milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
34.149.204.188308 Permanent Redirect 165 B URL HTTP/1.1 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
IP 34.149.204.188:0
File type HTML document, ASCII text
Hash 65517c12b3c60f40207ea60799f729f9
6c7514d1a647600f724bb8507d896bc706b2ccd1
c41d3cf77ef4b7dfa39e2ec1c8bece58edb15f6e72f8b908c16036b2d1d01f0d
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Location: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Replit-Cluster: global
Date: Fri, 09 Dec 2022 05:44:02 GMT
Content-Length: 165
Via: 1.1 google
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20464
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Fri, 09 Dec 2022 06:50:33 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 05:08:17 GMT
content-type: application/json
age: 2146
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17741
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X3AJSqteC37BfgScS3ad0QxIA8fC5E/sdLCetQxidR/UQSRC09JIM/4NztG5P0WJg6uvzuF/3NU=
x-amz-request-id: WJVDR21FJVHFVNW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 04:48:11 GMT
age: 3352
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 05:44:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 05:07:55 GMT
age: 2168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 257a2e49955f5a4db81a08cc6255d84d
2d062a1f7c935a91edf532b9c71223652df1aeb5
09b2e8f43536a0ecec3e3b524baf990cda03add054197907e3a00a7bc8a76712
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "09B2E8F43536A0ECEC3E3B524BAF990CDA03ADD054197907E3A00A7BC8A76712"
Last-Modified: Thu, 08 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 11:44:03 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3694
Cache-Control: max-age=102263
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:03 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:08:26 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.150.237101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.150.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G2bgkOF4bsbCr0us4UAjSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E/+xY5qqjHqVOpiWjxEXeyn9ucY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 05:44:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 05:44:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46275ec87d8221804dbb99f95b035131
c47af4e5770daad212f4290527b00321285105f8
2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:56:08 GMT
age: 6477
etag: "c47af4e5770daad212f4290527b00321285105f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1be0ae00ba0c6009ac14c8df38b8ad0
33edd1469c54a08e3c4cb0003b87b225eba55b3f
ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 66357
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUoREPoIAMF4hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:31:33 GMT
age: 65552
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 80938
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06799a30d9977b0845f525ae82355d23
6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8DqbjuQMX0JOMpduQ1-wy_B1a957NXgsAHrZc1OwUzsmqJRKfkEpoA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:06 GMT
age: 28499
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 28361
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1297772
expires: Wed, 29 Nov 2023 05:44:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkGDjuy2qUhLKc%2B5NaSaKQbotLhgQeL9OtmT1z6h1ry5oe1RGbkuy6tu%2BaGIqaRam1js8k2tTTHiwx0G8rw0cDNSevAN3vaBSoNxhK97RVQQBYq5c40O72TSrLaGYvVdecVJxpHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776b6d4dd93bb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx
34.149.204.188200 OK 54 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx
IP 34.149.204.188:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash b0c811c03908e627769be91798d2ca39
ad404412666874be821e3189ee06683d60eefc77
47361c9f2b452dbef25f029bf719f03fc1e2330bd43ecceccb800c773e0824d0
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 206597
cache-control: max-age=604800
content-disposition: inline; filename="img-placeholder.gif"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/gif
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Mon, 30 Sep 2019 14:38:45 GMT
replit-cluster: global
server: ECD (sec/9738)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 54
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5
34.149.204.188200 OK 573 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (573), with no line terminators
Hash 3e81e948274b52f011e819d03e569bfa
d840bd9a5070bf52e24c35d4b481d03896778467
53c4c147e70a8c4b8c359b7794b6d1fe5658902f8a701a2ee20d62b6c0da9bbf
GET /page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 15269
cache-control: max-age=604800
content-disposition: inline; filename="logo-adp-fy19.svg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/svg+xml
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Fri, 15 Feb 2019 16:22:30 GMT
replit-cluster: global
server: ECD (sec/96DD)
strict-transport-security: max-age=315360000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 573
X-Firefox-Spdy: h2
milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-cdn.optimizely.com/js/6261340341.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/img-hero-guidebook-mas.png?rev=725014a6f2a84d4596b5573373e6dbf8&h=602&w=475&la=en&hash=6FDE6C4D418F9724327C91793785825A
34.149.204.188200 OK 19 kB URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/img-hero-guidebook-mas.png?rev=725014a6f2a84d4596b5573373e6dbf8&h=602&w=475&la=en&hash=6FDE6C4D418F9724327C91793785825A
IP 34.149.204.188:0
File type PNG image data, 475 x 602, 8-bit colormap, non-interlaced\012- data
Hash 2e92d261579717a24d82efd8a61ba8fc
a8f14d81d6e2b90e9252d0857a6df19c4ef8d3e8
8294ad9bd24dfbd0dd384a49ad6dc929f4fdf52fdf38bcbd69002162d1b11baa
GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/img-hero-guidebook-mas.png?rev=725014a6f2a84d4596b5573373e6dbf8&h=602&w=475&la=en&hash=6FDE6C4D418F9724327C91793785825A HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 355106
cache-control: max-age=604800
content-disposition: inline; filename="img-hero-guidebook-mas.png"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/png
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Tue, 18 Aug 2020 05:13:48 GMT
replit-cluster: global
server: ECD (sec/97A8)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 18939
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-208508211-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208508211-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash c28a61732d0fa98af478955cfa52997d
aa5d9b058a87222dd26ccc56abefa9579920f7f8
d4abdcb58965660183e9247d70c16e3e4eb0029d388f7d032db32256e504f89a
GET /gtag/js?id=UA-208508211-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 05:44:06 GMT
expires: Fri, 09 Dec 2022 05:44:06 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bf8858fa52de668b0013cf9ce66d290c
9c319173ee6a48c6e717e9e8764008564aabe7ba
93df528ead5887cbbcf51f83c9e6ffa451861ae3145296ab3dfc269067080933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=970d4f37618741169b96eaed7b7294cc
34.149.204.188200 OK 263 kB URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=970d4f37618741169b96eaed7b7294cc
IP 34.149.204.188:0
File type ASCII text, with very long lines (65315)
Size 263 kB (263204 bytes)
Hash 6c08f92aa398686615495fa70396ffb4
5823fbb70b8a455138a39bdee1233445cdc99210
17bc859cfc698577637cf223ee7ec76b6c34376cd9c77ce6a30c5374849f3cbd
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=970d4f37618741169b96eaed7b7294cc HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Wed, 07 Dec 2022 16:54:54 GMT
replit-cluster: global
X-Firefox-Spdy: h2
becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js
173.233.137.52200 OK 9.8 kB URL HTTP/1.1 becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js
IP 173.233.137.52:0
File type exported SGML document, ASCII text, with very long lines (26988), with no line terminators
Hash 9f6c6e7892a103f06ac8dfd147b51e3f
1c77f472226eeb5681a4636fe2f5f8a0380d18eb
9576462f746f185f4353cea99a3246a39b3dff6ca8ddc6dc7db3ea2267c58aad
GET /8fa04f55aa21f2ced2759b96e2702ac3/invoke.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5abae13c86aa9a659bfb73532bf039e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js
173.233.137.52200 OK 13 kB URL HTTP/1.1 becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (37128), with no line terminators
Hash d95c393a57f76131d776d6e75dc50e5f
0b942b7186176fef10b81f68b24bc896cdc5e797
c5c68aeb73c92c2b8525795af23accc8b2aa28829e0e10c65eef35cef012390d
GET /5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5b9be2f6b17f4e7277cdcd405abdaf24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 05:44:07 GMT
Last-Modified: Fri, 09 Dec 2022 05:07:39 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4Jf6RnzQxGEzWGAv29csXMOdptScV2VrgoKtVQT-tuqhDDI4oyxVPQ==
Age: 2188
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a46aa002701ae54f4de0d876a5069e2
3cf1e45da11d6583fda708c041d8c309ebe9ff37
70a2ca6ae9b2777aad1261c935a075c256a7d920c98affa64c8affef5d5ff85b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Fri, 09 Dec 2022 06:28:15 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 47666ce9f61368fd0163a93a197c2bb0
73a367f30446aedb69231ed7b0cb3844452931aa
bde69d03dba3b1e9852eef44218a59b3c3c34f8095c669840efcc5c65d66ae10
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=3df49832-2890-488d-a8ac-3f2f0490e577:3:1; expires=Mon, 06 Dec 2032 05:44:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f34dfb164851710f73c2c40259a647b
8893fd5c599cdf231ae13f4ab8c165fe64143924
cc13fe7acbbc71c3a704eb64b57aec95e7d0a2513143e06b182499ebd218a13d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC13FE7ACBBC71C3A704EB64B57AEC95E7D0A2513143E06B182499EBD218A13D"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5334
Expires: Fri, 09 Dec 2022 07:13:01 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 7c9c260994be6fdf4350a40bb4391067
869680337416c11c54a3ee10c9a6e601c5ec7e11
948585d009f8f8398946c69a91a0de04131aee950e89e535b4f10ab44a82885a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116665
Date: Fri, 09 Dec 2022 05:44:07 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:08:32 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j5ViXBALOeqx4HMFGXnkvYAfMArG5BvXUpgD-xWRaNMZIXM1X1QSwg==
Age: 2240
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 27c024fde29b621659b3a99460930099
1836f178afc1b5e97328dbbcf2130edb6c25960e
45f6edb0388ec043baee313b49ded8f7ac9ae0361f7ae413f76e66bb777d7fcc
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:07 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=a1078233-3686-4265-932f-9f4a16d30e2b:3:1; expires=Mon, 06 Dec 2032 05:44:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2a46aa002701ae54f4de0d876a5069e2
3cf1e45da11d6583fda708c041d8c309ebe9ff37
70a2ca6ae9b2777aad1261c935a075c256a7d920c98affa64c8affef5d5ff85b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Fri, 09 Dec 2022 06:28:15 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive
villasquinttolerance.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js
173.233.137.36200 OK 29 kB URL HTTP/1.1 villasquinttolerance.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 1baf5a7a86b88f05f0a7fcb784ad8fc6
c08244d724bc5c2f6ea57b8af496722273c921fe
19e4d5fd7531a368fbab266d6dcf2611c31fa3623ca5f049f69ff3313a021370
Analyzer Verdict Alert quad9 Sinkholed
GET /2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js HTTP/1.1
Host: villasquinttolerance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 630bda384607663aac430df4183523e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1 HTTP/1.1
Host: villasquinttolerance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Location: https://villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t
Set-Cookie: u_pl=16256856; expires=Sat, 10 Dec 2022 05:44:07 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2YvZnV0dXJlLXByb29maW5nLXlvdXItYnVzaW5lc3MuYXNweCJ9fQ.o-Bj9gAsqWcR4BXobRvtHSyS8hnJLC9GEOREzSGqdFw; expires=Fri, 09 Dec 2022 05:45:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 913201e339e9f38aad28b23b5308f871
Strict-Transport-Security: max-age=0; includeSubdomains
villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t
173.233.137.36200 OK 641 B URL HTTP/1.1 villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t
IP 173.233.137.36:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 5d72dda75b278f10c2786f219dc881c5
d293810f40c7b99f60113d83243f780d7cdd8678
7e3a5979f01563aca97edfb728e65c56ff0b3676d2d3b73e99eca4a7e2bdd318
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t HTTP/1.1
Host: villasquinttolerance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Referer: https://milsteelonline.com/
Connection: keep-alive
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2YvZnV0dXJlLXByb29maW5nLXlvdXItYnVzaW5lc3MuYXNweCJ9fQ.o-Bj9gAsqWcR4BXobRvtHSyS8hnJLC9GEOREzSGqdFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3df49832-2890-488d-a8ac-3f2f0490e577:3:1; expires=Fri, 16 Dec 2022 05:44:08 GMT; secure; SameSite=None
iprc80c1a048a73a20e43e53c0dfd0d58802=2717342; expires=Sat, 10 Dec 2022 07:44:08 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None
uncs=1; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None
pdhtkv27=true; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None
uncs27=1; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd51e7bc588af13de946a5bc3dd5daf2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20c99b6f90e79527529e55e3812a4a5f
0b246fcec861ad64893a04ece533921f2128f486
b23981d5a39c404350e87073a259ba44ada4962bb356ac8c488536407356bace
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B23981D5A39C404350E87073A259BA44ADA4962BB356AC8C488536407356BACE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 09 Dec 2022 07:23:59 GMT
Date: Fri, 09 Dec 2022 05:44:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 62f47c81ab77ad8756bf039e9c6b4250
44cc999843bd519ab799314e18deebc155a11c36
55d65c81111aea883a4bef500d125c540af55882694a71af3637ba4827ae327a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55D65C81111AEA883A4BEF500D125C540AF55882694A71AF3637BA4827AE327A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13860
Expires: Fri, 09 Dec 2022 09:35:08 GMT
Date: Fri, 09 Dec 2022 05:44:08 GMT
Connection: keep-alive
entitledbalcony.com/pixel/sbe?t=1&error=timeout
173.233.137.60200 OK 0 B URL HTTP/1.1 entitledbalcony.com/pixel/sbe?t=1&error=timeout
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: entitledbalcony.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856
173.233.137.60200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e3270836ccff25c4cc80f1743b68e780
712f834945d299d82abf66c30f4d348b434c112f
b826f323c32969b7e4c9a7e5f55152017c2c7ca59b213b07226f586236c71327
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 10 Dec 2022 05:44:08 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.fry_J-oqeT7rlPZHCqvpSiC4PaUXKo_G3UqKPDTTgec; expires=Fri, 09 Dec 2022 05:45:08 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7de6a68e5a328ceae3f56ede91cb818c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=807be2a3900f9616bfcd1ffbd37963b994fa899559e2363b694c4c63c5042536cdbab1a65fbc49c890c3ea617e6d5c0d315b0dc49e81c3b6d8c79c127f24541a014d53324b57a0186907102fccf48ffac90a5d3c9bbd7a07b9c4bb5f2cd85133&pst=1670564708&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856
173.233.137.60302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=807be2a3900f9616bfcd1ffbd37963b994fa899559e2363b694c4c63c5042536cdbab1a65fbc49c890c3ea617e6d5c0d315b0dc49e81c3b6d8c79c127f24541a014d53324b57a0186907102fccf48ffac90a5d3c9bbd7a07b9c4bb5f2cd85133&pst=1670564708&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=807be2a3900f9616bfcd1ffbd37963b994fa899559e2363b694c4c63c5042536cdbab1a65fbc49c890c3ea617e6d5c0d315b0dc49e81c3b6d8c79c127f24541a014d53324b57a0186907102fccf48ffac90a5d3c9bbd7a07b9c4bb5f2cd85133&pst=1670564708&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.fry_J-oqeT7rlPZHCqvpSiC4PaUXKo_G3UqKPDTTgec; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
Set-Cookie: pdhtkv=true; expires=Sat, 10 Dec 2022 05:44:09 GMT
uncs=1; expires=Sat, 10 Dec 2022 05:44:09 GMT
pdhtkv28=true; expires=Sat, 10 Dec 2022 05:44:09 GMT
uncs28=1; expires=Sat, 10 Dec 2022 05:44:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bea77098553294b0eb96511148c489f5
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a08c571cd4340e3d28251e8a31519bb
97738e433946137b687bea557a28c46f3e9ceb56
18d643602328b357194b80b307cf1e4e063a652bb07549f1c4bd7a1f5a9e80b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18D643602328B357194B80B307CF1E4E063A652BB07549F1C4BD7A1F5A9E80B4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5589
Expires: Fri, 09 Dec 2022 07:17:18 GMT
Date: Fri, 09 Dec 2022 05:44:09 GMT
Connection: keep-alive
us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
38.100.129.135200 OK 2.1 kB URL HTTP/2 us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
IP 38.100.129.135:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 77592264693838b3c7adc6b6774b1117
701a6d606039acb90b4bc942c2541a4d339d1288
49a1d8f1a0e83f9315aca5cd2a4a136a5f22ee89c95e3675e4e288b3bbc171b1
GET /postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57 HTTP/1.1
Host: us.slowww.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty/1.15.8.3
date: Fri, 09 Dec 2022 05:44:09 GMT
content-type: text/html;charset=UTF-8
content-length: 2086
X-Firefox-Spdy: h2
us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57&token=06d86d3e02fbb77182d890ee47787837&timezone=0&iframe_test=false&webdriver_test=false
38.100.129.135302 Found 0 B URL HTTP/2 us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57&token=06d86d3e02fbb77182d890ee47787837&timezone=0&iframe_test=false&webdriver_test=false
IP 38.100.129.135:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57&token=06d86d3e02fbb77182d890ee47787837&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1
Host: us.slowww.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 0
set-cookie: platform_user_id=desktop:b9ce734ea0955fdbdaef46d4d37c6039
platform_user_id_3rd_party=desktop:b9ce734ea0955fdbdaef46d4d37c6039; SameSite=None; Secure; Max-Age=31556952
location: https://www.pricecomparedeals.com/no-no
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 975 B IP 93.184.220.29:0
Hash 00229044d309631a076c6775b14a214d
87915b2b22543386659ac69ec7af5d55763278dc
28c5b8281b4284f661be516bd084a1ceb24398e3bf058db8a442e567521daee6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3686
Cache-Control: max-age=96869
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:38:39 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 703 B IP 93.184.220.29:0
Hash 282a63814ab86dcff3903c109b9d5a14
cb2680c2236adbd5bd43552bad450c98d5212d67
fda90e14253b439e171354106b642e84d197ff0ef7d45f3d5134d71b173b859c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=97405
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:47:35 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2986
Cache-Control: max-age=112348
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 12:56:38 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 17 kB IP 93.184.220.29:0
Hash a6aad4c6d5a4e5ce53de8243748d9254
d73fa2134be4a57f347edb4e6df49ddc5d8d3f11
60bb9d3e916b6ad495e2516f6b3b85005f5d1045cf3f4fab13c7bf936fb09239
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1683
Cache-Control: max-age=94866
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:05:16 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279
cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
104.21.34.224200 OK 389 B URL HTTP/2 cdn.dealsfor.life/23x9/GG201910181329540253000000000000_bandeira_noruega.jpg
IP 104.21.34.224:0
File type PNG image data, 23 x 9, 8-bit/color RGB, non-interlaced\012- data
Hash 3985c40fe38e6b8cb2b7de1b2987cffe
7c0328120073e47ffe990c218a3318c8edd675c5
c82d89e379fa3c6a82fcf1b943144c7f61f007828904ff2beccfe127396e9369
GET /23x9/GG201910181329540253000000000000_bandeira_noruega.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: image/png
content-length: 389
x-amz-id-2: IiusZnti6Fc7BErGOmKVn5uyZZ1stcsC2EzgNj+4XO4RSAaDs23tubfUnp2QwmDDN7MmZncjAhM=
x-amz-request-id: 5V2P1FFTF27KNSDX
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "3985c40fe38e6b8cb2b7de1b2987cffe"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eei9%2FIGRp3QVnjymRUcjhT2tDA4GH4fY74JzdQJGQrVO7q53jKuaz7ftsKQCl7W1YYJfRHIv2aDfwIIHWUIJ%2FE2PF3lbb928WeDlVgA9VNSZQhsbf%2FAhmIS1%2BDRWhjwfMWR6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e220b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
104.21.34.224200 OK 13 kB URL HTTP/2 cdn.dealsfor.life/210x210/GG202006090809160963000000000000_decoration.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 210x210, components 3\012- data
Hash a950c8fffccbf994e7eab4cbdc4afc79
0ae9de6c62eb474f9fc1d3fe74240c92d555711b
c430a67352d95e657b6f81cee177cb771a9b8b289a66043021386d8b069f20e1
GET /210x210/GG202006090809160963000000000000_decoration.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: image/jpeg
content-length: 12794
x-amz-id-2: 6wnXaESSMB4fqASE7N+8ehTPOVbYvW3DlTDmjNmF7ppTk38+FuY2X/Q4Cz9O3q+wkmPY2nIV5dQ=
x-amz-request-id: G0SH0AH2J6PTJ52B
last-modified: Tue, 09 Jun 2020 08:22:03 GMT
etag: "a950c8fffccbf994e7eab4cbdc4afc79"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ00GQO2%2FS2io3LmTr0pnDbLL61Gmrigjvlt7pY6BAuMI9Yy4z3RMhsZ9LT5e5zsk8oNIx5CChLVQWfdEsK4Kb48dURjXB6vTy33coKN7saweUVJB2ucUvOZqKuXlFwo21DiHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e250b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
104.21.34.224200 OK 25 kB URL HTTP/2 cdn.dealsfor.life/630x315/GG202006050817010094000000000000_fashion.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Hash e4f10f00dbdfc76dac0b06e12e76dd81
4b016a4493756924b8fb40a9f1391d1378c07cf3
a8bef644a63472bb106be50ae79c3eaf5e10d49f1f8c207564036e07b01781d9
GET /630x315/GG202006050817010094000000000000_fashion.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: image/jpeg
content-length: 25059
x-amz-id-2: SFrxRe2sKqmtTHg2kUJx1wbyxEhgFybnCJYi5BNqrVrAbwkmvZEFyZiJuduYcLWF5JD3QgkVXHc=
x-amz-request-id: G0SVY3EKCWSRK22K
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "e4f10f00dbdfc76dac0b06e12e76dd81"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBmvjEme5eny3w7gcBfYcS5OMBsQkvr0TK0QzR%2B1bk6faR%2FrzQJToUgjtzsyrQFzHyS%2BCt%2FrCwsHoVkVcOUG0WVWCzhwtY7XxzEfFWH1jl8Px8vWgDMFs8wQOF2qYBFsn0faDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e230b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 4.4 kB IP 93.184.220.29:0
Hash 20276d277a271cfaa98d72974a7de04e
4f10b4f63dce557aaac46d647a8bc0e16edbdc9e
ba669b942fd07b6b4a45dc1fc71340f100c60895c139d44f1f8681435dad50a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1818
Cache-Control: max-age=95001
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:07:31 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 279
cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
104.21.34.224200 OK 37 kB URL HTTP/2 cdn.dealsfor.life/630x525/GG202006090803570037000000000000_elektronics-v1.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 630x525, components 3\012- data
Hash 7f936cedd7e479eb865f1bfe1c63e945
4088966128f5171f9750dfd5f83ed2f8c517090e
cf3f17e5d372b10391a1ec46de26be3e83ca3c37f22d6103aee48e6d210d906a
GET /630x525/GG202006090803570037000000000000_elektronics-v1.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: image/jpeg
content-length: 36766
x-amz-id-2: IMq+Sz4LUZ8TzgKFeRC0y762GUTn0rNSWCEjpr4iZLOb0//ZFbRumy9jOX7Bs0XWmwExjRcUDY8=
x-amz-request-id: G0SNKTHS1EEHKAYY
last-modified: Tue, 09 Jun 2020 08:22:04 GMT
etag: "7f936cedd7e479eb865f1bfe1c63e945"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVy7MP77bSBn%2F2lmVeHVVJbYH1FVjXzHtDsfPqGHe3bZ%2B%2FoyuxPn%2F9gnBqp6ks%2FSeBV1eHXOZzIT6BHWdsLnJxOjUcGMhxwvlPnlhPTbJU%2BLnUDnPC5aC2oWkcUU2lOUZUdivw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e260b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
104.21.34.224200 OK 18 kB URL HTTP/2 cdn.dealsfor.life/420x210/GG202006050826060263000000000000_travel.jpg
IP 104.21.34.224:0
File type JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Hash d2e157616b039f93a4dc696b5b96938e
6e0e4a332b81a4388915f206f73d58dcde204b29
2cf032115b870ef9a2790db489949898c24d39f8b8e93ce82fe59adc9255405e
GET /420x210/GG202006050826060263000000000000_travel.jpg HTTP/1.1
Host: cdn.dealsfor.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: image/jpeg
content-length: 17960
x-amz-id-2: +jmNAUjjBw2hbB920mmdDVmSVrE7+aPyB7OpV4R5urq4cwxHFTmHcVfVf5hvJ9rh0pVjldA4qQQ=
x-amz-request-id: G0SS5X69TG09BDGC
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "d2e157616b039f93a4dc696b5b96938e"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8ZR0WZ147FdvrLZjAp8w7aqO7XnyT2olDoX%2B6bnDeuSRUMUr0Joqw%2BPHnWXggsECi0Yn8D4lZ6halbDrTtR1kVDqIFYzH9vdNuIUsXOT%2F%2B55O0c83xHBXXxTcE1kcmiTQuwSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e240b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 17 kB IP 93.184.220.29:0
Hash 3ca94652d5e03ba9c48ca70a427741e3
3ab500c2775f294401afe6e81dd3a2a1550c4670
f0d73f746bb75060df37c0a42c921e137be2e438ae0115e50c060f7a8a6ef977
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=93183
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 07:37:13 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 333ff5489c3d3ab47e339291cd6f6a3e
e392aa2cf644ddfcc3a70d1058cf4720477b8a7c
a84781ba27c0be055ba55c80e7e5622ee422986e841c376d446a6c68dbe6358f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=97405
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:47:35 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.133.15200 OK 12 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54456), with no line terminators
Hash c073a65a817fcb6fab31caab36a8a1d1
3067cfaa4ce192c00244af0a7334b20896523f0d
ca5fab17cb46006fcbad5bc6bd5e9d5ab5f6d16c4d64656307b85900e00e510d
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: text/css
x-amz-id-2: R2i9G2ZJK7zdhMx4WcXVJws5PK1EfeVqT1BYTnCpV9tBld+xTbgNrqP0AjVCclp5EcX9LUmZMqY=
x-amz-request-id: XRHNWGJP5AFFKWDK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2584614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck2aHaTSycWcT2HJhi5lyygOM5ButX0xmD7xyOsU1mH%2F8uTuK0U0hAOOQ%2BhD6C6Iy15U75kjxAuoaM6F2lHCxHhyGgnL6BwV0%2FmcuBlJoTW5xXMx42LAy3VmvVTar8jTOeqPIraW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b6d694bb7779d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,600,800
142.250.74.106200 OK 26 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP 142.250.74.106:0
Hash 688a9ed4bafee0bc1bd7ce9ce15b4d0e
96221327dd44161310c02914332f6aebe75ca664
07f39bb66157bde392a2f09403766cec5af0eaad141d02ca5e4ac544322b4b2a
GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 05:44:10 GMT
date: Fri, 09 Dec 2022 05:44:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.pricecomparedeals.com/no-no
104.21.94.144200 OK 31 kB URL HTTP/2 www.pricecomparedeals.com/no-no
IP 104.21.94.144:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1238), with CRLF, LF line terminators
Hash 15ba3394ed0ff50f2894e49152f59c09
4031d3bf8eb624586e53da8ef8544af2cb91e77f
e0c849066cbecd64c437e193fc9ad3023a05a339f1491f0d7477d76dcc7a70bb
GET /no-no HTTP/1.1
Host: www.pricecomparedeals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.slowww.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=1800
cf-cache-status: HIT
age: 4087
last-modified: Fri, 09 Dec 2022 04:36:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNUzyM5h5sR42sMnGDqLK8mgGHZddUX4oHYb0dr%2FL%2FlqOcW65kAoqFWnfAKs2yGt2r5AQziKR%2Bk7Jn9egDZ6n9S1cTaaDznyhUXR4byq0V5mj%2FFOEbts64CK0n8QbUcCwkFRwgYmu5DZChHi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d67fa67b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Hash 462806316fea535a6a57651bc2b000b0
80644191098f863f25be27841c0d92c452cf2327
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:10 GMT
content-type: font/woff2
content-length: 74348
x-amz-id-2: TtRJtEu72fwb6dQilLBWH2Hv2TMdJEbLHf+VIjAgcWNxiwEJfaTT35zHB1hJG5O4j2+AN9KqKHI=
x-amz-request-id: 6ZVN0N8Q0YKDHH3Y
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 986746
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp5e15KFSxHZ5kwHSNcuQa0Lh5BhRSyF8XzXOj9KFLtTiUS45mwv%2BIRQcZ%2BfnRsQH0K6Ip201YzacqLphcSQfOXDcD8iqhi05PRQRylTtVEeCLl%2B%2FSWpuerT3rnkt6y4Pebv0sO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b6d6a2c34779d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 54 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
Hash a71bfdbdab8236820a3b54b3147a4f3a
8f09bf38332e4dbf8e4240a5a1d1a178a8de6ab6
ce38f237ef9f9e16ecfe2825d3db97874485c06c3d84b1eb2a4e7dfe301b3a67
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 298289
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=126375
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:50:25 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 91cc212276bede2ed8fb49a130506932
2a384532df9d4b8404e47ec87f38a43863bae1b4
83b91bb3d726323ad32da4b1da2a4efbba2ed0d9430606f83524917d44bd9a87
GET /pt_BR/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fce57ad60351a89fc6db8db69f467996
etag: "94c8e4090d1054a07216ad39b6f5c651"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 05:54:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: kcwhIna+3i7Y+0mhMFBpMg==
x-fb-debug: ZV1L0OxSa6SQFLNAwjpiFFt4yrd/E83iB0tpZlA3df016IVhZYQr+Z9RNmP6Lao7K89nFxY0VIy3QAdtE9tnDQ==
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 05:44:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=126375
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:50:25 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pt_BR/sdk.js?hash=08c8ee0f16051ca0d8d2fc4a3a406c7f
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/pt_BR/sdk.js?hash=08c8ee0f16051ca0d8d2fc4a3a406c7f
IP 31.13.72.12:0
Hash c51ffa14e657f368f6611b88de641766
1cf943acbeff5c7838697fa283ab7d8ae0bed93d
60054b894e66875329ae6005226ddd27b6222022fa64fd86e1d7cdd2a09392af
GET /pt_BR/sdk.js?hash=08c8ee0f16051ca0d8d2fc4a3a406c7f HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c2361526d45442f81e4037dccfafb0a8
etag: "44d184ba7e5cacbd9d938221e4f0ab93"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Dec 2023 23:47:26 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: YiGoIgVUl2mUFkTYDBT+kA==
x-fb-debug: y6CiNtT7n1XLr//juDVFBWQSHTQMJKQuf148FZPFsPD/eK34whHSTCEpkIT4bgbzkT1YwvOqX6Aj5CYET4m2pg==
content-length: 87028
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 05:44:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg
54.230.111.55200 OK 48 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c083577c9bda386c9ebf82debca7f27f
56e9060d558c5eeeec8433e855da96d35fdac660
ab139c9577bd9fb36b83d5ce6fa08656ea65af486cd32e791010d2d52215950e
GET /product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 47590
x-amz-id-2: R19D9TXEYB0L0CCFrvebEr6n8tdh9T2vd+j06zhx4VD2UvaX7ryVMloU3/AmmxeYrvU6w8C5kKo=
x-amz-request-id: DEBWMFSVM2DJXZF8
date: Sat, 03 Dec 2022 15:02:42 GMT
last-modified: Mon, 07 May 2018 08:33:41 GMT
etag: "c083577c9bda386c9ebf82debca7f27f"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 49aCk0i7SoLP4JKfE0xaSlalj5dCdw6qatwqO90qk3jTOp1hM9C8nw==
age: 484890
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/1/E4850-1/E4850-1-1-ebe9-8FG1.jpg
54.230.111.55200 OK 23 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/1/E4850-1/E4850-1-1-ebe9-8FG1.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0d1d32059c98386bb3c4eae3924e0434
051c7ad70c0c01712cac673f841a26f5597e4651
ba482af346765eeaa430a46d537e49b1ada377e46e0b67a97d5cecb6428bfd6c
GET /product/xy/500/500/p/gu1/E/1/E4850-1/E4850-1-1-ebe9-8FG1.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 22742
x-amz-id-2: Fp7YTJtIZvmiEYFo5sXOv3kLtzmke9RZV5JUHKuwScRBXfJY1JgDayDQtn6rAVhFMjbc8IvqUbg=
x-amz-request-id: ABVMFMVWSZJT1256
date: Mon, 14 Nov 2022 00:23:03 GMT
last-modified: Thu, 25 Oct 2018 03:33:20 GMT
etag: "0d1d32059c98386bb3c4eae3924e0434"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7eounPgdawn4YIChkPFuZGGaKobNP1v3Ypl_JWKR_sFz3kjeFbSAIw==
age: 2179269
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAE1047W/PAE1047W-1-9dd4-y1XK.jpg
54.230.111.55200 OK 12 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAE1047W/PAE1047W-1-9dd4-y1XK.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9c5edcd2465f2eb2fa572dbfc2862e11
8084a50ed7762ef9a56bbb2c38ee9d079e18055b
92f3542d592b0555f28cd6e00e7023f9826157d9ed87d13665a9487f88e6cf91
GET /product/xy/500/500/p/gu1/P/W/PAE1047W/PAE1047W-1-9dd4-y1XK.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 11796
x-amz-id-2: 3uRHmbWY3PB866waDcwEi0xCeHPk9IlijHDaInHvL3EaBYmvyetH8xyxMvQyvl5jAGisW5Um7es=
x-amz-request-id: 8YS6K16EPR7EDE12
date: Wed, 23 Nov 2022 03:48:29 GMT
last-modified: Mon, 06 Sep 2021 13:31:22 GMT
etag: "9c5edcd2465f2eb2fa572dbfc2862e11"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59M0cBeSxl3o1yzRp6CUfZJ9wKCuMKI46U2sI-1EHHlQZMMTzZTnPQ==
age: 1389343
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y16482R/Y16482R-1-c416-YIyr.jpg
54.230.111.55200 OK 26 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/Y/R/Y16482R/Y16482R-1-c416-YIyr.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5c2ce469cd3cb183da2b2a771d70337
cf0476c64fe26d41697557f7f94e6a8b4df8870f
50da3db322da8a74e55f86a2ec0a047ba3917bd17a8515b4c1fd1b3bbf27d4b2
GET /product/xy/500/500/p/gu1/Y/R/Y16482R/Y16482R-1-c416-YIyr.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 26330
x-amz-id-2: DYmi4axRPEW5KWQl6rahM5Bv+KyD7zq3itRs1eXnK+PxsQd2MzW5ZNANftuk4QIkafoTW0eEz/M=
x-amz-request-id: SRC3BEV5R2AEEWN2
date: Sun, 27 Nov 2022 02:03:40 GMT
last-modified: Fri, 04 Sep 2020 08:39:08 GMT
etag: "f5c2ce469cd3cb183da2b2a771d70337"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZAHfGc2Lf0sjywHDlfvH8ftKJEZI6YT8_x3xZaPBKeqlhROOjHnuLQ==
age: 1050032
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/C/B/C9930B/C9930B-1-5d1c-KwLm.jpg
54.230.111.55200 OK 20 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/C/B/C9930B/C9930B-1-5d1c-KwLm.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 80fb11bc4878bba87a07250760b18e40
124daadf1c2a783fea0fa47f55129b6acb16ac26
438e3b46732f0c2c82e0201916d3772ce7afb22c242ddbb007a016d9144c041e
GET /product/xy/500/500/p/gu1/C/B/C9930B/C9930B-1-5d1c-KwLm.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 19870
x-amz-id-2: QL4VHfWyKjwQutdcXaP/xAAhqmUZakP00hWAGuica6r7nxw38uCTm+k0Pac8HM+lSMcDD5T8e+A=
x-amz-request-id: VQ7HB2ZF350CXYCG
date: Mon, 05 Dec 2022 00:24:28 GMT
last-modified: Thu, 19 Nov 2020 12:11:08 GMT
etag: "80fb11bc4878bba87a07250760b18e40"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -0CNNrbQz81FWAUmw7C6RNdEtVcGSQdjO23YsY8oxkgMEMQVn9vw0A==
age: 364784
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/Y/2/YA16506-2-12/YA16506-2-12-1-31c6-r6Ai.jpg
54.230.111.55200 OK 34 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/Y/2/YA16506-2-12/YA16506-2-12-1-31c6-r6Ai.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 020937fce16dd14ce0aad41ff0cb1c75
ba5d177468469f75f642889677e5d5ef12ae6c8a
30eca2bc0f26239f9023cf86c8e31ded5e066deea5ca989f4f8a4c711a3cdf04
GET /product/xy/500/500/p/gu1/Y/2/YA16506-2-12/YA16506-2-12-1-31c6-r6Ai.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 33658
x-amz-id-2: GJhprgPvuLS4iJbwlfLju25Ip1TU6Bmt58dgfQ/50C6RXAtg/7XZlGrjOrd68RKiSpkalgB+PMw=
x-amz-request-id: CM4BWHZXRMKRBC6D
date: Tue, 29 Nov 2022 00:24:36 GMT
last-modified: Tue, 11 Aug 2020 19:27:06 GMT
etag: "020937fce16dd14ce0aad41ff0cb1c75"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBYtb9KvniOTmNCx5B958K9BX-nTYE2unbi0iQ8MDVVVwYg2rcpTYQ==
age: 883176
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/I/0/I4930/I4930-1-9da8-DCLD.jpg
54.230.111.55200 OK 29 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/I/0/I4930/I4930-1-9da8-DCLD.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 49b7f29c5b008d37d9c73679e2560875
7615ea9d98e2b2bea0b820c167331e9d7af7bca1
6caac1fc15a4e0c64d62e20bdee28ddf0fcfa03ed231c8948b9761666bc789d0
GET /product/xy/500/500/p/gu1/I/0/I4930/I4930-1-9da8-DCLD.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 29130
x-amz-id-2: 3fT+7OftVLpUlAmpRy3SH72NaI2/mi7teKuAW4XJx0Tr9SxJezh6hKB60wL1tO1EKkjikPwixgU=
x-amz-request-id: SYJCMH9DKJ2FD85Y
date: Thu, 24 Nov 2022 00:22:56 GMT
last-modified: Fri, 23 Aug 2019 13:08:48 GMT
etag: "49b7f29c5b008d37d9c73679e2560875"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4bnc-xtJphgQ75EkMPYYkykKL1RvTRCuxNVthbaVVeipCZ54N9uZhQ==
age: 1315276
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/I/9/I4919/I4919-1-521b-gtIF.jpg
54.230.111.55200 OK 21 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/I/9/I4919/I4919-1-521b-gtIF.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash addfa34e846ae1812a23c65aa7d68fc4
14d843e00fecef4e4912f9074107336ee623d729
630ab24f0662faffb202bf0f208636b61a3f386b0ebdc6d15472d9a1598c9119
GET /product/xy/500/500/p/gu1/I/9/I4919/I4919-1-521b-gtIF.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 20950
x-amz-id-2: iFS2REsc27t9dPDDSgHxRvz/WScG2eTUa6/y1Au20a4b0zePBIZuifohwHtGSORmmP/N9O2b3Xk=
x-amz-request-id: 5HZBKD758W1J7762
date: Sun, 04 Dec 2022 00:55:32 GMT
last-modified: Thu, 22 Aug 2019 09:54:49 GMT
etag: "addfa34e846ae1812a23c65aa7d68fc4"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IqpPsdePSRYJK5rl7HwnRSP1S8IexzZYkQfR4D4sv2uQr2x1bV9MXA==
age: 449320
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg
54.230.111.55200 OK 36 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg
IP 54.230.111.55:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57841c6dfcda20efe0aa442e86ee8fa7
da9ffde8a0a3b8971c2efce9db232fc4cc6a9e99
e7372cc4734516b1836d4e8522fee9d1f267d72d9d6f1ec6d91e224126a6b1c5
GET /product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 35874
x-amz-id-2: fTQFXPJz1Bg7vqsqgSeAdX+e6xRTD0dtAwWmJ+I1E8FlPpfmD7+w6+ZB/B+lGNzx+eaHixkNBtc=
x-amz-request-id: H6S0JHD98VQ46CJ5
date: Tue, 15 Nov 2022 00:46:29 GMT
last-modified: Fri, 18 Oct 2019 13:33:47 GMT
etag: "57841c6dfcda20efe0aa442e86ee8fa7"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DvBZ-Tb2qF5iL2ONDhxAXyGvocMd19fqbCzabhbmGMjMvbkPzOAGgQ==
age: 2091463
X-Firefox-Spdy: h2
img.tttcdn.com/product/xy/500/500/p/gu1/E/4/E2263Y-4/E2263Y-4-1-9350-UiVH.jpg
54.230.111.55200 OK 47 kB URL HTTP/2 img.tttcdn.com/product/xy/500/500/p/gu1/E/4/E2263Y-4/E2263Y-4-1-9350-UiVH.jpg
IP 54.230.111.55:0
Hash 7958dc55f718d5f899556f7703ba6de7
25b2c714e732de27914b1c47ecef3a1982024403
69cf6a6694d47f2f7b1fee2f7c2e87fee4d1a19338cb6e4740aa67a62cf6d554
GET /product/xy/500/500/p/gu1/E/4/E2263Y-4/E2263Y-4-1-9350-UiVH.jpg HTTP/1.1
Host: img.tttcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 44302
x-amz-id-2: LBcIRMCTWouldBM84Ff6CoqyA7U+YhJbjziBZgGwW8k/D6cClc08Zui+FgwWbSSGqk02Cyrzwxk=
x-amz-request-id: BJWVKGYFQKNCVCKE
date: Tue, 29 Nov 2022 00:22:05 GMT
last-modified: Mon, 14 Dec 2020 11:10:51 GMT
etag: "f033b086e3e54b7d24d541c77e41078a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QR6YehsF-EdfDHDx_EiIjn3Np-6-XgUfTnJiyJDIOtfMLCdgOVa9kQ==
age: 883327
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.slowww.xyz%2F&if=false&ts=1670564650075&sw=1280&sh=1024&at=
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.slowww.xyz%2F&if=false&ts=1670564650075&sw=1280&sh=1024&at=
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.slowww.xyz%2F&if=false&ts=1670564650075&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 05:44:11 GMT
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.162.31200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.162.31:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 05:44:07 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ad0f162eca2ffaadd7b6e5e4b01f7915
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Dec 2022 05:44:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYXApGLA4r6pTkG1UonbFeyLGMJwvFKMA0VLzdaiZJeViK%2BsiQHIc7xv1mz3PoKDBMTDrsppiZEzZNy9eqmJe3w0e0OsKkCeZsHiVdcE7TGZgMV0Dksd3HUNIr0Kg%2BC4%2F7nuBOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d576e4774f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f
IP 34.149.204.188:0
GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 04 Oct 2022 22:21:06 GMT
replit-cluster: global
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
IP 34.149.204.188:0
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 09 Dec 2022 05:44:04 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2
milsteelonline.com/assets/inject.js
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/assets/inject.js
IP 34.149.204.188:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/inject.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2