r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3491
Expires: Sat, 26 Nov 2022 12:32:02 GMT
Date: Sat, 26 Nov 2022 11:33:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3712
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:51 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:59 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6155
Expires: Sat, 26 Nov 2022 13:16:26 GMT
Date: Sat, 26 Nov 2022 11:33:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 11:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 878
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0KAIzA50mV8YVfSNCGM2/wS7Z0A4c3acJw7NY5QORemFo/F354+yZdceHuxtbSSc7VfFSTYXkr8=
x-amz-request-id: GFEKS0WWB111AK84
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 10:41:10 GMT
age: 3161
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 11:33:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https://d31hzlhk6di2h5.cloudfront.net/20221123/8b/6d/ba/2b/d697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
162.241.225.102301 Moved Permanently 0 B URL HTTP/1.1 bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https://d31hzlhk6di2h5.cloudfront.net/20221123/8b/6d/ba/2b/d697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?utm_source=newsletter&utm_medium=email&utm_content=https://d31hzlhk6di2h5.cloudfront.net/20221123/8b/6d/ba/2b/d697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022 HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 26 Nov 2022 11:33:51 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Cache-Control: max-age=300
Expires: Sat, 26 Nov 2022 11:38:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 0
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 11:11:12 GMT
cache-control: public,max-age=3600
age: 1360
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6536
Cache-Control: max-age=170515
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:52 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:55:47 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6946434c622f6413e7306abc9e25020e
2dd48eade2e0b228ad6569a1683988e052b1f7fe
04e8b65b854e85367155fd9cc6a1833e26ca842e1e7d43749c55d26e29ab99e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04E8B65B854E85367155FD9CC6A1833E26CA842E1E7D43749C55D26E29AB99E9"
Last-Modified: Fri, 25 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21583
Expires: Sat, 26 Nov 2022 17:33:35 GMT
Date: Sat, 26 Nov 2022 11:33:52 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bX7p64fUm66NOg1cc+IYvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cG6A4DCZ/rAEV0xWxtlQ96Pzn3k=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/bsmsummit.com/wp-content/uploads/2022/09/BSM-Summit-2023-1920X1080-1.jpg?w=1280&ssl=1
192.0.77.2200 OK 63 kB URL HTTP/2 i0.wp.com/bsmsummit.com/wp-content/uploads/2022/09/BSM-Summit-2023-1920X1080-1.jpg?w=1280&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6c8ec4c275ea7071261e45953ceb8075
e1ac03fddb8c38f8b2b4ae7be767319cf8d49c61
8f4b76a8569c353c64685fb0e2431cecb00b845559f83d21a205160a85ee3be1
GET /bsmsummit.com/wp-content/uploads/2022/09/BSM-Summit-2023-1920X1080-1.jpg?w=1280&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 11:33:53 GMT
content-type: image/webp
content-length: 63348
last-modified: Wed, 23 Nov 2022 19:27:10 GMT
expires: Sat, 23 Nov 2024 07:27:10 GMT
cache-control: public, max-age=63115200
link: <https://bsmsummit.com/wp-content/uploads/2022/09/BSM-Summit-2023-1920X1080-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "dd378b3e668c766c"
vary: Accept
x-nc: MISS arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/css/classic-themes.min.css
162.241.225.102200 OK 189 B URL HTTP/2 bsmsummit.com/wp-includes/css/classic-themes.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 189
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
162.241.225.102200 OK 1.3 kB URL HTTP/2 bsmsummit.com/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash 91bab39b98d7e5c1632717b9ebe349e4
e639a447d06fc7827be5b5b35d603ff16b5f7bb1
47ff151faeb23a5654f6ec58b404e51193f6714849a69de241c2ee79662f74c6
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Nov 2019 03:26:26 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1298
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
162.241.225.102200 OK 3.2 kB URL HTTP/2 bsmsummit.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1054d0d53548e8bae51665b11acc6413
2eea6a05fe18db61fff58c431d34a86b3e0b7ade
cb8b0f0f3f871d9776da32ee6d9e1af9277a211be61e97a831c7f8c98fbebfae
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 03:41:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 3239
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/css/owl.carousel.min.css
162.241.225.102200 OK 975 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/css/owl.carousel.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2846), with CRLF line terminators
Hash cc538c4fefe8317e2f39312f7faad7d8
c6e4a125ed897e47f69a711e0eaae4162e8cd870
f29cd9f3a2aa9b22f2c84e5ab5a2aa66bd7a58d0e30c20fbf9cef7e77666296d
GET /wp-content/themes/the-conference-pro/css/owl.carousel.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 975
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/css/blossomthemes-email-newsletter-public.min.css
162.241.225.102200 OK 1.4 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/css/blossomthemes-email-newsletter-public.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4195), with no line terminators
Hash 4f991291d9d68f0708f6fc316c6bd7fd
77a4e4bf34a47599dee2c370513cc7e232691854
db12b856ddeeaddeec436154efaa60419cf61174366584d71e518b10b059f393
GET /wp-content/plugins/blossomthemes-email-newsletter/public/css/blossomthemes-email-newsletter-public.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:07 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1393
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/css/raratheme-companion-public.min.css
162.241.225.102200 OK 4.7 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/css/raratheme-companion-public.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18639), with no line terminators
Hash 803dbb599bfef99bee19bd472094468f
03e23189be22086b61ca18c1364b7830119900d1
f828d4651f35d803acce9aa9ace315c6cce16cacc44e1861bb0328699b91a656
GET /wp-content/plugins/raratheme-companion/public/css/raratheme-companion-public.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4726
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/css/jquery.mCustomScrollbar.min.css
162.241.225.102200 OK 6.5 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/css/jquery.mCustomScrollbar.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42839), with no line terminators
Hash 29b10fce7614f1cd2f44ceca4ce5f63e
daa89f034f103f0874dfffbc18f0833126c002e8
6a5cb282e066973ee8ae2b868fcb08f55e420aae842948585154607a9b2c3031
GET /wp-content/themes/the-conference-pro/css/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 6507
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/css/jquery.fancybox.min.css
162.241.225.102200 OK 4.1 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/css/jquery.fancybox.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12795), with no line terminators
Hash cf0785cf0ed0e61ff719545fa3895446
41d23fc8b5755e0d9d72a174d0cfaf781df5f2b3
159db16a04f99391f3a89816a0b7955f3accf86fafb9c0c07dcdebe222a41c5a
GET /wp-content/themes/the-conference-pro/css/jquery.fancybox.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4130
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/wp-emoji-release.min.js
162.241.225.102200 OK 5.3 kB URL HTTP/2 bsmsummit.com/wp-includes/js/wp-emoji-release.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 03:23:54 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 5321
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/css/animate.min.css
162.241.225.102200 OK 3.1 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/css/animate.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (16755), with CRLF line terminators
Hash 3a01531e19471d0dbfb847c47312463b
136a639cfe600caadab893c8146aa29412d8226b
520d24051d75e307d1fab5580e9334186b924f25acb6d450a7da04d45bff212a
GET /wp-content/themes/the-conference-pro/css/animate.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 3057
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/jquery/jquery-migrate.min.js
162.241.225.102200 OK 4.6 kB URL HTTP/2 bsmsummit.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Dec 2020 03:41:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4618
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/contact-form-7/includes/css/styles.css
162.241.225.102409 Conflict 83 B URL HTTP/2 bsmsummit.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js
162.241.225.102200 OK 369 B URL HTTP/2 bsmsummit.com/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (685), with no line terminators
Hash accd80b294f42169b1e447e68bacfffe
40847092d82d78897a8219b270b22838fcc0bb95
35e8294d38f054cd6fbcdef72076443685888546d93b41a596e981a5e9a61552
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:14 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 369
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css
162.241.225.102200 OK 8.0 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40847)
Hash 99cdf43a0f352d5ea32fbb56604207a9
fda63af68fd6ffbf14a8fddde4b0cdc89a63bbfe
baf37fe00e4a0d2129fa8d9f9606307cc99be40f5b0d2ab90b4e075139607a3c
GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 8004
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
162.241.225.102409 Conflict 83 B URL HTTP/2 bsmsummit.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/contact-form-7/includes/js/index.js
162.241.225.102409 Conflict 83 B URL HTTP/2 bsmsummit.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/js/blossomthemes-email-newsletter-public.min.js
162.241.225.102200 OK 164 B URL HTTP/2 bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/js/blossomthemes-email-newsletter-public.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a2801d1974fa686e67d43d814ebc6f86
b3a854ac94e2a62ef92d6548515a929250e3e0e2
d814c784ccaf87ca1f561bfc03958e1d3a3b64a42a4f029fdb4f32102a9dd8ae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/blossomthemes-email-newsletter/public/js/blossomthemes-email-newsletter-public.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:07 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 164
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/imagesloaded.min.js
162.241.225.102200 OK 2.1 kB URL HTTP/2 bsmsummit.com/wp-includes/js/imagesloaded.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 03:26:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 2103
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/masonry.min.js
162.241.225.102200 OK 9.2 kB URL HTTP/2 bsmsummit.com/wp-includes/js/masonry.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (23966)
Hash 2a730dafa34e6ff81513d31e486cdbdb
1fce17d256f67ae086d74092a03006997d9b0add
7a5fd36a453a3a7471fa93b8169579f9a98e2df7a262c44d28d3de41a0f7ae1c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 12 Aug 2020 03:26:41 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 9216
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/raratheme-companion-public.min.js
162.241.225.102200 OK 517 B URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/raratheme-companion-public.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1516), with no line terminators
Hash 9db4666311ea0b8063666919cd679b54
31d6e928c3e55278134661a839a7c697b612e90a
548de86f9c19dc4fb8cfe37806f701621c7c433539d40489411a760f54a11bc9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/raratheme-companion/public/js/raratheme-companion-public.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 517
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/isotope.pkgd.min.js
162.241.225.102200 OK 13 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/isotope.pkgd.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32004), with CRLF line terminators
Hash 4029d3636ac491c6ea772ce9ced3d18b
bd591528b453cf6d42e5c32363f8671b45b26d23
e04492e7d9aa527b87eab3f985dc15e44b384a5d07e4a49b8ee53ba6d239675d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/raratheme-companion/public/js/isotope.pkgd.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 13117
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito+Sans%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito+Sans%3Aregular
142.250.74.10200 OK 4.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito+Sans%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito+Sans%3Aregular
IP 142.250.74.10:0
File type ASCII text, with very long lines (8385), with CRLF, LF line terminators
Hash 6074c216b83b4c74ade90c10914c63d5
7190b62b2979b6d030bf87d1d041766463e70aa6
2019c4f29e54867dac38719fb04c2c7cd9bc86f0146d21a55cf6fc67cffa1079
GET /css?family=Nunito+Sans%3A200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito+Sans%3Aregular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 11:33:53 GMT
date: Sat, 26 Nov 2022 11:33:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/fontawesome/v4-shims.min.js
162.241.225.102200 OK 8.4 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/fontawesome/v4-shims.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (25929), with CRLF line terminators
Hash 3071aac11180de9520f6abca5e1b2a60
5d4a9f90cfc146747a3220af2fec4f61e9678b07
a2229cf3c6356f0d32e4c086a273a1ae702575e5a5856c022dd0484182a87ad7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/raratheme-companion/public/js/fontawesome/v4-shims.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 8371
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.countdown.min.js
162.241.225.102200 OK 1.8 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.countdown.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4093), with no line terminators
Hash 59ed756cd46c2e9b0671f36bd868934f
5d3f60850c7e82403883b24280d79669c18553a6
b57040e42f121e44076814f6f59755d521cf9603cd73487423adb67cd5406658
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/jquery.countdown.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1792
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/owl.carousel.min.js
162.241.225.102200 OK 15 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/owl.carousel.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32000), with CRLF line terminators
Hash 4abcf4ed418c59f48188925991bfb1cf
5adc48c03dfdfe91367b8eed76fbd7cdf9166a30
8911847696e35f16ee9057f65da5c3882ec9268b8b243bc7441a13a2fefb2fed
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/owl.carousel.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 15332
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.mousewheel.min.js
162.241.225.102200 OK 721 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.mousewheel.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1020), with CRLF line terminators
Hash 5d293af8cdd9f944cbc8841c2a6e776d
2f16331a85ba40ce10bfb9bfc10e62583fc66b86
5f0fd6950826969d6a8b12916e6c0aa6fd1356c4922f0227758ba7fab8d1ee98
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/jquery.mousewheel.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 721
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/layzr.min.js
162.241.225.102200 OK 1.9 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/layzr.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3863), with CRLF line terminators
Hash 13071802c1a4a8d821f2c4c7b8cf736d
0c31d2044bae6a7899858eb6bbe8c46a985cc4ce
16a6b6a6d0f1913093d8b4ea8f667fb74a9e1412cbc4bc902610c2aea324466d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/layzr.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1896
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/custom.min.js
162.241.225.102200 OK 2.4 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/custom.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (8841)
Hash 1dfe91ccbb6bd86797f49dd31e7b302b
c4c0cf406671b1c598b84efbdcdde4654ba7e3ec
8456d407cc2eff0230fa8b7edb322b139d2f2e9fd41488b23ef5beb948602c31
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/custom.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 2439
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/ajax.min.js
162.241.225.102200 OK 1.1 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/ajax.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (2521)
Hash fae25c80588e9004314f970897f6d25d
b9dc2623d42380125148e4be0036c70ffa170195
c1bed891049c951d0346a2070bde83d5cb06fa2bc5588d7baeefe6bcd609edf0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/ajax.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1136
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/hooks.min.js
162.241.225.102200 OK 1.7 kB URL HTTP/2 bsmsummit.com/wp-includes/js/dist/hooks.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4875)
Hash 6a452794a68bc140a53b30519b94edf6
68046f5611ba3cf5da1c46087609aff18f59fdc1
259990a9e6191a72a51ac9d038d0c52bb56d880a2b0d460b1fca3f3fee7961ed
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/hooks.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 03:23:53 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1712
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
162.241.225.102200 OK 2.7 kB URL HTTP/2 bsmsummit.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 45bd1d6f7fc3a4069fc6fd400b90c961
903c7e28c7141e9fc1bdb4dfc62d043a97a01e2d
c638a0057b4be0a61cfb65b1860a855a327397e9871f5dde28fa2f138fb394dc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 03:23:54 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 2675
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/jquery/ui/tabs.min.js
162.241.225.102200 OK 4.8 kB URL HTTP/2 bsmsummit.com/wp-includes/js/jquery/ui/tabs.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11760)
Hash 06401577a89308edc33538a5f7508ec2
20269cbcf05f719cb5188b6c33b8039e2bd75613
33a958aae57665e9558d1266012d646ed8c513c32370a821e58fb45b57167af6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4757
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/jquery/ui/core.min.js
162.241.225.102200 OK 8.3 kB URL HTTP/2 bsmsummit.com/wp-includes/js/jquery/ui/core.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 838560e989767f2ef5951b9eeee20352
6bf8419cb4d68d9beced9e4b79b22b347ae16a46
72e6d275c5229613a59aef94523fc6a96330553976aee003d8544d5806fa0c3d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 8344
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/dom-ready.min.js
162.241.225.102200 OK 331 B URL HTTP/2 bsmsummit.com/wp-includes/js/dist/dom-ready.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (463)
Hash ba2b50662c393ff6ba69961f66b24d5d
d5694f33b1072b13fc4c3989e90252c0b28030a2
79ad638f020827a6db341526b430e65459aa712bfbdcabf28bb013c6b2c715e9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/dom-ready.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 03:23:54 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 331
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/wp-custom-header.min.js
162.241.225.102200 OK 1.8 kB URL HTTP/2 bsmsummit.com/wp-includes/js/wp-custom-header.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4407)
Hash 62988b6557eba9f08b2f33fe079509f5
adfffaaebd48e712333fa5917b248b6218768b12
46596428f1d6c1d68155d9e484ac14aaa7b83a7826f19622533652f0ec24c4c9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-custom-header.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Jul 2021 03:27:49 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1773
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
162.241.225.102200 OK 7.6 kB URL HTTP/2 bsmsummit.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash 66c68f2158dcf7d97a02f3719a17aab0
fdb04fb4c632b9fb4275006a4e402cd0d4fa393a
e4b360f0e6ae1afc06f05f958e8696e5ae45257912bc2ab0b9334bd1382a51aa
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 7621
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/odometer.min.js
162.241.225.102200 OK 4.2 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/odometer.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10140), with CRLF line terminators
Hash 73967e6badbb3c3138bfd58b227439af
7b94fc9abbc95256280780e05967a80d80f178e5
f45b7a5a70cddc3780d50317861142a22c581c6c0aa7a3418eda15d6e675876c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/raratheme-companion/public/js/odometer.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4242
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/i18n.min.js
162.241.225.102200 OK 4.2 kB URL HTTP/2 bsmsummit.com/wp-includes/js/dist/i18n.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b62593186f7f91a9470ab6968ec5feb
bd7728c79c04f4f2f7a787097b0868e06ceba5ad
2a9920dc63cbd8228103c7d6bf2a044f06963041253c385c3cebb147297aa782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 4233
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/a11y.min.js
162.241.225.102200 OK 999 B URL HTTP/2 bsmsummit.com/wp-includes/js/dist/a11y.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 05e2ccec781ae289719bb26320d5cc40
60f3adc6dccea4df940d0f1579b83b06e715d0ed
1242f50bffe2d7745a712e1702f3f26a58d955fc110abf58599730fb6380a91c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/a11y.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 03:23:53 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 999
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js
162.241.225.102200 OK 218 B URL HTTP/2 bsmsummit.com/wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 349fc6f5303509d712f96e1002f4be80
b48c977f8d3a6d3c0a7457ffc3a2c621342d3836
d53516c0507360f88cc9e7d9d26542cf6a2d2e641a7a42cfb6d47c2d09296e7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jetpack/_inc/build/twitter-timeline.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:14 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 218
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js
162.241.225.102200 OK 1.7 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type C source, ASCII text, with very long lines (4014), with no line terminators
Hash e03900351327a27c5975d24ae3028d22
080aed207843da5d94183f071d9f1a4d3db86247
10b44bd938b32514dbc9895767b24b3245ccda2c742159ae0fbef561868ad87f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 1736
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/waypoint.min.js
162.241.225.102200 OK 2.9 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/raratheme-companion/public/js/waypoint.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7502), with CRLF line terminators
Hash ae1025902a4cc7d0d8ad6c71e53b9f63
6dcb8ea626fe3ac4771801a5551a5bcc5fa6e933
9f98d11c34aacc270d40f90dff071ff27741286957b7679faf7d363d4a5a17fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/raratheme-companion/public/js/waypoint.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:06:56 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 2914
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js
162.241.225.102200 OK 901 B URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1713), with no line terminators
Hash 3e33d71d7250e95ae90fbd97b39c7075
b19776ee503d6f29411092ab7caa614e8831c2ef
9e0ab4d1f16b939246bb32425207d6f4861275d7ef03acfb85ecac492a750f47
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 901
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js
162.241.225.102200 OK 9.8 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (24463)
Hash fb092211d0a2836dce89f50a87893316
141c3058a3d209cd6606ad88163af9791706d5be
beb74149278a12e2e78cdb38f115e9d055e8622f2306f03738b2dc6ab742140e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 9806
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js
162.241.225.102200 OK 150 B URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 14e97c0bd8b30f6184d7b9b0de3b62dc
052e2d09afda94db181e7b410ef3c49567350896
cf50cfaa42eabf7e33d6b7214e8965573e33b17b60420352789410639c9c80aa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 150
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js
162.241.225.102200 OK 12 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32356), with no line terminators
Hash 020e6af66fcb71dad466089184f1c241
ab861c84c240870ec4572d36e23ed7cb4f11ae01
2ba871c1a627bc33847a4a32f8c055f54913608c3589b7b014951bb58c31095b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:28 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 12079
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17116, version 1.0\012- data
Hash bcf3a3fb620dfbee774f84e2c8e71530
40a79d240acdd7e5a95e165515ac7c0958a37971
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bsmsummit.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:55:35 GMT
expires: Tue, 21 Nov 2023 21:55:35 GMT
cache-control: public, max-age=31536000
age: 394699
last-modified: Mon, 09 May 2022 18:31:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17684, version 1.0\012- data
Hash 67f5e167a73df331cd54701561965cd0
5c6e5ca963553c516240156bcdca131b2d0ac87e
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
GET /s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bsmsummit.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 22:02:40 GMT
expires: Tue, 21 Nov 2023 22:02:40 GMT
cache-control: public, max-age=31536000
age: 394274
last-modified: Mon, 09 May 2022 18:32:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Sat, 26 Nov 2022 13:06:07 GMT
Date: Sat, 26 Nov 2022 11:33:54 GMT
Connection: keep-alive
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Hash 8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bsmsummit.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 08:32:12 GMT
expires: Thu, 23 Nov 2023 08:32:12 GMT
cache-control: public, max-age=31536000
age: 270102
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Sat, 26 Nov 2022 13:06:07 GMT
Date: Sat, 26 Nov 2022 11:33:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5533
Expires: Sat, 26 Nov 2022 13:06:07 GMT
Date: Sat, 26 Nov 2022 11:33:54 GMT
Connection: keep-alive
bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/js/all.min.js
162.241.225.102200 OK 732 kB URL HTTP/2 bsmsummit.com/wp-content/plugins/blossomthemes-email-newsletter/public/js/all.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 732 kB (732172 bytes)
Hash caf5d223947a0ac8b93fb3fb475461e2
87535f990544cbeb7f7496ddf034995a7a093b98
137aac48a1b2715cb61deb3facd6b0c478d0c6d1f9b10a6e879f12b4753095f8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/blossomthemes-email-newsletter/public/js/all.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:07 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/images/counter-bg.jpg
162.241.225.102200 OK 286 kB URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/images/counter-bg.jpg
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x460, components 3\012- data
Size 286 kB (286142 bytes)
Hash 8ac7092abf02a393d3cf25ec9d1a4d74
f76e2c604191067361b09f963a235a020eef6607
2b29a31555425d12701924ef8da6fead4cc5c2338cb411101e5c86ab8b118473
GET /wp-content/themes/the-conference-pro/images/counter-bg.jpg HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
content-length: 286142
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:33:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:33:54 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 49818
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/uploads/2022/09/usc-foundersclub5.jpg
162.241.225.102200 OK 552 kB URL HTTP/2 bsmsummit.com/wp-content/uploads/2022/09/usc-foundersclub5.jpg
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2048x1525, components 3\012- data
Size 552 kB (551627 bytes)
Hash 02e434d36608679b3065ce5493e50a99
12353df897fec5eb6543786f2aa0f452121afacf
c20c61c2c785e198b437166b5b07c0c0fb2aa5d11cdd9022075b98bdff27f937
GET /wp-content/uploads/2022/09/usc-foundersclub5.jpg HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 21:05:57 GMT
accept-ranges: bytes
content-length: 551627
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:33:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: image/jpeg
date: Sat, 26 Nov 2022 11:33:54 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3306.8972963004135!2d-118.28206678467225!3d34.02084712683104!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7e1124ec94f%3A0x699dcec2392fdbb4!2sGalen%20Center!5e0!3m2!1sen!2sus!4v1662418394890!5m2!1sen!2sus
142.250.74.164200 OK 1.5 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3306.8972963004135!2d-118.28206678467225!3d34.02084712683104!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7e1124ec94f%3A0x699dcec2392fdbb4!2sGalen%20Center!5e0!3m2!1sen!2sus!4v1662418394890!5m2!1sen!2sus
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2688)
Hash 49d0fb3a1902a3a02adf41c2b76428dc
16e2cf4dc3e1b6c18f69f4341cc731398ffd3759
1097ae96fa6f55e45f94f5eb5bd42d0d2f4f688f084276974f938d31d2a31489
GET /maps/embed?pb=!1m18!1m12!1m3!1d3306.8972963004135!2d-118.28206678467225!3d34.02084712683104!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x80c2c7e1124ec94f%3A0x699dcec2392fdbb4!2sGalen%20Center!5e0!3m2!1sen!2sus!4v1662418394890!5m2!1sen!2sus HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 11:33:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-RUv5yeu2Tud3M-zNg9No7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1508
x-xss-protection: 0
server-timing: gfet4t7; dur=145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 15628
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95101ded0fe92a85649a086992948008
afed98649590f2524a9e530c53eebbc1ba36da6a
7f754cb2105494045efe657c47313e77bb26361ca45a6f8cbce1fdb52a15ba01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c125eba-03aa-443e-b99e-10c7890258e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9787
x-amzn-requestid: 51d9848a-868c-4e51-b1a8-30596d0108b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLUfxHjToAMFeGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813464-749244df2aa06b23445d675c;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:32:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mSCEUQ3aOXg6rxJV0iWPgFZ6TE2pCucWwOI3KAsdbu_EadcDDa5vwg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:07:47 GMT
age: 48367
etag: "afed98649590f2524a9e530c53eebbc1ba36da6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 23366
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 926df9839ec3d924b563b55d8bccace8
c47a3884465fc02b5c57faa5ffbd986ba29c64c2
a97cd625959aa81bc516024628315b2c6e2ce94f76cd579751a686a6611cc4d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e649ab-6d56-47c9-ab7e-c65d9bdfcffd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: eede6332-5376-4f9c-83fc-f894430c1f4b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLWWYFFgoAMFhaQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381375b-66d7ffc70f7d901420a503da;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -6kE-HDfLIQMtzuaOuArCjtxgpQUgxMrpjcT7pDIdY7CDlJNK1GZWA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:46:24 GMT
etag: "c47a3884465fc02b5c57faa5ffbd986ba29c64c2"
content-type: image/jpeg
age: 49650
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bsmsummit.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
162.241.225.102409 Conflict 83 B URL HTTP/2 bsmsummit.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 26 Nov 2022 11:33:54 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 07:12:45 GMT
expires: Thu, 23 Nov 2023 07:12:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 274869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/contact-form-7/includes/js/index.js
162.241.225.102409 Conflict 83 B URL HTTP/2 bsmsummit.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Sat, 26 Nov 2022 11:33:54 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=149581039&post=87&tz=0&srv=bsmsummit.com&host=bsmsummit.com&ref=&fcp=2377&rand=0.060302998627516535
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&j=1%3A11.2&blog=149581039&post=87&tz=0&srv=bsmsummit.com&host=bsmsummit.com&ref=&fcp=2377&rand=0.060302998627516535
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.2&blog=149581039&post=87&tz=0&srv=bsmsummit.com&host=bsmsummit.com&ref=&fcp=2377&rand=0.060302998627516535 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 11:33:54 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 347
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sat, 26 Nov 2022 11:33:54 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fbsmsummit.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fbsmsummit.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fbsmsummit.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2034781
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 26 Nov 2022 11:33:54 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
bsmsummit.com/favicon.ico
162.241.225.102302 Found 0 B URL HTTP/2 bsmsummit.com/favicon.ico
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
link: <https://bsmsummit.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://bsmsummit.com/wp-includes/images/w-logo-blue-white-bg.png
cache-control: max-age=300
expires: Sat, 26 Nov 2022 11:38:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 11:33:54 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/dist/vendor/moment.min.js
162.241.225.102200 OK 23 kB URL HTTP/2 bsmsummit.com/wp-includes/js/dist/vendor/moment.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1374734914e757793d1c3e20610c4ed5
86fdbe76691e44f838885e0b7c02b460270136fb
2c8a283476e623e53ac79b6a15022c174ce495375cfd6203ab8b1dd238e9edd6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/moment.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.142200 OK 897 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.142:0
File type ASCII text, with very long lines (509)
Hash 28762fbb2833b0ecbc9d613c1136bc55
866b577c4999ad5002b644fbaf37318280b08d73
c08cbf98d174c2b584daf761225efef00a823cd4246c66a1824abbf45ceb4fb0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 26 Nov 2022 11:33:54 GMT
date: Sat, 26 Nov 2022 11:33:54 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=I6FonTGsNuU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Y7H1UuqRKY0; Domain=.youtube.com; Expires=Thu, 25-May-2023 11:33:54 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+469; expires=Mon, 25-Nov-2024 11:33:54 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/images/w-logo-blue-white-bg.png
162.241.225.102200 OK 4.1 kB URL HTTP/2 bsmsummit.com/wp-includes/images/w-logo-blue-white-bg.png
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 11 Jun 2020 03:43:43 GMT
accept-ranges: bytes
content-length: 4119
cache-control: max-age=31536000
expires: Sun, 26 Nov 2023 11:33:55 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: image/png
date: Sat, 26 Nov 2022 11:33:55 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 601317
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 136059
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 11:30:21 GMT
expires: Sat, 26 Nov 2022 11:45:21 GMT
cache-control: public, max-age=900
age: 215
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 26 Nov 2022 11:33:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be0da545931a6e6f06c7eb8395b8a3af
bea09f1e5d361abfe41135f1497b1b469699b912
3428d08f184d29f34d4067e1796ecfa6aa9f9cc6e76006fac23aaf175bdd4eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 26 Nov 2022 11:33:56 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
172.217.21.170200 OK 8.1 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 172.217.21.170:0
File type JSON data\012- , ASCII text, with very long lines (10973), with no line terminators
Hash 533f38c255d239136c96ba8229024c95
5a69a79fcc3ea82f74482c39c50b7e908111db2d
36bbd7614b57e4ddd06ad95a3cf634a31aa27d94b5bd8179b9eca9d4c3a10739
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 26 Nov 2022 11:33:56 GMT
server: ESF
cache-control: private
content-length: 8075
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-kWHzLv0a9GRQiHOvSo52k3cLFq1p9gviKqH6V=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-kWHzLv0a9GRQiHOvSo52k3cLFq1p9gviKqH6V=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 7a187f9a22db68ac7db365eada6bfd01
bd33a85ce1ba8ffe3a7efda69150a60910090f6f
5382f66420008090eb46f1497b7f43104192dc283a4091e5312c631c6f7e0ab4
GET /ytc/AMLnZu-kWHzLv0a9GRQiHOvSo52k3cLFq1p9gviKqH6V=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3525
x-xss-protection: 0
date: Sat, 26 Nov 2022 11:33:56 GMT
expires: Wed, 23 Nov 2022 23:37:21 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e4d661d999b855142d472fd230fb4ab3
b4be1feeaccc98768ec3393929772bd8f75deed7
97a1c1b509250dd99cde7f76b53a43b7ee415011744414d83f5980df2e11dc60
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash df08f508e01b80551d5cb2168117fcd6
17ee41c3900f520024279a9825d6269f155e588f
66f4df6d9783a0e435e457eceda34bd564eb55a188f322558680956d45963af1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1079), with no line terminators
Hash bc5aa60f11f94491ceaa0cbbd8d6b938
69b08d4ab3f1e214390f8738b088bc28fa2408ff
2d770c5b5b5a350f273c18eff0836220786b90b465518ad35168d98a686b780b
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1079
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&range=0-65884&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&range=0-65884&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1038), with no line terminators
Hash 95116fdc644acd52d33fe2184827d0d9
eca7039326f814e761bfdcb22c31d5c9683cc1fe
f14983ce05687800484aa9f51d13628c8146b2c3d9226b8cacdefd26248fd93c
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&mh=Xl&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=3066250&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&mt=1669461946&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgWIjKJq-Ske3b2sFr36HD8YKyajDldoC_EY4LDz7_ujcCIHzwg9gOeaAj1BucmR_e7FxBb7EOMq_Uy9CtR7JuxopP&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&range=0-65884&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1038
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash df08f508e01b80551d5cb2168117fcd6
17ee41c3900f520024279a9825d6269f155e588f
66f4df6d9783a0e435e457eceda34bd564eb55a188f322558680956d45963af1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/QzbxvRRA7po/maxresdefault.webp
142.250.74.118200 OK 67 kB URL HTTP/2 i.ytimg.com/vi_webp/QzbxvRRA7po/maxresdefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72a22f26881f96b7b0030964c698224b
bc33d77e2dbf26a4e1742f731f49faf54e15ada0
293c7b253963e08a9e435592de29edca29fe1d94131a48daa6f2b1e96db91f24
GET /vi_webp/QzbxvRRA7po/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 67074
date: Sat, 26 Nov 2022 11:33:56 GMT
expires: Sat, 26 Nov 2022 13:33:56 GMT
cache-control: public, max-age=7200
etag: "1662408904"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a166b692e49569f49412a4835a95d3a5
c98c9ca2a1ddc28e49f34eb35c8e3c46aa8487b7
4ed9e17a1d8f15022b4f16a825b670ae1f1d9dfb2aced8746dc60e601c426be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 11f21f5b7a8ced43f390356274d20eae
752926a39aa7c8eb577bdcd621f0246997a0a10a
9fc5caab6782001d1d48cd076bbb0197e7cd4d1c7502d59011a0a7f7f9e62d6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 11f21f5b7a8ced43f390356274d20eae
752926a39aa7c8eb577bdcd621f0246997a0a10a
9fc5caab6782001d1d48cd076bbb0197e7cd4d1c7502d59011a0a7f7f9e62d6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPfpIJ9XE2EhBp5wzokeWzc0niyBu4nMO5xMEUz0mTWDAiEA4OVOWLb2_CCOzd2Q4PC3_JfjgenBL5fPY6ysoYRbUlk%3D&sq=0&rn=3&rbuf=0
74.125.111.71200 OK 1.1 kB URL HTTP/1.1 rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPfpIJ9XE2EhBp5wzokeWzc0niyBu4nMO5xMEUz0mTWDAiEA4OVOWLb2_CCOzd2Q4PC3_JfjgenBL5fPY6ysoYRbUlk%3D&sq=0&rn=3&rbuf=0
IP 74.125.111.71:0
File type ASCII text, with very long lines (1092), with no line terminators
Hash 2d76e124a102d13734df85be5ae5fb1e
24da6b6be863bf09d6581e3c3949e7757c7e4b07
fd1b38bc67dd0ddb73318d353275017e21bc045fa68d298f1db709cd68f6e0e9
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPfpIJ9XE2EhBp5wzokeWzc0niyBu4nMO5xMEUz0mTWDAiEA4OVOWLb2_CCOzd2Q4PC3_JfjgenBL5fPY6ysoYRbUlk%3D&sq=0&rn=3&rbuf=0 HTTP/1.1
Host: rr2---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1092
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN3iIix-V0QIi9kPKz_IuR_Tv1VFP7f0HIHxq6KLQO1sAiEAk28yRgno_Ss9BtaFCBPbl8sT6D9OVvpn___txJZIxfo%3D&range=0-65884&rn=4&rbuf=0
74.125.111.71200 OK 1.1 kB URL HTTP/1.1 rr2---sn-5go7ynld.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN3iIix-V0QIi9kPKz_IuR_Tv1VFP7f0HIHxq6KLQO1sAiEAk28yRgno_Ss9BtaFCBPbl8sT6D9OVvpn___txJZIxfo%3D&range=0-65884&rn=4&rbuf=0
IP 74.125.111.71:0
File type ASCII text, with very long lines (1051), with no line terminators
Hash c5491fd5c68d7a2b18828a580786cbdd
7ef51304ba630e8db06a5281fc65f2d2ffd77e87
f15d85e9f9c491c968dff80512e94c7e492b224fa2c0a5e2330a1537c7c98eea
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Xl&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1669462186&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAN3iIix-V0QIi9kPKz_IuR_Tv1VFP7f0HIHxq6KLQO1sAiEAk28yRgno_Ss9BtaFCBPbl8sT6D9OVvpn___txJZIxfo%3D&range=0-65884&rn=4&rbuf=0 HTTP/1.1
Host: rr2---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1051
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 11f21f5b7a8ced43f390356274d20eae
752926a39aa7c8eb577bdcd621f0246997a0a10a
9fc5caab6782001d1d48cd076bbb0197e7cd4d1c7502d59011a0a7f7f9e62d6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-5hneknek.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAcYAdChLZ7OxVirSpGynxucyqTZm4KGFYj_bhlLeAkcCIBWiUWPHGEEqaBXzfZubLGBsLrCyT3XYpB38ZRGaTrdf&sq=0&rn=8&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w=
74.125.8.134200 OK 309 B URL HTTP/1.1 rr1---sn-5hneknek.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAcYAdChLZ7OxVirSpGynxucyqTZm4KGFYj_bhlLeAkcCIBWiUWPHGEEqaBXzfZubLGBsLrCyT3XYpB38ZRGaTrdf&sq=0&rn=8&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w=
IP 74.125.8.134:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash dae5e2c9c2db826f89ff4b63d6385624
dfb57427d4fe7a831d82a637eeab0a443ebabbbb
d2328c96d4be10a7958a6cf7a47a2cbff9cdc32d59935af4b9f716014b479cde
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=244&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=video%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&otf=1&otfp=1&dur=0.000&lmt=1662408940375932&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgKY-krFmWrFvdMCKdn8qbR2P7sB4JAnSh1RBAMa-PsfsCICDmjsDXitHT8eFPIfGhSQhDOc1RiWoKfVixx2ZCnqYZ&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgAcYAdChLZ7OxVirSpGynxucyqTZm4KGFYj_bhlLeAkcCIBWiUWPHGEEqaBXzfZubLGBsLrCyT3XYpB38ZRGaTrdf&sq=0&rn=8&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w= HTTP/1.1
Host: rr1---sn-5hneknek.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 07 Nov 2022 13:43:37 GMT
Content-Type: video/webm
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 309
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-5hneknek.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMCR1mc8ODLixXXIZHYkQn4wbaJB2zz5jFM-0cc2n_JKAiABpLt3US1SsgaTaI6hXKLz51qE1s-Bu7jriAKGmLMX0w%3D%3D&range=0-65884&rn=6&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w=
74.125.8.134200 OK 66 kB URL HTTP/1.1 rr1---sn-5hneknek.googlevideo.com/videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMCR1mc8ODLixXXIZHYkQn4wbaJB2zz5jFM-0cc2n_JKAiABpLt3US1SsgaTaI6hXKLz51qE1s-Bu7jriAKGmLMX0w%3D%3D&range=0-65884&rn=6&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w=
IP 74.125.8.134:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash fd40ea80a84af479053a6ae0f3369dc1
8bbb9bc962e8e44bd0cd0e466935c78aa24c5118
376b72b73f542b2a2f997ac980036206ca628790aede8506b69cb8e36bdf684f
GET /videoplayback?expire=1669484036&ei=pPmBY_-1Ct3z7QSW7Lh4&ip=91.90.42.154&id=o-AMYLq4KZMRobe2r238Ln_JA2S84OwED7vghYTukDpGQs&itag=251&source=youtube&requiressl=yes&spc=SFxXNinSzZ4IvUll63cTm_XTYKbfkVo&vprv=1&mime=audio%2Fwebm&ns=rus7lkeHq-hZVfUdxLcMk_MJ&gir=yes&clen=658015&otfp=1&dur=47.441&lmt=1662408938554483&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=pRIVf67TIM25PA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAI9wzQtaJgVqwunF6iZlEpA0xVV_cQo0jv3rRMEHiMxDAiEAkQ526R4lUzcUhzVDKqhg4LX7tLVJlJw9fddC9HO-ivM%3D&alr=yes&cpn=iSve-V3kyTvox8WL&cver=1.20221120.00.00&cm2rm=sn-capm-vnae7e,sn-5golk7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Xl&mm=34&mn=sn-5hneknek&ms=ltu&mt=1669462145&mv=m&mvi=1&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAMCR1mc8ODLixXXIZHYkQn4wbaJB2zz5jFM-0cc2n_JKAiABpLt3US1SsgaTaI6hXKLz51qE1s-Bu7jriAKGmLMX0w%3D%3D&range=0-65884&rn=6&rbuf=0&pot=D9vdkTu5UsUy2-Y6T5nC0XIElTyIoXY_8HNQqP-TaAUV-AOYjDaBiyF1eJxvnxnw4mIauCnQvEoJ6fktXaT048tF_bCC9QKjdc-jJ4lUEGyFgxsZlOab2sJ1MGdIk8ypcXEFHbKDt9w= HTTP/1.1
Host: rr1---sn-5hneknek.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 05 Sep 2022 20:15:38 GMT
Content-Type: audio/webm
Date: Sat, 26 Nov 2022 11:33:56 GMT
Expires: Sat, 26 Nov 2022 11:33:56 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65885
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 46851
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022 HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://bsmsummit.com/wp-json/>; rel="https://api.w.org/", <https://bsmsummit.com/wp-json/wp/v2/pages/87>; rel="alternate"; type="application/json", <https://wp.me/Pa7CRp-1p>; rel=shortlink
cache-control: max-age=300
expires: Sat, 26 Nov 2022 11:38:52 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: text/html; charset=UTF-8
date: Sat, 26 Nov 2022 11:33:52 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.fancybox.min.js
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.fancybox.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/jquery.fancybox.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.mCustomScrollbar.concat.min.js
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/jquery.mCustomScrollbar.concat.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/jquery.mCustomScrollbar.concat.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/js/jquery/jquery.min.js
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-includes/js/jquery/jquery.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Nov 2022 03:41:15 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/style.css
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/style.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/themes/the-conference-pro/style.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 23:20:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
stats.wp.com/e-202247.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202247.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 11:33:53 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 13 Nov 2023 09:17:34 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/plugins/jetpack/css/jetpack.css
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-content/plugins/jetpack/css/jetpack.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/plugins/jetpack/css/jetpack.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Sep 2022 19:44:13 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-includes/css/dist/block-library/style.min.css
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-includes/css/dist/block-library/style.min.css
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 03:47:47 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 26 Dec 2022 11:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: text/css
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2
bsmsummit.com/wp-content/themes/the-conference-pro/js/moment-timezone-with-data.min.js
162.241.225.102200 OK 0 B URL HTTP/2 bsmsummit.com/wp-content/themes/the-conference-pro/js/moment-timezone-with-data.min.js
IP 162.241.225.102:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/the-conference-pro/js/moment-timezone-with-data.min.js HTTP/1.1
Host: bsmsummit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bsmsummit.com/?utm_source=newsletter&utm_medium=email&utm_content=https%3A%2F%2Fd31hzlhk6di2h5.cloudfront.net%2F20221123%2F8b%2F6d%2Fba%2F2b%2Fd697bb16f54deff33ac0df06_640xauto.jpg&utm_campaign=BSM%20Summit%20Black%20Friday%202022
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 04 Jun 2022 22:08:03 GMT
accept-ranges: bytes
cache-control: max-age=21600
expires: Sat, 26 Nov 2022 17:33:53 GMT
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 0
content-type: application/javascript
date: Sat, 26 Nov 2022 11:33:53 GMT
server: Apache
X-Firefox-Spdy: h2