r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2496
Expires: Tue, 21 Mar 2023 14:39:38 GMT
Date: Tue, 21 Mar 2023 13:58:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Tue, 21 Mar 2023 14:48:21 GMT
Date: Tue, 21 Mar 2023 13:58:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 13:27:25 GMT
content-type: application/json
age: 1837
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4544
Expires: Tue, 21 Mar 2023 15:13:46 GMT
Date: Tue, 21 Mar 2023 13:58:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ecX9fAv3e+cpasRWmrAyElTFdJuFaJ0PpeSA6h8a2U3AknSz/s9PYMF8k/2gLU+xlflnkXjPQ+8=
x-amz-request-id: 3F4H4HF2WDAN95B7
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 13:53:12 GMT
age: 290
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 13:58:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
301 Moved Permanently 0 B URL HTTP/1.1 www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 13:58:02 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 13:14:33 GMT
age: 2609
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3995
Expires: Tue, 21 Mar 2023 15:04:37 GMT
Date: Tue, 21 Mar 2023 13:58:02 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C9xhY6T5fiDVCXX7f1xf+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WzYSnYCeIV8ziSPZQxiH7aPxl4o=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
404 Not Found 13 kB URL HTTP/2 www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9458), with CRLF, LF line terminators
Hash dfa993692c583cb17a81e3e339f24ece
d5c9f1937ac8425e4ddada53bdb1207557efd205
dc70fa321e1ec0ce9cb6257350aa59ff19fa5bfb4ec2c3a72857c904c9a28a94
GET /edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.desonmarketing.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 13250
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-216472247-1
200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-216472247-1
IP
File type ASCII text, with very long lines (2206)
Hash 379a0fd783f58503e34b407bee4dff6a
61c1ab5d0d696acd5ecfef48ecf2d2547a4aae70
d41e4746dea190bd6e70ac65d842ee0cb4ba211d9ce79fe14220c2b409c6d42f
GET /gtag/js?id=UA-216472247-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 13:58:03 GMT
expires: Tue, 21 Mar 2023 13:58:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45709
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css
200 OK 2.0 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16660), with no line terminators
Hash 3d77315220c2695186d0c38b130a317b
7c39102e26ac5a5615a4d78b071b78fa3b6df094
6583a9a4d01c395a203ef7353bfec1d1b3d2d34dad3bf784eb4f188aa773e42b
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 12:53:21 GMT
etag: "2a81261-4114-5f3cb2a8adce6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1983
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/css/classic-themes.min.css
200 OK 145 B URL HTTP/2 www.desonmarketing.com/wp-includes/css/classic-themes.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2dfb9ddeabe846b150087876ceb22a74
c9e3350631e53855d04d6dce360a675c84b3131d
26ef5cb63a695419cf11c79a759b46c5568df3716e4f1d36e7612b3695d5b554
GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:04 GMT
etag: "29407b1-d9-5f675b361cb1f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 145
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/css/styles.css
200 OK 879 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 6da9864e51fba7e819c278cb98869a55
4a8abaa90be86c8a629f643a01abcb7c1c8675ca
46d12de1bc39267f799b942db720ed3055ca34746acba12677d41f883a1649d6
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962852-b2b-5f5d11661ac46-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 879
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css
200 OK 385 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1183), with no line terminators
Hash 83fb85485301789bbea1ba534ae9b953
7e4f21455512bdee65111e4055f82b5528f7968c
ab506f0ea01bd50aca8084edd9ac92c57107e493ab33901c31560e1033fe86b3
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a7-49f-5f39ea6bbe229-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 385
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css
200 OK 14 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 86169a1d91b641778ae5f182fa4e37d3
378911b57d06b7c98cec70fea9a1f9091a8349ba
ad6083a0a26ab4a1d48baeff893a574ceb5860ea31c49caee4310d0d417daed8
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 12:53:20 GMT
etag: "2a8108e-160c8-5f3cb2a84c646-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13827
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/css/dist/block-library/style.min.css
200 OK 12 kB URL HTTP/2 www.desonmarketing.com/wp-includes/css/dist/block-library/style.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash 5e3752655a7a33c049db06c0edf386e6
573c51b0de413f30a220c9261506635f9daf2b81
d6571c641370e9bb83b25b5a493fca6ae3109ae384f7a8a9507ccdfb9067627d
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:04 GMT
etag: "2940bdc-172a9-5f675b361f618-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11590
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css
200 OK 710 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 55f54acf9014728d332362e0a9c86736
1e2f580fe4472cf059371afc079922aee036b97b
360ef6a44f59a4e505b49a89b78e7c1dc577814e86d85fcb02e15869109cf0bc
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a9-bcb-5f39ea6bbf999-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 710
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css
200 OK 9.2 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash cd0e2d8dc5ca83a5fdd0f8cd72c5fced
216a7d7376ba89eefd300421d355ee8746af55ee
f3f47e1e6230c7633308d367cba3bde5776468fbb7de3954c0072ea2e01d5fd1
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a8-17b7a-5f39ea6bbe229-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 9169
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/style.css
200 OK 13 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/style.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (847)
Hash ea18972fa8cc5ba34a3ad82adf0f5797
6c2c27a941ecfb250d0ae174e031940e0477758f
25245c64389fe34276c389bda697cc4497acca3fe766edc698ca81deedf90c84
GET /wp-content/themes/elementare/style.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 16:13:08 GMT
etag: "29818f4-10765-5e31120cfed00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13118
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css
200 OK 15 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 22eff1a59c403bf0285f7e35b629bdb1
06e797f9db3e339195828c7f9383bee2d96c2f6b
69fde95b4bec6d34e0a20e2e5595c426c2290d6bc721aea97677401634f519fd
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604c0-1d610-5f39ea6c20c51-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 14569
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/navigation.min.js
200 OK 548 B URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/navigation.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1600), with no line terminators
Hash 54c3c4b477efe9184912bcf8a3c2b56e
98fc8d961cee354cc69375f5dae3d510d5245430
2c1f9af74076184b0208f8f36b57fb351b83d62aadda41b81fcb00eaf0c6d940
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/navigation.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b0143e-640-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 548
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 4.0 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/jquery-migrate.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2940d94-2bd8-5b45debe27b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3998
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/05/cropped-logo-2.png
200 OK 3.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/05/cropped-logo-2.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 123 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 0696532598d621e9e8a8800d39281ed7
936845bd2336d6afd59258f93a9b2bfd4d91ef18
c353fab1514f14bb7804df4eba370dbe95926dd33ebf7c407a92c3873f85c688
GET /wp-content/uploads/2022/05/cropped-logo-2.png HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:18:07 GMT
etag: "2b0146a-e9d-5e048bc6bc5c0"
accept-ranges: bytes
content-length: 3741
content-type: image/png
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js
200 OK 41 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash faa0d9bf9223de717808e9ad68d53780
6c3f1a3bc3f5e3720caea8b1175c3b4db613d5cb
d9d9c497b64dae215faa480b40b4d6885e351691ecd64272fec0bc406ec7517d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:02 GMT
etag: "51e1618-28-5f39eceba22a3-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 41
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/jquery.elementare.min.js
200 OK 2.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/jquery.elementare.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8410), with no line terminators
Hash fc89b04f91bd3bd41b143f171cd25078
7772e3847198c463321c5a1e301f591b8c913014
da508b7108558c31c5d4a3fd8bf3be7340ce123014e39ac492e6767b828abea0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/jquery.elementare.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b01438-20da-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2068
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
200 OK 2.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10565), with no line terminators
Hash 7798717735ba8ccb8b11a9650e81f6e6
84c6a9d5d32905b98960d9dc9d111e48d486d311
fd6d9e22b1d26c2e6974198e43fd5aeb1ac03bab50c5bfcc7e12f07c74ec98fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962872-2945-5f5d11661bfce-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2909
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/SmoothScroll.min.js
200 OK 3.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/SmoothScroll.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7460), with CRLF line terminators
Hash 507dde147ba4af77079f41badb000d0b
78f506a949414885fbdbbd244e74f4e40de35964
761c3905da42e7bcc1582a771d1a2eb81cedb8888e06ca6eba333f9e96594d1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/SmoothScroll.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b01434-1d5b-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3068
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/wp-emoji-release.min.js
200 OK 4.6 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/wp-emoji-release.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash a0083d25b89ea80ecd2393db9f865d62
24eaf2df7c722fb13f2b5bf77ada5ee446720c25
f7533cb93f2efbb9e3bccfa9ff4036a2cafa7dd1bd4d66bea4833306b321e957
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:34:47 GMT
etag: "2940e98-48b9-5dfcceaabbfc0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4614
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/js/index.js
200 OK 3.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (12948), with no line terminators
Hash dd85612159cd3549697facaaade675d3
1e6e72883df7d0b34740871ddf5f3feb26979a22
924c6d67ddbdf10e479028097b55e2708fa3f8ff512b5d94f2d09810774bdfc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962876-3294-5f5d11661c3b6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3925
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js
200 OK 2.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7796), with no line terminators
Hash 5bb7864eb5c1df04cc0e5155fa6d3ba2
0784e27d33b5d84e86c4162120645f7bf18fdf18
aa0c052473a6c9ba3d242aae44535c43463a04637c246e9360feb3236581e11a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 10:05:46 GMT
etag: "4382ce9-1e74-5ee0c50d6f0c9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2091
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css
200 OK 2.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30283), with no line terminators
Hash 566814cbd901e0baeb47e9c7c2984725
3d249fdec7c41f9ebace1220a9e477e4f3e49fc5
d5c1b72d04bd09bcceae25c7acda6f2990cb123079a9a53fcbdae3cfb1614af3
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e0531-764b-5f39eceb3f87b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2853
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
200 OK 3.0 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1577)
Hash c42db5fc087004f61b1fd52f2fa6589a
d315714e57e1b83e3851a3261bcb6f3a8f8aedbd
47bec89c01cd4cc1e52ab92fcd1d1f50d73342d368064fd693a619e8072d4f93
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Mar 2023 23:18:25 GMT
etag: "29629bd-2e7a-5f6e471c43a14-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3018
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
200 OK 6.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30837)
Hash 3bca42e5004726d89ebdea033d8ae93f
629b1195ec0fa24286d5d6a06fe319c139a4872f
1f3dde16a1674c2dcc2af76809687ed4ab30a42c4a3097fb6d53b6115fbd294b
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:23 GMT
etag: "29623b7-7917-5f5d115a9118d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6662
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/ui/effect.min.js
200 OK 6.3 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/ui/effect.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15446)
Hash 4db72c82fa1efb60d9d0683e5badea0d
2def58195185d31247edb51f619977c015e58801
77787e06fe13578369b4bd7e8a243fc5208206c7c9a623fae570f9c659612787
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:06 GMT
etag: "2940dd9-43ba-5f675b381da50-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6309
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js
200 OK 5.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (26483), with no line terminators
Hash 568182d58b138a1a15e6f2cf1a798350
81b330ec2ddb2cdd3768e8b6264d89479346d6aa
67b65c3cfa119a461bac9e9dd132e4388cb266b6d6184910631fd0f9febabb20
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604cc-6773-5f39ea6c21039-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5719
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js
200 OK 5.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 485c2926bba877535aad6b250e296df9
1f13af0e05c0dc5594f0aeba3eba11d81063b60b
d17e044629d1eda633d96b367288264de58e873b4f9cb4d24593cb91d9baa352
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604b2-69d8-5f39ea6bbfd81-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5721
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css
200 OK 12 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 04867b525721f29784a8db37523bb6b6
cd35ca50f09c1413d90a7ac1ba836c0d069ff10c
70c0252aee1d57f00114338ea931d1416ce5ea74ff18a32024d6d1a645bf4756
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:02 GMT
etag: "51e168c-1e7a5-5f39eceba6cdb-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11745
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/jquery.min.js
200 OK 30 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/jquery.min.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash fb1aea2f7ce09f9d2e290d73d57defdf
62d40e64c8aeff20834868816d20d6a645fd2565
367cc15d582c7056695a307c1ef9b32a9e4810c16e33f27eac05909a1f57d4b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:07 GMT
etag: "2940d9c-15e54-5f675b3881800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30350
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css
200 OK 47 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash c8dc6b6c19c4e9f1c9eee2724d0d0e99
0ea0084b21212c6a6d87b422bb5234ff362a93e6
be237f2272217d0b5837e7a046cb4a6df06a2c2f3d195179e48dba8145f48145
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e0535-6d86e-5f39eceb3fc63-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 46589
content-type: text/css
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js
200 OK 35 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (45047)
Hash a765d13162a57de5870cb94dde7c5faa
39dd785cbd35b28db3b842c5553bba7c1d9a98d1
a556acd95d9cc463d1ba71bd1547aa47bf10622a0c7a068f71571b641d04bf30
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e053a-2193f-5f39eceb4004b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 34945
content-type: application/javascript
date: Tue, 21 Mar 2023 13:58:03 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 13:58:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3425
Expires: Tue, 21 Mar 2023 14:55:09 GMT
Date: Tue, 21 Mar 2023 13:58:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 57956
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59df3b8c484422b14b057fddfd99beb3
d7347bcac5fc585b802d9be262c9536d0f72a498
c05014345e897447f7bdcc3b7d267137bbf76758e8fecfbabcb20d09889769f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: e51ff988-1417-4d22-8540-82914428fdcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFaIHZ8IAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5da-744c064c55ad8d3401855d0f;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FsFKERMeCkoD4DFnD-sjKYiRB8izHSQszlkxg7L7jaBgGy4ASvpkkQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 12:12:35 GMT
age: 6329
etag: "d7347bcac5fc585b802d9be262c9536d0f72a498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: d81ObS_T4QBMAr1KU_lJ1hJC4FMqpJNCreDNuU481S4RZo3aQxMkaQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:20:22 GMT
age: 23862
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 57064
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1100f09022852609077bf427f7ce49cd
352e2e60702ca76d7308bbbee83ef7c1413c5b0c
d1cf4a7974bb384cf13448a6aecc5f6bbd387e0eeb60d696df35acfd5231a46b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9509282-2846-486c-aca4-fc2e2da04b09.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11394
x-amzn-requestid: cda4fbe4-0b4e-4836-839a-54f4e40d61a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDVOEZ7oAMFZwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f54-17fbfda14a9a37e523ca5d54;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:04 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EpW8Gqhmn9s8XtArvAxtbrekPlJphcjpXsm6oIkOC8M4lqLgYuZa5A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 06:53:48 GMT
age: 25456
etag: "352e2e60702ca76d7308bbbee83ef7c1413c5b0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7f3f5682ef230a0e5ead556ccbb9c8d
93bcb7e0d7f2e7648f2749060e0a58bca3a033b9
e63beb09275f78a899e992ce814b4a079aaf38a4932a32b9f9431552702224b8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc7839c7-2b7e-47fa-a8d7-b001f2527406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11397
x-amzn-requestid: 9c96a37a-b2e6-46f1-94dd-1a299da61a02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWw1HwVIAMF0Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d19e-0638254835be22cc17465cc2;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:35:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: g2YNKMDYmcQl3rpt8G2tHJFrBf25_aNKA4v4WKBgpCQeEWEnwgbkYg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
etag: "93bcb7e0d7f2e7648f2749060e0a58bca3a033b9"
content-type: image/jpeg
age: 58367
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=578551104&cid=1565327937.1679407087&ul=en-us&sr=1280x1024&_s=1&sid=1679407086&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2F5a7bbee45a6caafad14cc309d1fd2e1b%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=578551104&cid=1565327937.1679407087&ul=en-us&sr=1280x1024&_s=1&sid=1679407086&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2F5a7bbee45a6caafad14cc309d1fd2e1b%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=578551104&cid=1565327937.1679407087&ul=en-us&sr=1280x1024&_s=1&sid=1679407086&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2F5a7bbee45a6caafad14cc309d1fd2e1b%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.desonmarketing.com
date: Tue, 21 Mar 2023 13:58:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2
200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12264, version 1.0\012- data
Hash 392c1284fb4d2a415e68ed385400ef31
612d49a20ddcf8a5192c5dc3a84093a7565265d5
71b275cf770fc22290fc17ff30ac170908e40c03a682218600f5fef533af02a0
GET /s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 12:24:21 GMT
expires: Thu, 14 Mar 2024 12:24:21 GMT
cache-control: public, max-age=31536000
age: 524023
last-modified: Tue, 26 Apr 2022 16:38:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Cookie: _ga_L2T885P65T=GS1.1.1679407086.1.0.1679407086.0.0.0; _ga=GA1.1.1565327937.1679407087; ic_pixel_ratio=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:23 GMT
etag: "29623ca-12d68-5f5d115a9e096"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding
content-type: font/woff2
date: Tue, 21 Mar 2023 13:58:04 GMT
server: Apache
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/26a1.svg
200 OK 451 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/26a1.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (451), with no line terminators
Hash bcca43b1c7aa91d47f62962ce2422ae1
6bd13c3ba629e5f79d9ddf15cc79b7dc34729638
d3a6d0c18f6887f771aa3cd51db375e7a9588e1af63801cc100cd9bcc5bccaac
GET /images/core/emoji/14.0.0/svg/26a1.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 13:58:04 GMT
content-type: image/svg+xml
content-length: 451
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png?574
200 OK 758 B URL HTTP/2 cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png?574
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 417af1b73e64ae3f002952c5b65dbe45
b3f0a35ad3dd54970f9e28e5fcfb2686db0518c8
28d290a83e330f58f522249b50a1bb354fa61b75579a5e758dd40d2002763b58
GET /s/files/1/0070/3666/5911/files/Vector.png?574 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 13:58:04 GMT
content-type: image/webp
content-length: 758
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: b2e9e036-d6ba-48d2-8a55-a3eb55a79fa6
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 03:18:00 GMT
cf-cache-status: HIT
age: 17922573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1QAZk%2Fou7T%2FJ8wBi6lCKfiKIk7oWHBJsYRMpoRV5oPHhKi%2Ft1aNVEFCOF0oqo38ySkLfBineJ0xK9uHdxeWQBKREOYk94tDZZREuAbN6WtlJLC8444xa2ShQz7QnO2poA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=71.919, imageryFetch;dur=58.746, imageryProcess;dur=12.586;desc="image", cfRequestDuration;dur=25.000095
server: cloudflare
cf-ray: 7ab6b526c88d0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/07/logo.png
200 OK 16 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/logo.png
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 122 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 00d39b728c1f66c77e1e3044e11b10b5
c902b78a447feecc5b3194f02f0f709b8073e0d3
2e9e24040ff2b3fb0952f13f7bc0add0d6536579bc4d43c3b4b9206bcc2902ed
GET /wp-content/uploads/2022/07/logo.png HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Cookie: _ga_L2T885P65T=GS1.1.1679407086.1.0.1679407086.0.0.0; _ga=GA1.1.1565327937.1679407087; ic_pixel_ratio=1; _ga_EG503KT2TS=GS1.1.1679407087.1.0.1679407087.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Jul 2022 10:09:50 GMT
etag: "2b01fca-3f37-5e35c84f05cff"
accept-ranges: bytes
content-length: 16183
content-type: image/png
date: Tue, 21 Mar 2023 13:58:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 13:53:25 GMT
expires: Tue, 21 Mar 2023 15:53:25 GMT
cache-control: public, max-age=7200
age: 279
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/linkid.js
200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 13:43:09 GMT
expires: Tue, 21 Mar 2023 14:43:09 GMT
cache-control: public, max-age=3600
age: 895
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=1565327937.1679407087>m=45je33f0&aip=1&z=1016603402
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=1565327937.1679407087>m=45je33f0&aip=1&z=1016603402
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=1565327937.1679407087>m=45je33f0&aip=1&z=1016603402 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 13:58:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg
200 OK 1.5 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Hash d47fba708daa01fb50c946ececaa2937
17143436c4ff5649b611518852ac27dd34be6563
edb13cdd2ad2efd0287676aa15fe0545eae311e36e5397af403f49b3bd3fa931
GET /wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Cookie: _ga_L2T885P65T=GS1.1.1679407086.1.0.1679407086.0.0.0; _ga=GA1.1.1565327937.1679407087; ic_pixel_ratio=1; _ga_EG503KT2TS=GS1.1.1679407087.1.0.1679407087.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 07:21:15 GMT
etag: "2b00636-5b4-5e61a3e78dd28"
accept-ranges: bytes
content-length: 1460
content-type: image/jpeg
date: Tue, 21 Mar 2023 13:58:04 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg
200 OK 4.8 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Hash 9a8bfd34aaf5823e56afd251d7dede5a
929272d649057e9fc7408fa20c4cbf8e2033dff8
4a57340a0a687cff5bd3c2fcf76178cc13caccdf9e80ed8945e42502204dbabd
GET /wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/5a7bbee45a6caafad14cc309d1fd2e1b/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas
Cookie: _ga_L2T885P65T=GS1.1.1679407086.1.0.1679407086.0.0.0; _ga=GA1.1.1565327937.1679407087; ic_pixel_ratio=1; _ga_EG503KT2TS=GS1.1.1679407087.1.0.1679407087.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 07:21:15 GMT
etag: "2b00634-12c5-5e61a3e7873af"
accept-ranges: bytes
content-length: 4805
content-type: image/jpeg
date: Tue, 21 Mar 2023 13:58:04 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&gjid=1431310043&_gid=229793264.1679407088&_u=aCDAAUIgAAAAACAAI~&z=407184384
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&gjid=1431310043&_gid=229793264.1679407088&_u=aCDAAUIgAAAAACAAI~&z=407184384
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&gjid=1431310043&_gid=229793264.1679407088&_u=aCDAAUIgAAAAACAAI~&z=407184384 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.desonmarketing.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 13:58:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&_u=aCDAAUIgAAAAACAAI~&z=1173686827
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&_u=aCDAAUIgAAAAACAAI~&z=1173686827
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=1565327937.1679407087&jid=1024534270&_u=aCDAAUIgAAAAACAAI~&z=1173686827 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 13:58:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 13:58:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f642.svg
IP
GET /images/core/emoji/14.0.0/svg/1f642.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 13:58:04 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Niramit:400,700%7CKoHo:400,700&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Niramit:400,700%7CKoHo:400,700&display=swap
IP
GET /css?family=Niramit:400,700%7CKoHo:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 13:58:03 GMT
date: Tue, 21 Mar 2023 13:58:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?29537
200 OK 0 B URL HTTP/2 wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?29537
IP
GET /ShopifyWidget/shopifyWidget.js?29537 HTTP/1.1
Host: wati-integration-service.clare.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 13:58:04 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2023 10:27:39 GMT
etag: W/"1d950df71202bdd"
cf-cache-status: REVALIDATED
expires: Tue, 21 Mar 2023 17:58:04 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ab6b5257faa0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
68.178.145.205
104.18.28.4
23.36.76.226
23.227.60.200