 21:25:52 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: VW9NvtuVTew=
Content-Length: 2112
Connection: keep-alive
donfitzsimmons.com/favicon.ico
79.137.192.45404 Not Found 265 B URL HTTP/2 donfitzsimmons.com/favicon.ico
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 964a6df2a9b05b78deb20cba525f5404
6567924e87b36019755e968ce3f72fc6a6a89925
f83ddf1efd82e334866a026058dca0a7480b9839797ecf63c635ce16651f14ae
GET /favicon.ico HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Cookie: AMCV_121534B8527830F30A490D44%40AdobeOrg=-432600572%7CMCIDTS%7C19264%7CvVersion%7C4.5.2; mbox=session#af19786e14534de7b94dbf3211fff0e3#1664402209; check=true; _gcl_au=1.1.38716863.1664400349
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-length: 265
content-type: text/html; charset=iso-8859-1
date: Wed, 28 Sep 2022 21:25:52 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.pbbl.co/r/2591.js
143.204.55.59403 Forbidden 986 B IP 143.204.55.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 64dd6dfd8af49d7d44231e89e6136cf0
d2d99243c40723b4865a3fb5a622c43fc94e8c4b
aec1bb1e21f9e0d4c206dc3c166e3a76d59d8c9098fffdba3dca9e04df0c277d
GET /r/2591.js HTTP/1.1
Host: cdn.pbbl.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Wed, 28 Sep 2022 21:25:52 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ndsEBxOVC3aorEpq5enhxGNsvu-D7xb_EPuXNmx2q8gK50qDERQvRw==
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Last-Modified: Wed, 28 Sep 2022 20:06:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=3F0F462C3BA5643728E054013AF265EE; domain=.bing.com; expires=Mon, 23-Oct-2023 21:25:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F68E02CA263945B3A670DCC9A471F6D5 Ref B: OSL30EDGE0411 Ref C: 2022-09-28T21:25:52Z
date: Wed, 28 Sep 2022 21:25:51 GMT
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 26bMZlBRpp6h+vdTh1r2U2QEvJkAyb7X9/WV/s+I6SLY6ZpjabFQjNQZGLftPcPWTOCZgNFy4LlT9GYsHi32Aw==
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 28 Sep 2022 21:25:52 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 30bea2cc3577d44ab2e9895de24d6557
326f0c1c5a2d2b495360862208fc8f9d1a7406f7
6bd819ff0f60b998ebd8ba15e62bb340eb95ea3f8037ef70c2edc7b1829a8998
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 28 Sep 2022 21:25:52 GMT
expires: Wed, 28 Sep 2022 21:25:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 366fbb58b56c6469840359066ae0ef4b
519ec2d019a3df15e1555ee7e9f784207f3ee604
4c03f3b3b06d0359ff6c3e72e91c39cb8f6e6406ed7b8ba9e09708da8e2d38f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Last-Modified: Wed, 28 Sep 2022 20:06:27 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/969792230/?random=1664400348882&cv=9&fst=1664400348882&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&hn=www.googleadservices.com&rfmt=3&fmt=4
142.250.74.130200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/969792230/?random=1664400348882&cv=9&fst=1664400348882&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&hn=www.googleadservices.com&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2395), with no line terminators
Hash 0fff8fcc006c20f4c52227511c032747
ef10574c4ce4528c52f8ea827f849d86532154b3
b0234be267ddda8f74a76e96b834768c8e32a9f3f409eb6b5af16e3b7fa52cd2
GET /pagead/viewthroughconversion/969792230/?random=1664400348882&cv=9&fst=1664400348882&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1104
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 28-Sep-2022 21:40:52 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3cf371aecb5dbe8a16907a149ddd1282
b7fc518e1f3429ab5fa68af6a7c35ccd7173d6e7
99842c29daa82a3a0b9429452016c97ed0a7a41d9d71453079b26c9ad094f3c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2842
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Last-Modified: Wed, 28 Sep 2022 20:38:30 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
donfitzsimmons.com/js/jquery-ui.min.js
79.137.192.45200 OK 64 kB URL HTTP/2 donfitzsimmons.com/js/jquery-ui.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (64562)
Hash 711f246142f4a506d2bd0c653e550cf4
5ea4f01f917f97c511b0b1f8a4a3c43befc59c06
63b4d2f093e5f2c96986a5ab4795ffff2e3327e0335a50927c10d6d0f8fde0c4
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-ui.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Sep 2014 09:21:12 GMT
etag: "3a0a6-50430c9ac3200-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
donfitzsimmons.com/js/main-ebiz.js
79.137.192.45200 OK 88 kB URL HTTP/2 donfitzsimmons.com/js/main-ebiz.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d1c5c8cf28aaf98cd63529f07650e24a
fee5dfd5a65cc7b6d2262863f6303a857035cf01
df3fe3d77d3a098117dc00dc19b7ac01073362514c9db6133f307f86cc24dac5
Analyzer Verdict Alert fortinet Phishing
GET /js/main-ebiz.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Dec 2021 22:21:48 GMT
etag: "b6c4d-5d35ef7015700-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BMO%20Harris%20-%20Personal%20Banking,%20Business%20Banking,%20Loans%20%26%20Investing&kw=banking,bank,mortgage,loan,auto,online,checking%20account,credit%20cards,savings%20account,bmo%20harris&p=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&r=<=1743&evt=pageLoad&sv=1&rn=261799
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BMO%20Harris%20-%20Personal%20Banking,%20Business%20Banking,%20Loans%20%26%20Investing&kw=banking,bank,mortgage,loan,auto,online,checking%20account,credit%20cards,savings%20account,bmo%20harris&p=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&r=<=1743&evt=pageLoad&sv=1&rn=261799
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=BMO%20Harris%20-%20Personal%20Banking,%20Business%20Banking,%20Loans%20%26%20Investing&kw=banking,bank,mortgage,loan,auto,online,checking%20account,credit%20cards,savings%20account,bmo%20harris&p=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&r=<=1743&evt=pageLoad&sv=1&rn=261799 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=199FDCC4803563E53EE6CEE981626268; domain=.bing.com; expires=Mon, 23-Oct-2023 21:25:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2A4497206224B40947A64EE6BC92AAF Ref B: OSL30EDGE0411 Ref C: 2022-09-28T21:25:52Z
date: Wed, 28 Sep 2022 21:25:51 GMT
X-Firefox-Spdy: h2
bmofinancial.demdex.net/dest5.html?d_nsid=0
54.229.34.254200 OK 2.8 kB URL HTTP/1.1 bmofinancial.demdex.net/dest5.html?d_nsid=0
IP 54.229.34.254:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: bmofinancial.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 28 Sep 2022 21:25:52 GMT
DCS: dcs-prod-irl1-2-v043-0128f1c92.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 26 Sep 2022 14:06:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: xl35ocAWSgk=
Content-Length: 2791
Connection: keep-alive
www.google.no/pagead/1p-user-list/958843996/?random=1664400349674&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=953482014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/958843996/?random=1664400349674&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=953482014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/958843996/?random=1664400349674&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=953482014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/969436560/?random=1664400349671&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=3034913513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/969436560/?random=1664400349671&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=3034913513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/969436560/?random=1664400349671&cv=9&fst=1664398800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa9q0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&async=1&fmt=3&is_vtc=1&random=3034913513&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/969792230/?random=1664400348882&cv=9&fst=1664398800000&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&fmt=3&is_vtc=1&random=1779664002&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/969792230/?random=1664400348882&cv=9&fst=1664398800000&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&fmt=3&is_vtc=1&random=1779664002&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/969792230/?random=1664400348882&cv=9&fst=1664398800000&num=1&label=-XYtCOWanHAQ5rW3zgM&guid=ON&eid=375603261&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&tiba=BMO%20Harris%20-%20Personal%20Banking%2C%20Business%20Banking%2C%20Loans%20%26%20Investing&fmt=3&is_vtc=1&random=1779664002&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 21:25:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/5561742.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5561742.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5561742.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=3CE0F7266D03651E0B40E50B6C546485; domain=.bing.com; expires=Mon, 23-Oct-2023 21:25:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 025E5F3551944D1B927BB404EF845DDC Ref B: OSL30EDGE0411 Ref C: 2022-09-28T21:25:52Z
date: Wed, 28 Sep 2022 21:25:51 GMT
X-Firefox-Spdy: h2
donfitzsimmons.com/dist/images/personal/homepage-banners/fall-hp-banner-image-1200x370px.jpg
79.137.192.45200 OK 42 B URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/fall-hp-banner-image-1200x370px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /dist/images/personal/homepage-banners/fall-hp-banner-image-1200x370px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 22:07:00 GMT
etag: "69a42-5e7b8f2f9a900"
accept-ranges: bytes
content-length: 432706
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1738710843060546&ev=PageView&dl=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&rl=&if=false&ts=1664400349843&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664400349842.1498045808&it=1664400349663&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1738710843060546&ev=PageView&dl=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&rl=&if=false&ts=1664400349843&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664400349842.1498045808&it=1664400349663&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1738710843060546&ev=PageView&dl=https%3A%2F%2Fdonfitzsimmons.com%2Fmain%2Fpersonal.html&rl=&if=false&ts=1664400349843&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1664400349842.1498045808&it=1664400349663&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Wed, 28 Sep 2022 21:25:52 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d124b2042ad39b267e5f4323bf38460d
7791f64871792e7d5738324151591a7375591de9
20f56f07486fd4bac01160e254a0d9ef32458ead835035c8635b6c5fae87418d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 21:25:52 GMT
Last-Modified: Wed, 28 Sep 2022 20:01:08 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: D5sJnHVanNv9DvuY3D5j6n2ojHmjmQoX1UpGuYwrg0Fqv0VBFKr7lQ==
Age: 5084
cm.everesttech.net/cm/dd?d_uuid=54740827589526457803125696512956483006
52.17.180.229302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=54740827589526457803125696512956483006
IP 52.17.180.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=54740827589526457803125696512956483006 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Wed, 28 Sep 2022 21:25:52 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~YzS74AAAAIzS6QNx; Domain=.everesttech.net; Expires=Thu, 28-Sep-2023 21:25:52 GMT; Path=/
everest_session_v2=YzS74AAAAIzS6gNx; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzS74AAAAIzS6QNx
Server: AMO-cookiemap/1.1
dpm.demdex.net/ibs:dpid=411&dpuuid=YzS74AAAAIzS6QNx
52.18.235.86302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=YzS74AAAAIzS6QNx
IP 52.18.235.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=YzS74AAAAIzS6QNx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v043-09987932b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzS74AAAAIzS6QNx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=81200672961785536324475603244436268749; Max-Age=15552000; Expires=Mon, 27 Mar 2023 21:25:52 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Uf5AragaTjw=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzS74AAAAIzS6QNx
52.18.235.86200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzS74AAAAIzS6QNx
IP 52.18.235.86:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YzS74AAAAIzS6QNx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://donfitzsimmons.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v043-0d63d80c4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: RTyQzru/Q94=
Content-Length: 59
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:25:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:25:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:25:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:25:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10206
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 21:25:52 GMT
Connection: keep-alive
donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
79.137.192.45200 OK 115 kB URL HTTP/2 donfitzsimmons.com/public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Size 115 kB (114876 bytes)
Hash 07848fc9f8ee30b5f19ec8ea90fa76c9
67f34f60f374fc900a91527073f58d3e567bcae8
e5ccc979723dfdf4afd11998b1c1722a1ec27467fdf0e20fb9a0148637c9aaf2
GET /public-data/ssi/vendor/footer/css/bmoharris_footer_personal_en.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Mar 2022 20:02:50 GMT
etag: "f3db3-5d9ce95024e80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 85014
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: 74191b02-ebea-48bd-8522-f05bf8080f31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlOKFtsIAMFyGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bf4-1f2daa9d7906bf9812e10953;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Y0gjPs-l9_JD9F-LSH_i1uL2Nz0UcWCG-9PmDmRH8cN_cNAeSchJTA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:32:06 GMT
age: 86026
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pR4b1-lZZRMnWf-PdXFGXaHBCGAfOyp3AjeuCvtu5imWmf9N9l2wKQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:38 GMT
age: 85034
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 85189
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fcxclGRP3zfWwb6opjYU2bL9VAq_mCSNjFtfp9iMLq6tbZu57EDqpQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
age: 84948
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&evt=dedup
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&evt=dedup
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=5561742&Ver=2&mid=bd543f9e-1c9a-4d92-a96f-c0142e66ed25&sid=1f8ae4603f7411ed83b1e915c7dd7767&vid=1f8af3003f7411ed89429ba4cfcd2505&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3B23B4B7248E622420F3A69A25D963A0; domain=.bing.com; expires=Mon, 23-Oct-2023 21:25:52 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A90E1BCB038442AC94A224784CE0B75A Ref B: OSL30EDGE0411 Ref C: 2022-09-28T21:25:52Z
date: Wed, 28 Sep 2022 21:25:51 GMT
X-Firefox-Spdy: h2
bmofinancial.demdex.net/event?d_dil_ver=9.4&_ts=1664400350545
54.229.34.254200 OK 2.0 kB URL HTTP/1.1 bmofinancial.demdex.net/event?d_dil_ver=9.4&_ts=1664400350545
IP 54.229.34.254:0
File type JSON data\012- , ASCII text, with very long lines (7511), with no line terminators
Hash e26829b3ec15d1e8e0393ffc5ee99337
77c87d7d20743c13927457d1eed94a465f24f6df
189a6144a315a82aa13f3ed40f744da53d466587f42ff0df30cf1d2d76ebc135
POST /event?d_dil_ver=9.4&_ts=1664400350545 HTTP/1.1
Host: bmofinancial.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 174
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://donfitzsimmons.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v043-0e438f8cf.edge-irl1.demdex.com 6 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=54740827589526457803125696512956483006; Max-Age=15552000; Expires=Mon, 27 Mar 2023 21:25:53 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: ShnDM3chTZM=
Content-Length: 1985
Connection: keep-alive
donfitzsimmons.com/dist/images/personal/homepage-banners/credit-card-march-2022-1200x370px.jpg
79.137.192.45200 OK 0 B URL HTTP/2 donfitzsimmons.com/dist/images/personal/homepage-banners/credit-card-march-2022-1200x370px.jpg
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
GET /dist/images/personal/homepage-banners/credit-card-march-2022-1200x370px.jpg HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 14:34:12 GMT
etag: "64eb5-5db7070646100"
accept-ranges: bytes
content-length: 413365
content-type: image/jpeg
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
bankofmontreal.tt.omtrdc.net/rest/v1/delivery?client=bankofmontreal&sessionId=af19786e14534de7b94dbf3211fff0e3&version=2.2.0
15.188.95.229200 OK 0 B URL HTTP/2 bankofmontreal.tt.omtrdc.net/rest/v1/delivery?client=bankofmontreal&sessionId=af19786e14534de7b94dbf3211fff0e3&version=2.2.0
IP 15.188.95.229:0
POST /rest/v1/delivery?client=bankofmontreal&sessionId=af19786e14534de7b94dbf3211fff0e3&version=2.2.0 HTTP/1.1
Host: bankofmontreal.tt.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 838
Origin: https://donfitzsimmons.com
Connection: keep-alive
Referer: https://donfitzsimmons.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 21:25:52 GMT
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
access-control-allow-origin: https://donfitzsimmons.com
access-control-allow-credentials: true
x-request-id: fa1f43a6-7653-4c6b-8add-993224763b51
timing-allow-origin: *
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
content-encoding: gzip
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
server: jag
X-Firefox-Spdy: h2
donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/launch-6d30bf830256.min.js
79.137.192.45200 OK 0 B URL HTTP/2 donfitzsimmons.com/js/launch/5aebfc6032e6/8857e2b59892/launch-6d30bf830256.min.js
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
Analyzer Verdict Alert fortinet Phishing
GET /js/launch/5aebfc6032e6/8857e2b59892/launch-6d30bf830256.min.js HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 Jun 2022 16:49:50 GMT
etag: "59160-5e2ad0edae780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 0 B IP 142.250.74.3:0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 21:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
79.137.192.45200 OK 0 B URL HTTP/2 donfitzsimmons.com/public-data/ssi/header/css/bmoharris_header_personal_en.css
IP 79.137.192.45:0
ASN #12695 LLC Digital Network
GET /public-data/ssi/header/css/bmoharris_header_personal_en.css HTTP/1.1
Host: donfitzsimmons.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donfitzsimmons.com/main/personal.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 20 Apr 2022 15:12:30 GMT
etag: "f493e-5dd176c07f380-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 28 Sep 2022 21:25:50 GMT
server: Apache
X-Firefox-Spdy: h2