Overview

URLmilsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
IP 34.149.204.188 (United States)
ASN#15169 GOOGLE
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 05:44:14 UTC
StatusLoading report..
IDS alerts0
Blocklist alert16
urlquery alerts No alerts detected
Tags None

Domain Summary (28)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
milsteelonline.com (13) 0 2019-08-08 11:31:32 UTC 2022-12-09 04:55:02 UTC 34.149.204.188 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-12-08 17:17:18 UTC 172.64.133.15
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-12-08 17:11:00 UTC 23.36.77.32
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-08 17:14:43 UTC 142.250.74.40
entitledbalcony.com (1) 0 2022-12-06 01:34:53 UTC 2022-12-08 17:33:26 UTC 173.233.137.60 Unknown ranking
connect.facebook.net (2) 139 2012-05-22 02:51:28 UTC 2022-12-08 17:12:05 UTC 31.13.72.12
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
villasquinttolerance.com (3) 0 2022-12-06 02:13:24 UTC 2022-12-06 02:13:24 UTC 173.233.137.36 Unknown ranking
img.tttcdn.com (10) 648109 2017-12-08 11:38:44 UTC 2022-12-09 05:44:10 UTC 54.230.111.55
www.facebook.com (1) 99 No data No data 31.13.72.36
cdnjs.cloudflare.com (1) 235 2012-05-23 12:49:49 UTC 2022-12-08 17:12:31 UTC 104.17.24.14
ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 216.58.211.3
ocsp.sca1b.amazontrust.com (2) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 54.230.245.39
www.spikereekvelocity.com (2) 0 2022-10-19 14:11:25 UTC 2022-12-08 12:10:03 UTC 173.233.137.60 Unknown ranking
fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106
www.pricecomparedeals.com (1) 0 2022-10-13 01:11:21 UTC 2022-12-07 11:37:57 UTC 104.21.94.144 Unknown ranking
r3.o.lencr.org (10) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 23.36.77.32
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
becomesnerveshobble.com (2) 0 2021-10-07 15:04:25 UTC 2022-12-05 04:59:22 UTC 173.233.137.52 Unknown ranking
simplewebanalysis.com (2) 0 2022-02-25 04:06:25 UTC 2022-12-08 17:33:26 UTC 52.28.211.11 Unknown ranking
fonts.gstatic.com (1) 0 2014-04-02 10:51:04 UTC 2022-12-08 17:14:55 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
friendshipmale.com (1) 0 2022-10-21 12:15:25 UTC 2022-12-08 15:59:11 UTC 172.64.162.31 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 34.210.150.237
ocsp.digicert.com (10) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
us.slowww.xyz (2) 0 2022-12-07 17:12:20 UTC 2022-12-08 19:24:24 UTC 38.100.129.135 Unknown ranking
cdn.dealsfor.life (5) 0 2020-01-13 08:24:56 UTC 2022-12-08 07:19:52 UTC 104.21.34.224 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans- (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans- (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans- (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans- (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/sh (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base (...) Phishing
2022-12-09 2 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights (...) Phishing
2022-12-09 2 milsteelonline.com/assets/inject.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-09 2 villasquinttolerance.com Sinkholed
2022-12-09 2 villasquinttolerance.com Sinkholed
2022-12-09 2 villasquinttolerance.com Sinkholed
2022-12-08 2 entitledbalcony.com Sinkholed
2022-12-08 2 spikereekvelocity.com Sinkholed
2022-12-08 2 spikereekvelocity.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 34.149.204.188
Date UQ / IDS / BL URL IP
2023-01-30 14:53:47 +0000 1 - 0 - 9 overjoyedunsteadydevelopments.resetpas38.repl.co/ 34.149.204.188
2023-01-30 14:49:47 +0000 0 - 0 - 2 login.bancabcp.repl.co/ 34.149.204.188
2023-01-30 14:02:12 +0000 0 - 0 - 50 eft4.te43wed.repl.co/ 34.149.204.188
2023-01-30 13:53:51 +0000 0 - 0 - 2 colombiaphp.bancophp.repl.co/ 34.149.204.188
2023-01-30 13:52:45 +0000 0 - 0 - 44 ef4ew.76td.repl.co/ 34.149.204.188


Last 5 reports on ASN: GOOGLE
Date UQ / IDS / BL URL IP
2023-01-30 14:53:47 +0000 1 - 0 - 9 overjoyedunsteadydevelopments.resetpas38.repl.co/ 34.149.204.188
2023-01-30 14:53:15 +0000 0 - 0 - 1 jmariecompany.com/korg_sihytzsf95.bin 34.102.136.180
2023-01-30 14:49:47 +0000 0 - 0 - 2 login.bancabcp.repl.co/ 34.149.204.188
2023-01-30 14:49:07 +0000 0 - 2 - 0 r5---sn-qxo7rn7r.gvt1.com/edgedl/release2/upd (...) 173.194.54.170
2023-01-30 14:49:03 +0000 0 - 2 - 0 r1---sn-qxoednee.gvt1.com/edgedl/release2/upd (...) 74.125.9.6


Last 2 reports on domain: milsteelonline.com
Date UQ / IDS / BL URL IP
2022-12-09 05:44:14 +0000 0 - 0 - 16 milsteelonline.com/page-https-www.adp.ca/en/r (...) 34.149.204.188
2022-12-05 04:59:20 +0000 0 - 0 - 29 milsteelonline.com/page-https-www.adp.ca/en/r (...) 34.149.204.188


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-11 18:21:50 +0000 0 - 3 - 1 all4you.lv/ 45.84.207.41
2023-01-01 07:50:35 +0000 0 - 3 - 50 www.skidrowcodex.net/far-cry-6-ultimate-editi (...) 172.67.217.92
2022-12-26 05:36:51 +0000 0 - 3 - 30 www.growtools.live/ 139.59.79.143
2022-12-22 00:44:24 +0000 0 - 3 - 18 www.dogefiles.io/download/63920b7284ac6a3e6c66b5a6 76.76.21.9
2022-12-07 11:38:03 +0000 0 - 0 - 5 935soniasullivannews.blogspot.com/2022/09/ant (...) 142.250.74.161

JavaScript

Executed Scripts (35)

Executed Evals (2)
#1 JavaScript::Eval (size: 29) - SHA256: b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4
var dfc221c35e = Number('');
#2 JavaScript::Eval (size: 469) - SHA256: 19bb2d070eface4d325691e9b56e6a1f3e2f97fb6cf031102c03cc3a50b7efe6
           if (typeof dfc221c35e !== 'undefined') {
               if (!isNaN(dfc221c35e) && dfc221c35e > 0) setTimeout(function() {
                   window.top.location = 'https://www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856';
               }, dfc221c35e * 1000);
               else window.top.location = 'https://www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856';
           }

Executed Writes (0)


HTTP Transactions (91)


Request Response
                                        
                                            GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         34.149.204.188
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
                                        
Location: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Replit-Cluster: global
Date: Fri, 09 Dec 2022 05:44:02 GMT
Content-Length: 165
Via: 1.1 google


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   165
Md5:    65517c12b3c60f40207ea60799f729f9
Sha1:   6c7514d1a647600f724bb8507d896bc706b2ccd1
Sha256: c41d3cf77ef4b7dfa39e2ec1c8bece58edb15f6e72f8b908c16036b2d1d01f0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20464
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3990
Expires: Fri, 09 Dec 2022 06:50:33 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 05:08:17 GMT
age: 2146
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17741
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: X3AJSqteC37BfgScS3ad0QxIA8fC5E/sdLCetQxidR/UQSRC09JIM/4NztG5P0WJg6uvzuF/3NU=
x-amz-request-id: WJVDR21FJVHFVNW8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 04:48:11 GMT
age: 3352
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 05:44:03 GMT
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 05:07:55 GMT
age: 2168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "09B2E8F43536A0ECEC3E3B524BAF990CDA03ADD054197907E3A00A7BC8A76712"
Last-Modified: Thu, 08 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 09 Dec 2022 11:44:03 GMT
Date: Fri, 09 Dec 2022 05:44:03 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3694
Cache-Control: max-age=102263
Date: Fri, 09 Dec 2022 05:44:03 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:08:26 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: G2bgkOF4bsbCr0us4UAjSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.210.150.237
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E/+xY5qqjHqVOpiWjxEXeyn9ucY=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 05:44:05 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2292
Expires: Fri, 09 Dec 2022 06:22:17 GMT
Date: Fri, 09 Dec 2022 05:44:05 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F042317d8-45b6-4c5f-8767-ff9367c24193.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8803
x-amzn-requestid: e8516be3-5ce9-4f15-b522-c81c1e57a0e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtK9GavoAMFjpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af579-538cc8f300938698004f2241;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MiOdXHxd9Vmeji8Yqd8LG_EqYoMGf0YBy6by9bhfjb12y1OxKVvvqw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:56:08 GMT
age: 6477
etag: "c47af4e5770daad212f4290527b00321285105f8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8803
Md5:    46275ec87d8221804dbb99f95b035131
Sha1:   c47af4e5770daad212f4290527b00321285105f8
Sha256: 2118ec68c738683d8f7e11b95239ca92fda2b9b5054aa7b128267eec0d0634c5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F345b9f5c-0162-4ba2-800e-223d402d28bf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3030
x-amzn-requestid: c5e5e4a1-bc45-42e8-a021-9c8f99e22556
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUqCFWBoAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639134a6-5cc9bdf360f2bfb54e16b448;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: x5FUJ8Cbw9B9BWcHlencYw564Xri5cgoVXkQ2MbhEjYq7Y5v2P0IxQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:18:08 GMT
age: 66357
etag: "33edd1469c54a08e3c4cb0003b87b225eba55b3f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3030
Md5:    a1be0ae00ba0c6009ac14c8df38b8ad0
Sha1:   33edd1469c54a08e3c4cb0003b87b225eba55b3f
Sha256: ab70390c49c5bb3dd7e97ba008c01213a59b3bc271aa8a350ab35ff422d8b3fd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8345
x-amzn-requestid: b1cf2094-2cf5-4e19-9ed7-4d7e220c93cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czUoREPoIAMF4hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391349b-1b78fe0a155179643ae2aeed;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 00:49:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: YMFI6I2o0A4rGZTluooPsDLGNRRY9kSAfDAFrwzXhIG4HC_W-hFIoQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 11:31:33 GMT
age: 65552
etag: "4792b0893827924e84cc51450012407717da4d2b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8345
Md5:    659b6eb1f1c430e2780758c7787b9a23
Sha1:   4792b0893827924e84cc51450012407717da4d2b
Sha256: f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 80938
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7557
Md5:    5de5d319f43d9c9c641419d96655541f
Sha1:   cde4c7fa0145d3645af17e34c83c63c08f76a076
Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18fc6c7c-4552-4358-9e4d-cdf93bc52b43.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4914
x-amzn-requestid: b709d5ff-617b-480b-8fc3-b1408ee358b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsoEkSIAMF0ZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7ea-4150ac397b97d1217cece045;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8DqbjuQMX0JOMpduQ1-wy_B1a957NXgsAHrZc1OwUzsmqJRKfkEpoA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:49:06 GMT
age: 28499
etag: "6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4914
Md5:    06799a30d9977b0845f525ae82355d23
Sha1:   6ae9a3c17dcbac5912a46ca0c99977ca3adad4ea
Sha256: d7a7eeb42d36167243b3dea7147a61119cbb5d1dcc2e2304c6ddd4a62e41efd3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 28361
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1297772
expires: Wed, 29 Nov 2023 05:44:06 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkGDjuy2qUhLKc%2B5NaSaKQbotLhgQeL9OtmT1z6h1ry5oe1RGbkuy6tu%2BaGIqaRam1js8k2tTTHiwx0G8rw0cDNSevAN3vaBSoNxhK97RVQQBYq5c40O72TSrLaGYvVdecVJxpHj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776b6d4dd93bb4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27964
Md5:    391678ecd81abb89d767676563d04a0d
Sha1:   ca95c965bf5453f22a77969f650d82cc0495aedc
Sha256: 0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
                                        
                                            GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-length: 3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    4f4adcbf8c6f66dcfc8a3282ac2bf10a
Sha1:   c35a9fc52bb556c79f8fa540df587a2bf465b940
Sha256: 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-length: 3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    4f4adcbf8c6f66dcfc8a3282ac2bf10a
Sha1:   c35a9fc52bb556c79f8fa540df587a2bf465b940
Sha256: 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-length: 3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    4f4adcbf8c6f66dcfc8a3282ac2bf10a
Sha1:   c35a9fc52bb556c79f8fa540df587a2bf465b940
Sha256: 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-length: 3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    4f4adcbf8c6f66dcfc8a3282ac2bf10a
Sha1:   c35a9fc52bb556c79f8fa540df587a2bf465b940
Sha256: 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
access-control-allow-origin: *
age: 206597
cache-control: max-age=604800
content-disposition: inline; filename="img-placeholder.gif"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Mon, 30 Sep 2019 14:38:45 GMT
replit-cluster: global
server: ECD (sec/9738)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 54
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 15 x 15\012- data
Size:   54
Md5:    b0c811c03908e627769be91798d2ca39
Sha1:   ad404412666874be821e3189ee06683d60eefc77
Sha256: 47361c9f2b452dbef25f029bf719f03fc1e2330bd43ecceccb800c773e0824d0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5 HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
access-control-allow-origin: *
age: 15269
cache-control: max-age=604800
content-disposition: inline; filename="logo-adp-fy19.svg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Fri, 15 Feb 2019 16:22:30 GMT
replit-cluster: global
server: ECD (sec/96DD)
strict-transport-security: max-age=315360000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 573
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (573), with no line terminators
Size:   573
Md5:    3e81e948274b52f011e819d03e569bfa
Sha1:   d840bd9a5070bf52e24c35d4b481d03896778467
Sha256: 53c4c147e70a8c4b8c359b7794b6d1fe5658902f8a701a2ee20d62b6c0da9bbf
                                        
                                            GET /page-https-cdn.optimizely.com/js/6261340341.js HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-length: 3
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    4f4adcbf8c6f66dcfc8a3282ac2bf10a
Sha1:   c35a9fc52bb556c79f8fa540df587a2bf465b940
Sha256: 6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/img-hero-guidebook-mas.png?rev=725014a6f2a84d4596b5573373e6dbf8&h=602&w=475&la=en&hash=6FDE6C4D418F9724327C91793785825A HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
access-control-allow-origin: *
age: 355106
cache-control: max-age=604800
content-disposition: inline; filename="img-hero-guidebook-mas.png"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
continent: NA
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Fri, 16 Dec 2022 05:44:06 GMT
last-modified: Tue, 18 Aug 2020 05:13:48 GMT
replit-cluster: global
server: ECD (sec/97A8)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: OR
x-ua-compatible: IE=Edge
content-length: 18939
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 475 x 602, 8-bit colormap, non-interlaced\012- data
Size:   18939
Md5:    2e92d261579717a24d82efd8a61ba8fc
Sha1:   a8f14d81d6e2b90e9252d0857a6df19c4ef8d3e8
Sha256: 8294ad9bd24dfbd0dd384a49ad6dc929f4fdf52fdf38bcbd69002162d1b11baa
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 05:44:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-208508211-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.40
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 09 Dec 2022 05:44:06 GMT
expires: Fri, 09 Dec 2022 05:44:06 GMT
cache-control: private, max-age=900
last-modified: Fri, 09 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43635
Md5:    c28a61732d0fa98af478955cfa52997d
Sha1:   aa5d9b058a87222dd26ccc56abefa9579920f7f8
Sha256: d4abdcb58965660183e9247d70c16e3e4eb0029d388f7d032db32256e504f89a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 05:44:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=970d4f37618741169b96eaed7b7294cc HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=604800
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Wed, 07 Dec 2022 16:54:54 GMT
replit-cluster: global
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65315)
Size:   263204
Md5:    6c08f92aa398686615495fa70396ffb4
Sha1:   5823fbb70b8a455138a39bdee1233445cdc99210
Sha256: 17bc859cfc698577637cf223ee7ec76b6c34376cd9c77ce6a30c5374849f3cbd

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /8fa04f55aa21f2ced2759b96e2702ac3/invoke.js HTTP/1.1 
Host: becomesnerveshobble.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5abae13c86aa9a659bfb73532bf039e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (26988), with no line terminators
Size:   9809
Md5:    9f6c6e7892a103f06ac8dfd147b51e3f
Sha1:   1c77f472226eeb5681a4636fe2f5f8a0380d18eb
Sha256: 9576462f746f185f4353cea99a3246a39b3dff6ca8ddc6dc7db3ea2267c58aad
                                        
                                            GET /5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js HTTP/1.1 
Host: becomesnerveshobble.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.52
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5b9be2f6b17f4e7277cdcd405abdaf24
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (37128), with no line terminators
Size:   13408
Md5:    d95c393a57f76131d776d6e75dc50e5f
Sha1:   0b942b7186176fef10b81f68b24bc896cdc5e797
Sha256: c5c68aeb73c92c2b8525795af23accc8b2aa28829e0e10c65eef35cef012390d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 05:44:07 GMT
Last-Modified: Fri, 09 Dec 2022 05:07:39 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4Jf6RnzQxGEzWGAv29csXMOdptScV2VrgoKtVQT-tuqhDDI4oyxVPQ==
Age: 2188

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Fri, 09 Dec 2022 06:28:15 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 05:44:07 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=3df49832-2890-488d-a8ac-3f2f0490e577:3:1; expires=Mon, 06 Dec 2032 05:44:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    47666ce9f61368fd0163a93a197c2bb0
Sha1:   73a367f30446aedb69231ed7b0cb3844452931aa
Sha256: bde69d03dba3b1e9852eef44218a59b3c3c34f8095c669840efcc5c65d66ae10
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CC13FE7ACBBC71C3A704EB64B57AEC95E7D0A2513143E06B182499EBD218A13D"
Last-Modified: Thu, 08 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5334
Expires: Fri, 09 Dec 2022 07:13:01 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         54.230.245.39
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116665
Date: Fri, 09 Dec 2022 05:44:07 GMT
Etag: "6391e720-1d7"
Expires: Sat, 10 Dec 2022 14:08:32 GMT
Last-Modified: Thu, 08 Dec 2022 13:31:12 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j5ViXBALOeqx4HMFGXnkvYAfMArG5BvXUpgD-xWRaNMZIXM1X1QSwg==
Age: 2240

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.28.211.11
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 09 Dec 2022 05:44:07 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=a1078233-3686-4265-932f-9f4a16d30e2b:3:1; expires=Mon, 06 Dec 2032 05:44:07 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    27c024fde29b621659b3a99460930099
Sha1:   1836f178afc1b5e97328dbbcf2130edb6c25960e
Sha256: 45f6edb0388ec043baee313b49ded8f7ac9ae0361f7ae413f76e66bb777d7fcc
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "70A2CA6AE9B2777AAD1261C935A075C256A7D920C98AFFA64C8AFFEF5D5FF85B"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Fri, 09 Dec 2022 06:28:15 GMT
Date: Fri, 09 Dec 2022 05:44:07 GMT
Connection: keep-alive

                                        
                                            GET /2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js HTTP/1.1 
Host: villasquinttolerance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 630bda384607663aac430df4183523e2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size:   28753
Md5:    1baf5a7a86b88f05f0a7fcb784ad8fc6
Sha1:   c08244d724bc5c2f6ea57b8af496722273c921fe
Sha256: 19e4d5fd7531a368fbab266d6dcf2611c31fa3623ca5f049f69ff3313a021370

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1 HTTP/1.1 
Host: villasquinttolerance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:07 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Location: https://villasquinttolerance.com/watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t
Set-Cookie: u_pl=16256856; expires=Sat, 10 Dec 2022 05:44:07 GMT; secure; SameSite=None ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2YvZnV0dXJlLXByb29maW5nLXlvdXItYnVzaW5lc3MuYXNweCJ9fQ.o-Bj9gAsqWcR4BXobRvtHSyS8hnJLC9GEOREzSGqdFw; expires=Fri, 09 Dec 2022 05:45:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 913201e339e9f38aad28b23b5308f871
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /watch.212470543155.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22future%22%2C%22proofing%22%2C%22your%22%2C%22business%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Ff%2Ffuture-proofing-your-business.aspx&tz=0&dev=e&res=12.1055&uuid=3df49832-2890-488d-a8ac-3f2f0490e577%3A3%3A1&shu=c003a7be2449617706a0cb5744b1653bd195e4ed9a18a0d66c435a10123539b64c4f8577e08656023e039c9d129a9461c606e22143fd521b6526dd049e9496d97bd53e734abfe2b1f443a3ae45a1afc9d34cfe38809fa8eb44e7ce9bc2b79b&pst=1670564707&rmtc=t HTTP/1.1 
Host: villasquinttolerance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Referer: https://milsteelonline.com/
Connection: keep-alive
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2YvZnV0dXJlLXByb29maW5nLXlvdXItYnVzaW5lc3MuYXNweCJ9fQ.o-Bj9gAsqWcR4BXobRvtHSyS8hnJLC9GEOREzSGqdFw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.36
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3df49832-2890-488d-a8ac-3f2f0490e577:3:1; expires=Fri, 16 Dec 2022 05:44:08 GMT; secure; SameSite=None iprc80c1a048a73a20e43e53c0dfd0d58802=2717342; expires=Sat, 10 Dec 2022 07:44:08 GMT; secure; SameSite=None pdhtkv=true; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None uncs=1; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None pdhtkv27=true; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None uncs27=1; expires=Sat, 10 Dec 2022 05:44:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dd51e7bc588af13de946a5bc3dd5daf2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (601)
Size:   641
Md5:    5d72dda75b278f10c2786f219dc881c5
Sha1:   d293810f40c7b99f60113d83243f780d7cdd8678
Sha256: 7e3a5979f01563aca97edfb728e65c56ff0b3676d2d3b73e99eca4a7e2bdd318

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B23981D5A39C404350E87073A259BA44ADA4962BB356AC8C488536407356BACE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5991
Expires: Fri, 09 Dec 2022 07:23:59 GMT
Date: Fri, 09 Dec 2022 05:44:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "55D65C81111AEA883A4BEF500D125C540AF55882694A71AF3637BA4827AE327A"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13860
Expires: Fri, 09 Dec 2022 09:35:08 GMT
Date: Fri, 09 Dec 2022 05:44:08 GMT
Connection: keep-alive

                                        
                                            GET /pixel/sbe?t=1&error=timeout HTTP/1.1 
Host: entitledbalcony.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         173.233.137.60
HTTP/1.1 200 OK
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         173.233.137.60
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Sat, 10 Dec 2022 05:44:08 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.fry_J-oqeT7rlPZHCqvpSiC4PaUXKo_G3UqKPDTTgec; expires=Fri, 09 Dec 2022 05:45:08 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7de6a68e5a328ceae3f56ede91cb818c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   1260
Md5:    e3270836ccff25c4cc80f1743b68e780
Sha1:   712f834945d299d82abf66c30f4d348b434c112f
Sha256: b826f323c32969b7e4c9a7e5f55152017c2c7ca59b213b07226f586236c71327

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /dyfc1k09?shu=807be2a3900f9616bfcd1ffbd37963b994fa899559e2363b694c4c63c5042536cdbab1a65fbc49c890c3ea617e6d5c0d315b0dc49e81c3b6d8c79c127f24541a014d53324b57a0186907102fccf48ffac90a5d3c9bbd7a07b9c4bb5f2cd85133&pst=1670564708&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.fry_J-oqeT7rlPZHCqvpSiC4PaUXKo_G3UqKPDTTgec; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

search
                                         173.233.137.60
HTTP/1.1 302 Found
Content-Type: text/html
                                        
Server: nginx/1.19.5
Date: Fri, 09 Dec 2022 05:44:09 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
Set-Cookie: pdhtkv=true; expires=Sat, 10 Dec 2022 05:44:09 GMT uncs=1; expires=Sat, 10 Dec 2022 05:44:09 GMT pdhtkv28=true; expires=Sat, 10 Dec 2022 05:44:09 GMT uncs28=1; expires=Sat, 10 Dec 2022 05:44:09 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bea77098553294b0eb96511148c489f5
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "18D643602328B357194B80B307CF1E4E063A652BB07549F1C4BD7A1F5A9E80B4"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5589
Expires: Fri, 09 Dec 2022 07:17:18 GMT
Date: Fri, 09 Dec 2022 05:44:09 GMT
Connection: keep-alive

                                        
                                            GET /postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57 HTTP/1.1 
Host: us.slowww.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         38.100.129.135
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: openresty/1.15.8.3
date: Fri, 09 Dec 2022 05:44:09 GMT
content-length: 2086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   2086
Md5:    77592264693838b3c7adc6b6774b1117
Sha1:   701a6d606039acb90b4bc942c2541a4d339d1288
Sha256: 49a1d8f1a0e83f9315aca5cd2a4a136a5f22ee89c95e3675e4e288b3bbc171b1
                                        
                                            GET /postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57&token=06d86d3e02fbb77182d890ee47787837&timezone=0&iframe_test=false&webdriver_test=false HTTP/1.1 
Host: us.slowww.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://us.slowww.xyz/postback/click?key=v2-1670564649067-4-9875-999800-506cd6c9-3862-3d54-77cd-ea4c52891a57
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         38.100.129.135
HTTP/2 302 Found
                                        
server: openresty/1.15.8.3
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 0
set-cookie: platform_user_id=desktop:b9ce734ea0955fdbdaef46d4d37c6039 platform_user_id_3rd_party=desktop:b9ce734ea0955fdbdaef46d4d37c6039; SameSite=None; Secure; Max-Age=31556952
location: https://www.pricecomparedeals.com/no-no
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3686
Cache-Control: max-age=96869
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:38:39 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=97405
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:47:35 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6B75)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2986
Cache-Control: max-age=112348
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 12:56:38 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1683
Cache-Control: max-age=94866
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:05:16 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6BC2)
X-Cache: HIT
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   16554
Md5:    a6aad4c6d5a4e5ce53de8243748d9254
Sha1:   d73fa2134be4a57f347edb4e6df49ddc5d8d3f11
Sha256: 60bb9d3e916b6ad495e2516f6b3b85005f5d1045cf3f4fab13c7bf936fb09239
                                        
                                            GET /23x9/GG201910181329540253000000000000_bandeira_noruega.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.34.224
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 389
x-amz-id-2: IiusZnti6Fc7BErGOmKVn5uyZZ1stcsC2EzgNj+4XO4RSAaDs23tubfUnp2QwmDDN7MmZncjAhM=
x-amz-request-id: 5V2P1FFTF27KNSDX
last-modified: Thu, 28 Nov 2019 03:36:17 GMT
etag: "3985c40fe38e6b8cb2b7de1b2987cffe"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eei9%2FIGRp3QVnjymRUcjhT2tDA4GH4fY74JzdQJGQrVO7q53jKuaz7ftsKQCl7W1YYJfRHIv2aDfwIIHWUIJ%2FE2PF3lbb928WeDlVgA9VNSZQhsbf%2FAhmIS1%2BDRWhjwfMWR6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e220b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 23 x 9, 8-bit/color RGB, non-interlaced\012- data
Size:   389
Md5:    3985c40fe38e6b8cb2b7de1b2987cffe
Sha1:   7c0328120073e47ffe990c218a3318c8edd675c5
Sha256: c82d89e379fa3c6a82fcf1b943144c7f61f007828904ff2beccfe127396e9369
                                        
                                            GET /210x210/GG202006090809160963000000000000_decoration.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.34.224
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 12794
x-amz-id-2: 6wnXaESSMB4fqASE7N+8ehTPOVbYvW3DlTDmjNmF7ppTk38+FuY2X/Q4Cz9O3q+wkmPY2nIV5dQ=
x-amz-request-id: G0SH0AH2J6PTJ52B
last-modified: Tue, 09 Jun 2020 08:22:03 GMT
etag: "a950c8fffccbf994e7eab4cbdc4afc79"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ00GQO2%2FS2io3LmTr0pnDbLL61Gmrigjvlt7pY6BAuMI9Yy4z3RMhsZ9LT5e5zsk8oNIx5CChLVQWfdEsK4Kb48dURjXB6vTy33coKN7saweUVJB2ucUvOZqKuXlFwo21DiHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e250b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 210x210, components 3\012- data
Size:   12794
Md5:    a950c8fffccbf994e7eab4cbdc4afc79
Sha1:   0ae9de6c62eb474f9fc1d3fe74240c92d555711b
Sha256: c430a67352d95e657b6f81cee177cb771a9b8b289a66043021386d8b069f20e1
                                        
                                            GET /630x315/GG202006050817010094000000000000_fashion.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.34.224
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 25059
x-amz-id-2: SFrxRe2sKqmtTHg2kUJx1wbyxEhgFybnCJYi5BNqrVrAbwkmvZEFyZiJuduYcLWF5JD3QgkVXHc=
x-amz-request-id: G0SVY3EKCWSRK22K
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "e4f10f00dbdfc76dac0b06e12e76dd81"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBmvjEme5eny3w7gcBfYcS5OMBsQkvr0TK0QzR%2B1bk6faR%2FrzQJToUgjtzsyrQFzHyS%2BCt%2FrCwsHoVkVcOUG0WVWCzhwtY7XxzEfFWH1jl8Px8vWgDMFs8wQOF2qYBFsn0faDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e230b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 630x315, components 3\012- data
Size:   25059
Md5:    e4f10f00dbdfc76dac0b06e12e76dd81
Sha1:   4b016a4493756924b8fb40a9f1391d1378c07cf3
Sha256: a8bef644a63472bb106be50ae79c3eaf5e10d49f1f8c207564036e07b01781d9
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1818
Cache-Control: max-age=95001
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:07:31 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   4387
Md5:    20276d277a271cfaa98d72974a7de04e
Sha1:   4f10b4f63dce557aaac46d647a8bc0e16edbdc9e
Sha256: ba669b942fd07b6b4a45dc1fc71340f100c60895c139d44f1f8681435dad50a4
                                        
                                            GET /630x525/GG202006090803570037000000000000_elektronics-v1.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.34.224
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 36766
x-amz-id-2: IMq+Sz4LUZ8TzgKFeRC0y762GUTn0rNSWCEjpr4iZLOb0//ZFbRumy9jOX7Bs0XWmwExjRcUDY8=
x-amz-request-id: G0SNKTHS1EEHKAYY
last-modified: Tue, 09 Jun 2020 08:22:04 GMT
etag: "7f936cedd7e479eb865f1bfe1c63e945"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVy7MP77bSBn%2F2lmVeHVVJbYH1FVjXzHtDsfPqGHe3bZ%2B%2FoyuxPn%2F9gnBqp6ks%2FSeBV1eHXOZzIT6BHWdsLnJxOjUcGMhxwvlPnlhPTbJU%2BLnUDnPC5aC2oWkcUU2lOUZUdivw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e260b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 630x525, components 3\012- data
Size:   36766
Md5:    7f936cedd7e479eb865f1bfe1c63e945
Sha1:   4088966128f5171f9750dfd5f83ed2f8c517090e
Sha256: cf3f17e5d372b10391a1ec46de26be3e83ca3c37f22d6103aee48e6d210d906a
                                        
                                            GET /420x210/GG202006050826060263000000000000_travel.jpg HTTP/1.1 
Host: cdn.dealsfor.life
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.34.224
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 17960
x-amz-id-2: +jmNAUjjBw2hbB920mmdDVmSVrE7+aPyB7OpV4R5urq4cwxHFTmHcVfVf5hvJ9rh0pVjldA4qQQ=
x-amz-request-id: G0SS5X69TG09BDGC
last-modified: Fri, 05 Jun 2020 08:42:55 GMT
etag: "d2e157616b039f93a4dc696b5b96938e"
cache-control: max-age=86400
cf-cache-status: HIT
age: 5368
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8ZR0WZ147FdvrLZjAp8w7aqO7XnyT2olDoX%2B6bnDeuSRUMUr0Joqw%2BPHnWXggsECi0Yn8D4lZ6halbDrTtR1kVDqIFYzH9vdNuIUsXOT%2F%2B55O0c83xHBXXxTcE1kcmiTQuwSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d690e240b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 420x210, components 3\012- data
Size:   17960
Md5:    d2e157616b039f93a4dc696b5b96938e
Sha1:   6e0e4a332b81a4388915f206f73d58dcde204b29
Sha256: 2cf032115b870ef9a2790db489949898c24d39f8b8e93ce82fe59adc9255405e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=93183
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 07:37:13 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: nginx
Content-Length: 279


--- Additional Info ---
Magic:  data
Size:   17038
Md5:    3ca94652d5e03ba9c48ca70a427741e3
Sha1:   3ab500c2775f294401afe6e81dd3a2a1550c4670
Sha256: f0d73f746bb75060df37c0a42c921e137be2e438ae0115e50c060f7a8a6ef977
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=97405
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63919429-117"
Expires: Sat, 10 Dec 2022 08:47:35 GMT
Last-Modified: Thu, 08 Dec 2022 07:37:13 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /releases/v5.7.2/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
x-amz-id-2: R2i9G2ZJK7zdhMx4WcXVJws5PK1EfeVqT1BYTnCpV9tBld+xTbgNrqP0AjVCclp5EcX9LUmZMqY=
x-amz-request-id: XRHNWGJP5AFFKWDK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2584614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck2aHaTSycWcT2HJhi5lyygOM5ButX0xmD7xyOsU1mH%2F8uTuK0U0hAOOQ%2BhD6C6Iy15U75kjxAuoaM6F2lHCxHhyGgnL6BwV0%2FmcuBlJoTW5xXMx42LAy3VmvVTar8jTOeqPIraW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b6d694bb7779d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (54456), with no line terminators
Size:   12126
Md5:    c073a65a817fcb6fab31caab36a8a1d1
Sha1:   3067cfaa4ce192c00244af0a7334b20896523f0d
Sha256: ca5fab17cb46006fcbad5bc6bd5e9d5ab5f6d16c4d64656307b85900e00e510d
                                        
                                            GET /css?family=Open+Sans:400,600,800 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 05:44:10 GMT
date: Fri, 09 Dec 2022 05:44:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25719
Md5:    688a9ed4bafee0bc1bd7ce9ce15b4d0e
Sha1:   96221327dd44161310c02914332f6aebe75ca664
Sha256: 07f39bb66157bde392a2f09403766cec5af0eaad141d02ca5e4ac544322b4b2a
                                        
                                            GET /no-no HTTP/1.1 
Host: www.pricecomparedeals.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us.slowww.xyz/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.94.144
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
cache-control: max-age=1800
cf-cache-status: HIT
age: 4087
last-modified: Fri, 09 Dec 2022 04:36:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNUzyM5h5sR42sMnGDqLK8mgGHZddUX4oHYb0dr%2FL%2FlqOcW65kAoqFWnfAKs2yGt2r5AQziKR%2Bk7Jn9egDZ6n9S1cTaaDznyhUXR4byq0V5mj%2FFOEbts64CK0n8QbUcCwkFRwgYmu5DZChHi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d67fa67b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1238), with CRLF, LF line terminators
Size:   31266
Md5:    15ba3394ed0ff50f2894e49152f59c09
Sha1:   4031d3bf8eb624586e53da8ef8544af2cb91e77f
Sha256: e0c849066cbecd64c437e193fc9ad3023a05a339f1491f0d7477d76dcc7a70bb
                                        
                                            GET /releases/v5.7.2/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Fri, 09 Dec 2022 05:44:10 GMT
content-length: 74348
x-amz-id-2: TtRJtEu72fwb6dQilLBWH2Hv2TMdJEbLHf+VIjAgcWNxiwEJfaTT35zHB1hJG5O4j2+AN9KqKHI=
x-amz-request-id: 6ZVN0N8Q0YKDHH3Y
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:18 GMT
etag: "462806316fea535a6a57651bc2b000b0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 986746
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yp5e15KFSxHZ5kwHSNcuQa0Lh5BhRSyF8XzXOj9KFLtTiUS45mwv%2BIRQcZ%2BfnRsQH0K6Ip201YzacqLphcSQfOXDcD8iqhi05PRQRylTtVEeCLl%2B%2FSWpuerT3rnkt6y4Pebv0sO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776b6d6a2c34779d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74348, version 329.31064\012- data
Size:   74348
Md5:    462806316fea535a6a57651bc2b000b0
Sha1:   80644191098f863f25be27841c0d92c452cf2327
Sha256: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 298289
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   53959
Md5:    a71bfdbdab8236820a3b54b3147a4f3a
Sha1:   8f09bf38332e4dbf8e4240a5a1d1a178a8de6ab6
Sha256: ce38f237ef9f9e16ecfe2825d3db97874485c06c3d84b1eb2a4e7dfe301b3a67
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 05:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=126375
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:50:25 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pt_BR/sdk.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: fce57ad60351a89fc6db8db69f467996
etag: "94c8e4090d1054a07216ad39b6f5c651"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 05:54:55 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: kcwhIna+3i7Y+0mhMFBpMg==
x-fb-debug: ZV1L0OxSa6SQFLNAwjpiFFt4yrd/E83iB0tpZlA3df016IVhZYQr+Z9RNmP6Lao7K89nFxY0VIy3QAdtE9tnDQ==
content-length: 1685
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 05:44:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1957)
Size:   1685
Md5:    91cc212276bede2ed8fb49a130506932
Sha1:   2a384532df9d4b8404e47ec87f38a43863bae1b4
Sha256: 83b91bb3d726323ad32da4b1da2a4efbba2ed0d9430606f83524917d44bd9a87
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1519
Cache-Control: max-age=126375
Date: Fri, 09 Dec 2022 05:44:10 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:50:25 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pt_BR/sdk.js?hash=08c8ee0f16051ca0d8d2fc4a3a406c7f HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pricecomparedeals.com
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c2361526d45442f81e4037dccfafb0a8
etag: "44d184ba7e5cacbd9d938221e4f0ab93"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Dec 2023 23:47:26 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: YiGoIgVUl2mUFkTYDBT+kA==
x-fb-debug: y6CiNtT7n1XLr//juDVFBWQSHTQMJKQuf148FZPFsPD/eK34whHSTCEpkIT4bgbzkT1YwvOqX6Aj5CYET4m2pg==
content-length: 87028
x-fb-trip-id: 1904183273
date: Fri, 09 Dec 2022 05:44:10 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   88277
Md5:    c51ffa14e657f368f6611b88de641766
Sha1:   1cf943acbeff5c7838697fa283ab7d8ae0bed93d
Sha256: 60054b894e66875329ae6005226ddd27b6222022fa64fd86e1d7cdd2a09392af
                                        
                                            GET /product/xy/500/500/p/gu1/P/L/PAP0216DBL/PAP0216DBL-1-7c15-KkZh.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 47590
x-amz-id-2: R19D9TXEYB0L0CCFrvebEr6n8tdh9T2vd+j06zhx4VD2UvaX7ryVMloU3/AmmxeYrvU6w8C5kKo=
x-amz-request-id: DEBWMFSVM2DJXZF8
date: Sat, 03 Dec 2022 15:02:42 GMT
last-modified: Mon, 07 May 2018 08:33:41 GMT
etag: "c083577c9bda386c9ebf82debca7f27f"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 49aCk0i7SoLP4JKfE0xaSlalj5dCdw6qatwqO90qk3jTOp1hM9C8nw==
age: 484890
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   47590
Md5:    c083577c9bda386c9ebf82debca7f27f
Sha1:   56e9060d558c5eeeec8433e855da96d35fdac660
Sha256: ab139c9577bd9fb36b83d5ce6fa08656ea65af486cd32e791010d2d52215950e
                                        
                                            GET /product/xy/500/500/p/gu1/E/1/E4850-1/E4850-1-1-ebe9-8FG1.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 22742
x-amz-id-2: Fp7YTJtIZvmiEYFo5sXOv3kLtzmke9RZV5JUHKuwScRBXfJY1JgDayDQtn6rAVhFMjbc8IvqUbg=
x-amz-request-id: ABVMFMVWSZJT1256
date: Mon, 14 Nov 2022 00:23:03 GMT
last-modified: Thu, 25 Oct 2018 03:33:20 GMT
etag: "0d1d32059c98386bb3c4eae3924e0434"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7eounPgdawn4YIChkPFuZGGaKobNP1v3Ypl_JWKR_sFz3kjeFbSAIw==
age: 2179269
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   22742
Md5:    0d1d32059c98386bb3c4eae3924e0434
Sha1:   051c7ad70c0c01712cac673f841a26f5597e4651
Sha256: ba482af346765eeaa430a46d537e49b1ada377e46e0b67a97d5cecb6428bfd6c
                                        
                                            GET /product/xy/500/500/p/gu1/P/W/PAE1047W/PAE1047W-1-9dd4-y1XK.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 11796
x-amz-id-2: 3uRHmbWY3PB866waDcwEi0xCeHPk9IlijHDaInHvL3EaBYmvyetH8xyxMvQyvl5jAGisW5Um7es=
x-amz-request-id: 8YS6K16EPR7EDE12
date: Wed, 23 Nov 2022 03:48:29 GMT
last-modified: Mon, 06 Sep 2021 13:31:22 GMT
etag: "9c5edcd2465f2eb2fa572dbfc2862e11"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59M0cBeSxl3o1yzRp6CUfZJ9wKCuMKI46U2sI-1EHHlQZMMTzZTnPQ==
age: 1389343
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   11796
Md5:    9c5edcd2465f2eb2fa572dbfc2862e11
Sha1:   8084a50ed7762ef9a56bbb2c38ee9d079e18055b
Sha256: 92f3542d592b0555f28cd6e00e7023f9826157d9ed87d13665a9487f88e6cf91
                                        
                                            GET /product/xy/500/500/p/gu1/Y/R/Y16482R/Y16482R-1-c416-YIyr.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 26330
x-amz-id-2: DYmi4axRPEW5KWQl6rahM5Bv+KyD7zq3itRs1eXnK+PxsQd2MzW5ZNANftuk4QIkafoTW0eEz/M=
x-amz-request-id: SRC3BEV5R2AEEWN2
date: Sun, 27 Nov 2022 02:03:40 GMT
last-modified: Fri, 04 Sep 2020 08:39:08 GMT
etag: "f5c2ce469cd3cb183da2b2a771d70337"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZAHfGc2Lf0sjywHDlfvH8ftKJEZI6YT8_x3xZaPBKeqlhROOjHnuLQ==
age: 1050032
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   26330
Md5:    f5c2ce469cd3cb183da2b2a771d70337
Sha1:   cf0476c64fe26d41697557f7f94e6a8b4df8870f
Sha256: 50da3db322da8a74e55f86a2ec0a047ba3917bd17a8515b4c1fd1b3bbf27d4b2
                                        
                                            GET /product/xy/500/500/p/gu1/C/B/C9930B/C9930B-1-5d1c-KwLm.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 19870
x-amz-id-2: QL4VHfWyKjwQutdcXaP/xAAhqmUZakP00hWAGuica6r7nxw38uCTm+k0Pac8HM+lSMcDD5T8e+A=
x-amz-request-id: VQ7HB2ZF350CXYCG
date: Mon, 05 Dec 2022 00:24:28 GMT
last-modified: Thu, 19 Nov 2020 12:11:08 GMT
etag: "80fb11bc4878bba87a07250760b18e40"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -0CNNrbQz81FWAUmw7C6RNdEtVcGSQdjO23YsY8oxkgMEMQVn9vw0A==
age: 364784
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   19870
Md5:    80fb11bc4878bba87a07250760b18e40
Sha1:   124daadf1c2a783fea0fa47f55129b6acb16ac26
Sha256: 438e3b46732f0c2c82e0201916d3772ce7afb22c242ddbb007a016d9144c041e
                                        
                                            GET /product/xy/500/500/p/gu1/Y/2/YA16506-2-12/YA16506-2-12-1-31c6-r6Ai.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 33658
x-amz-id-2: GJhprgPvuLS4iJbwlfLju25Ip1TU6Bmt58dgfQ/50C6RXAtg/7XZlGrjOrd68RKiSpkalgB+PMw=
x-amz-request-id: CM4BWHZXRMKRBC6D
date: Tue, 29 Nov 2022 00:24:36 GMT
last-modified: Tue, 11 Aug 2020 19:27:06 GMT
etag: "020937fce16dd14ce0aad41ff0cb1c75"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aBYtb9KvniOTmNCx5B958K9BX-nTYE2unbi0iQ8MDVVVwYg2rcpTYQ==
age: 883176
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   33658
Md5:    020937fce16dd14ce0aad41ff0cb1c75
Sha1:   ba5d177468469f75f642889677e5d5ef12ae6c8a
Sha256: 30eca2bc0f26239f9023cf86c8e31ded5e066deea5ca989f4f8a4c711a3cdf04
                                        
                                            GET /product/xy/500/500/p/gu1/I/0/I4930/I4930-1-9da8-DCLD.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 29130
x-amz-id-2: 3fT+7OftVLpUlAmpRy3SH72NaI2/mi7teKuAW4XJx0Tr9SxJezh6hKB60wL1tO1EKkjikPwixgU=
x-amz-request-id: SYJCMH9DKJ2FD85Y
date: Thu, 24 Nov 2022 00:22:56 GMT
last-modified: Fri, 23 Aug 2019 13:08:48 GMT
etag: "49b7f29c5b008d37d9c73679e2560875"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4bnc-xtJphgQ75EkMPYYkykKL1RvTRCuxNVthbaVVeipCZ54N9uZhQ==
age: 1315276
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   29130
Md5:    49b7f29c5b008d37d9c73679e2560875
Sha1:   7615ea9d98e2b2bea0b820c167331e9d7af7bca1
Sha256: 6caac1fc15a4e0c64d62e20bdee28ddf0fcfa03ed231c8948b9761666bc789d0
                                        
                                            GET /product/xy/500/500/p/gu1/I/9/I4919/I4919-1-521b-gtIF.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 20950
x-amz-id-2: iFS2REsc27t9dPDDSgHxRvz/WScG2eTUa6/y1Au20a4b0zePBIZuifohwHtGSORmmP/N9O2b3Xk=
x-amz-request-id: 5HZBKD758W1J7762
date: Sun, 04 Dec 2022 00:55:32 GMT
last-modified: Thu, 22 Aug 2019 09:54:49 GMT
etag: "addfa34e846ae1812a23c65aa7d68fc4"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IqpPsdePSRYJK5rl7HwnRSP1S8IexzZYkQfR4D4sv2uQr2x1bV9MXA==
age: 449320
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   20950
Md5:    addfa34e846ae1812a23c65aa7d68fc4
Sha1:   14d843e00fecef4e4912f9074107336ee623d729
Sha256: 630ab24f0662faffb202bf0f208636b61a3f386b0ebdc6d15472d9a1598c9119
                                        
                                            GET /product/xy/500/500/p/gu1/P/W/PAA0621W/PAA0621W-1-fc59-oHC3.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 35874
x-amz-id-2: fTQFXPJz1Bg7vqsqgSeAdX+e6xRTD0dtAwWmJ+I1E8FlPpfmD7+w6+ZB/B+lGNzx+eaHixkNBtc=
x-amz-request-id: H6S0JHD98VQ46CJ5
date: Tue, 15 Nov 2022 00:46:29 GMT
last-modified: Fri, 18 Oct 2019 13:33:47 GMT
etag: "57841c6dfcda20efe0aa442e86ee8fa7"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DvBZ-Tb2qF5iL2ONDhxAXyGvocMd19fqbCzabhbmGMjMvbkPzOAGgQ==
age: 2091463
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   35874
Md5:    57841c6dfcda20efe0aa442e86ee8fa7
Sha1:   da9ffde8a0a3b8971c2efce9db232fc4cc6a9e99
Sha256: e7372cc4734516b1836d4e8522fee9d1f267d72d9d6f1ec6d91e224126a6b1c5
                                        
                                            GET /product/xy/500/500/p/gu1/E/4/E2263Y-4/E2263Y-4-1-9350-UiVH.jpg HTTP/1.1 
Host: img.tttcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 44302
x-amz-id-2: LBcIRMCTWouldBM84Ff6CoqyA7U+YhJbjziBZgGwW8k/D6cClc08Zui+FgwWbSSGqk02Cyrzwxk=
x-amz-request-id: BJWVKGYFQKNCVCKE
date: Tue, 29 Nov 2022 00:22:05 GMT
last-modified: Mon, 14 Dec 2020 11:10:51 GMT
etag: "f033b086e3e54b7d24d541c77e41078a"
cache-control: max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QR6YehsF-EdfDHDx_EiIjn3Np-6-XgUfTnJiyJDIOtfMLCdgOVa9kQ==
age: 883327
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   47250
Md5:    7958dc55f718d5f899556f7703ba6de7
Sha1:   25b2c714e732de27914b1c47ecef3a1982024403
Sha256: 69cf6a6694d47f2f7b1fee2f7c2e87fee4d1a19338cb6e4740aa67a62cf6d554
                                        
                                            GET /tr/?id=387357745142349&ev=fb_page_view&dl=https%3A%2F%2Fwww.pricecomparedeals.com%2Fno-no&rl=https%3A%2F%2Fus.slowww.xyz%2F&if=false&ts=1670564650075&sw=1280&sh=1024&at= HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pricecomparedeals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 09 Dec 2022 05:44:11 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /sfp.js HTTP/1.1 
Host: friendshipmale.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.162.31
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 09 Dec 2022 05:44:07 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ad0f162eca2ffaadd7b6e5e4b01f7915
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 09 Dec 2022 05:44:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYXApGLA4r6pTkG1UonbFeyLGMJwvFKMA0VLzdaiZJeViK%2BsiQHIc7xv1mz3PoKDBMTDrsppiZEzZNy9eqmJe3w0e0OsKkCeZsHiVdcE7TGZgMV0Dksd3HUNIr0Kg%2BC4%2F7nuBOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776b6d576e4774f1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: max-age=604800
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 04 Oct 2022 22:21:06 GMT
replit-cluster: global
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-encoding: gzip
date: Fri, 09 Dec 2022 05:44:04 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/inject.js HTTP/1.1 
Host: milsteelonline.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/f/future-proofing-your-business.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         34.149.204.188
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 09 Dec 2022 05:44:06 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing