r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14899
Expires: Tue, 21 Mar 2023 11:29:14 GMT
Date: Tue, 21 Mar 2023 07:20:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8378
Expires: Tue, 21 Mar 2023 09:40:33 GMT
Date: Tue, 21 Mar 2023 07:20:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 07:14:57 GMT
content-type: application/json
age: 358
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9686
Expires: Tue, 21 Mar 2023 10:02:21 GMT
Date: Tue, 21 Mar 2023 07:20:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W1Gi1ZhJhQNWsw0JQcq/GPCwx3gu7gsf8G16Vwjv22jwagk0bYWYGOX8N0Ed2Hk2y9iH3U0WEgE=
x-amz-request-id: Q9TW2CQ66E4DY2T5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 06:59:01 GMT
age: 1314
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:20:55 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 07:17:22 GMT
age: 213
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8368
Expires: Tue, 21 Mar 2023 09:40:23 GMT
Date: Tue, 21 Mar 2023 07:20:55 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.90.146101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.90.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Rrb+lMMCL5Tg3blPUwKgbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AuSXTtcKt6wxK1mxXewR/CrgfDk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:20:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:20:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8503
Expires: Tue, 21 Mar 2023 09:42:39 GMT
Date: Tue, 21 Mar 2023 07:20:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59df3b8c484422b14b057fddfd99beb3
d7347bcac5fc585b802d9be262c9536d0f72a498
c05014345e897447f7bdcc3b7d267137bbf76758e8fecfbabcb20d09889769f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faacc3f97-56a5-4bb4-802f-dc4b529c41d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: e51ff988-1417-4d22-8540-82914428fdcd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFaIHZ8IAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b5da-744c064c55ad8d3401855d0f;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:12:26 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: FsFKERMeCkoD4DFnD-sjKYiRB8izHSQszlkxg7L7jaBgGy4ASvpkkQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:27:59 GMT
age: 31977
etag: "d7347bcac5fc585b802d9be262c9536d0f72a498"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 32255
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: a-jsgTjZQKzBK_IFEYlrxbjpk6zou_7vbQe4ptwA1IOtUdlqDG2uWA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:24:07 GMT
age: 32209
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83b411d866428669d03b1976161389e7
7ea69307d21876d48217e4845204c7cc84db101e
461a26b9fcda639f3935a9355cbe12f49a17e4eb754281fa9468317ec40eccce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8c30d472-b18d-4143-87bb-ee8773cd5f78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9160
x-amzn-requestid: 8f8a7d81-ac5e-4992-a0cf-95b3c9791bc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEW3qFRnIAMFZBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641804fd-64acec7844b88457144b35ce;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:02:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: nXc8T4YB4Rfq6CIt6rCUV94uQ61TMPabrrHpBOX74N0wFhlk0BNRjA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:44:58 GMT
etag: "7ea69307d21876d48217e4845204c7cc84db101e"
content-type: image/jpeg
age: 84958
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0e2bcb0494bb5b0434a6b8c5276de8ff
33642ec68ca683dae156e15ee7449f8fecbfcd80
6921a091b2b19492a76cf3723b72c6966cb85751cabebbe2056a167994425414
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0a9c92d-c90f-4b6f-9e1b-2627c3abfa38.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8599
x-amzn-requestid: f213c7c9-3dd9-4d20-8c46-742c3650dcfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGXKZFD6oAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d242-592c030e6760816b2d4f01f9;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: Ny4CqRzNVdxjmFQCGaiGS8QzYENhsLMUaOjm-GcmQk-mdUJirBCi8g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:02:12 GMT
age: 33524
etag: "33642ec68ca683dae156e15ee7449f8fecbfcd80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gnFLBOJmRcgsHzy_KXjzE6LwwN4CSqz99pIhYMBx8xrHa8UO6O0kJA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 07:30:20 GMT
age: 85836
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
68.178.145.205301 Moved Permanently 0 B URL HTTP/1.1 www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 07:20:55 GMT
Server: Apache
X-Powered-By: PHP/7.4.33
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
68.178.145.205404 Not Found 13 kB URL HTTP/2 www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9458), with CRLF, LF line terminators
Hash f1bea73915208f2eb73ffcb9b7620bbf
a402537f84c21178a27a3b3d25979ece122aa7c9
3ec7808de19ae084a1d7e27e5573e5de078ac7759fe79d02cc4d8b2af24be42c
GET /edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.desonmarketing.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 13251
content-type: text/html; charset=UTF-8
date: Tue, 21 Mar 2023 07:20:57 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-216472247-1
142.250.74.40200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-216472247-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 672001f08d7ef0bf73592a1577148ce9
ab89bbe6284edf7634a7c5a7b90b250f4731367f
75b1ca998bcf38c9826964f32c82556e266546a4e88a32d2b3b710f7ce5430a8
GET /gtag/js?id=UA-216472247-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:20:58 GMT
expires: Tue, 21 Mar 2023 07:20:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3ac4671deeca3302950bd5fce7f4ce3f
62b5d0c548949ee8d932231fcd01196cefc896aa
e4adf52f426f89cbc5a61507b21d33c817e5b8cee1e2709fe3ffecc1ec0c8731
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-L2T885P65T&l=dataLayer&cx=c
142.250.74.40200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-L2T885P65T&l=dataLayer&cx=c
IP 142.250.74.40:0
File type ASCII text, with very long lines (26280)
Hash 8dbac341eda762469cea88780de5d5b7
d5dc8caa7288ffdb330d6b4877c400eda2715483
63df0a692c63a077dfd8af73276c5073b4f42d7389578b64b6752476fc33fabf
GET /gtag/js?id=G-L2T885P65T&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 07:20:58 GMT
expires: Tue, 21 Mar 2023 07:20:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css
68.178.145.205200 OK 2.0 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16660), with no line terminators
Hash 3d77315220c2695186d0c38b130a317b
7c39102e26ac5a5615a4d78b071b78fa3b6df094
6583a9a4d01c395a203ef7353bfec1d1b3d2d34dad3bf784eb4f188aa773e42b
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/prime-slider-site.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 12:53:21 GMT
etag: "2a81261-4114-5f3cb2a8adce6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1983
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/css/classic-themes.min.css
68.178.145.205200 OK 145 B URL HTTP/2 www.desonmarketing.com/wp-includes/css/classic-themes.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2dfb9ddeabe846b150087876ceb22a74
c9e3350631e53855d04d6dce360a675c84b3131d
26ef5cb63a695419cf11c79a759b46c5568df3716e4f1d36e7612b3695d5b554
GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:04 GMT
etag: "29407b1-d9-5f675b361cb1f-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 145
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/css/styles.css
68.178.145.205200 OK 879 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 6da9864e51fba7e819c278cb98869a55
4a8abaa90be86c8a629f643a01abcb7c1c8675ca
46d12de1bc39267f799b942db720ed3055ca34746acba12677d41f883a1649d6
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962852-b2b-5f5d11661ac46-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 879
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css
68.178.145.205200 OK 385 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1183), with no line terminators
Hash 83fb85485301789bbea1ba534ae9b953
7e4f21455512bdee65111e4055f82b5528f7968c
ab506f0ea01bd50aca8084edd9ac92c57107e493ab33901c31560e1033fe86b3
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a7-49f-5f39ea6bbe229-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 385
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css
68.178.145.205200 OK 710 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 55f54acf9014728d332362e0a9c86736
1e2f580fe4472cf059371afc079922aee036b97b
360ef6a44f59a4e505b49a89b78e7c1dc577814e86d85fcb02e15869109cf0bc
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/slick-theme.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a9-bcb-5f39ea6bbf999-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 710
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/css/dist/block-library/style.min.css
68.178.145.205200 OK 12 kB URL HTTP/2 www.desonmarketing.com/wp-includes/css/dist/block-library/style.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (47826)
Hash 5e3752655a7a33c049db06c0edf386e6
573c51b0de413f30a220c9261506635f9daf2b81
d6571c641370e9bb83b25b5a493fca6ae3109ae384f7a8a9507ccdfb9067627d
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:04 GMT
etag: "2940bdc-172a9-5f675b361f618-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11590
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css
68.178.145.205200 OK 14 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 86169a1d91b641778ae5f182fa4e37d3
378911b57d06b7c98cec70fea9a1f9091a8349ba
ad6083a0a26ab4a1d48baeff893a574ceb5860ea31c49caee4310d0d417daed8
GET /wp-content/plugins/bdthemes-prime-slider-lite/assets/css/bdt-uikit.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 12:53:20 GMT
etag: "2a8108e-160c8-5f3cb2a84c646-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13827
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css
68.178.145.205200 OK 9.2 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash cd0e2d8dc5ca83a5fdd0f8cd72c5fced
216a7d7376ba89eefd300421d355ee8746af55ee
f3f47e1e6230c7633308d367cba3bde5776468fbb7de3954c0072ea2e01d5fd1
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/css/imagehover.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604a8-17b7a-5f39ea6bbe229-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 9169
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/style.css
68.178.145.205200 OK 13 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/style.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (847)
Hash ea18972fa8cc5ba34a3ad82adf0f5797
6c2c27a941ecfb250d0ae174e031940e0477758f
25245c64389fe34276c389bda697cc4497acca3fe766edc698ca81deedf90c84
GET /wp-content/themes/elementare/style.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 05 Jul 2022 16:13:08 GMT
etag: "29818f4-10765-5e31120cfed00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13118
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css
68.178.145.205200 OK 15 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 22eff1a59c403bf0285f7e35b629bdb1
06e797f9db3e339195828c7f9383bee2d96c2f6b
69fde95b4bec6d34e0a20e2e5595c426c2290d6bc721aea97677401634f519fd
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/css/exad-styles.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604c0-1d610-5f39ea6c20c51-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 14569
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js
68.178.145.205200 OK 2.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7796), with no line terminators
Hash 5bb7864eb5c1df04cc0e5155fa6d3ba2
0784e27d33b5d84e86c4162120645f7bf18fdf18
aa0c052473a6c9ba3d242aae44535c43463a04637c246e9360feb3236581e11a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-compress-image-optimizer/assets/js/optimizer.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 10:05:46 GMT
etag: "4382ce9-1e74-5ee0c50d6f0c9-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2091
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
68.178.145.205200 OK 2.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (10565), with no line terminators
Hash 7798717735ba8ccb8b11a9650e81f6e6
84c6a9d5d32905b98960d9dc9d111e48d486d311
fd6d9e22b1d26c2e6974198e43fd5aeb1ac03bab50c5bfcc7e12f07c74ec98fc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962872-2945-5f5d11661bfce-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2909
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
68.178.145.205200 OK 3.0 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1577)
Hash c42db5fc087004f61b1fd52f2fa6589a
d315714e57e1b83e3851a3261bcb6f3a8f8aedbd
47bec89c01cd4cc1e52ab92fcd1d1f50d73342d368064fd693a619e8072d4f93
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 14 Mar 2023 23:18:25 GMT
etag: "29629bd-2e7a-5f6e471c43a14-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3018
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/jquery-migrate.min.js
68.178.145.205200 OK 4.0 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2940d94-2bd8-5b45debe27b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3998
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js
68.178.145.205200 OK 41 B URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash faa0d9bf9223de717808e9ad68d53780
6c3f1a3bc3f5e3720caea8b1175c3b4db613d5cb
d9d9c497b64dae215faa480b40b4d6885e351691ecd64272fec0bc406ec7517d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:02 GMT
etag: "51e1618-28-5f39eceba22a3-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 41
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/05/cropped-logo-2.png
68.178.145.205200 OK 3.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/05/cropped-logo-2.png
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 123 x 67, 8-bit/color RGBA, non-interlaced\012- data
Hash 0696532598d621e9e8a8800d39281ed7
936845bd2336d6afd59258f93a9b2bfd4d91ef18
c353fab1514f14bb7804df4eba370dbe95926dd33ebf7c407a92c3873f85c688
GET /wp-content/uploads/2022/05/cropped-logo-2.png HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:18:07 GMT
etag: "2b0146a-e9d-5e048bc6bc5c0"
accept-ranges: bytes
content-length: 3741
content-type: image/png
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/wp-emoji-release.min.js
68.178.145.205200 OK 4.6 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/wp-emoji-release.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash a0083d25b89ea80ecd2393db9f865d62
24eaf2df7c722fb13f2b5bf77ada5ee446720c25
f7533cb93f2efbb9e3bccfa9ff4036a2cafa7dd1bd4d66bea4833306b321e957
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 02:34:47 GMT
etag: "2940e98-48b9-5dfcceaabbfc0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4614
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/navigation.min.js
68.178.145.205200 OK 548 B URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/navigation.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1600), with no line terminators
Hash 54c3c4b477efe9184912bcf8a3c2b56e
98fc8d961cee354cc69375f5dae3d510d5245430
2c1f9af74076184b0208f8f36b57fb351b83d62aadda41b81fcb00eaf0c6d940
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/navigation.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b0143e-640-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 548
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js
68.178.145.205200 OK 5.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 485c2926bba877535aad6b250e296df9
1f13af0e05c0dc5594f0aeba3eba11d81063b60b
d17e044629d1eda633d96b367288264de58e873b4f9cb4d24593cb91d9baa352
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/vendor/js/jquery.sticky-sidebar.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604b2-69d8-5f39ea6bbfd81-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5721
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css
68.178.145.205200 OK 2.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30283), with no line terminators
Hash 566814cbd901e0baeb47e9c7c2984725
3d249fdec7c41f9ebace1220a9e477e4f3e49fc5
d5c1b72d04bd09bcceae25c7acda6f2990cb123079a9a53fcbdae3cfb1614af3
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e0531-764b-5f39eceb3f87b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2853
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/jquery.elementare.min.js
68.178.145.205200 OK 2.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/jquery.elementare.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (8410), with no line terminators
Hash fc89b04f91bd3bd41b143f171cd25078
7772e3847198c463321c5a1e301f591b8c913014
da508b7108558c31c5d4a3fd8bf3be7340ce123014e39ac492e6767b828abea0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/jquery.elementare.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b01438-20da-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2068
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/ui/effect.min.js
68.178.145.205200 OK 6.3 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/ui/effect.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15446)
Hash 4db72c82fa1efb60d9d0683e5badea0d
2def58195185d31247edb51f619977c015e58801
77787e06fe13578369b4bd7e8a243fc5208206c7c9a623fae570f9c659612787
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/effect.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:06 GMT
etag: "2940dd9-43ba-5f675b381da50-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6309
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/themes/elementare/js/SmoothScroll.min.js
68.178.145.205200 OK 3.1 kB URL HTTP/2 www.desonmarketing.com/wp-content/themes/elementare/js/SmoothScroll.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7460), with CRLF line terminators
Hash 507dde147ba4af77079f41badb000d0b
78f506a949414885fbdbbd244e74f4e40de35964
761c3905da42e7bcc1582a771d1a2eb81cedb8888e06ca6eba333f9e96594d1c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/elementare/js/SmoothScroll.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 31 May 2022 06:09:51 GMT
etag: "2b01434-1d5b-5e0489edb69c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3068
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/js/index.js
68.178.145.205200 OK 3.9 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (12948), with no line terminators
Hash dd85612159cd3549697facaaade675d3
1e6e72883df7d0b34740871ddf5f3feb26979a22
924c6d67ddbdf10e479028097b55e2708fa3f8ff512b5d94f2d09810774bdfc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:36 GMT
etag: "2962876-3294-5f5d11661c3b6-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3925
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js
68.178.145.205200 OK 5.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (26483), with no line terminators
Hash 568182d58b138a1a15e6f2cf1a798350
81b330ec2ddb2cdd3768e8b6264d89479346d6aa
67b65c3cfa119a461bac9e9dd132e4388cb266b6d6184910631fd0f9febabb20
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/exclusive-addons-for-elementor/assets/js/exad-scripts.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:46:51 GMT
etag: "4e604cc-6773-5f39ea6c21039-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5719
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
68.178.145.205200 OK 6.7 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (30837)
Hash 3bca42e5004726d89ebdea033d8ae93f
629b1195ec0fa24286d5d6a06fe319c139a4872f
1f3dde16a1674c2dcc2af76809687ed4ab30a42c4a3097fb6d53b6115fbd294b
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:23 GMT
etag: "29623b7-7917-5f5d115a9118d-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6662
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css
68.178.145.205200 OK 12 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Hash 04867b525721f29784a8db37523bb6b6
cd35ca50f09c1413d90a7ac1ba836c0d069ff10c
70c0252aee1d57f00114338ea931d1416ce5ea74ff18a32024d6d1a645bf4756
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:02 GMT
etag: "51e168c-1e7a5-5f39eceba6cdb-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11745
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-includes/js/jquery/jquery.min.js
68.178.145.205200 OK 30 kB URL HTTP/2 www.desonmarketing.com/wp-includes/js/jquery/jquery.min.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash fb1aea2f7ce09f9d2e290d73d57defdf
62d40e64c8aeff20834868816d20d6a645fd2565
367cc15d582c7056695a307c1ef9b32a9e4810c16e33f27eac05909a1f57d4b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 09 Mar 2023 11:11:07 GMT
etag: "2940d9c-15e54-5f675b3881800-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30350
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js
68.178.145.205200 OK 35 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (45047)
Hash a765d13162a57de5870cb94dde7c5faa
39dd785cbd35b28db3b842c5553bba7c1d9a98d1
a556acd95d9cc463d1ba71bd1547aa47bf10622a0c7a068f71571b641d04bf30
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e053a-2193f-5f39eceb4004b-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 34945
content-type: application/javascript
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css
68.178.145.205200 OK 47 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash c8dc6b6c19c4e9f1c9eee2724d0d0e99
0ea0084b21212c6a6d87b422bb5234ff362a93e6
be237f2272217d0b5837e7a046cb4a6df06a2c2f3d195179e48dba8145f48145
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Feb 2023 07:58:01 GMT
etag: "51e0535-6d86e-5f39eceb3fc63-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 46589
content-type: text/css
date: Tue, 21 Mar 2023 07:20:58 GMT
server: Apache
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=30770521&cid=863347617.1679383261&ul=en-us&sr=1280x1024&_s=1&sid=1679383260&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2Fb39c3d14eaed928d26681783212ad909%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas%2Floginpsettings%2Fguest-email-din_com&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=30770521&cid=863347617.1679383261&ul=en-us&sr=1280x1024&_s=1&sid=1679383260&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2Fb39c3d14eaed928d26681783212ad909%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas%2Floginpsettings%2Fguest-email-din_com&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-L2T885P65T>m=45je33f0&_p=30770521&cid=863347617.1679383261&ul=en-us&sr=1280x1024&_s=1&sid=1679383260&sct=1&seg=0&dl=https%3A%2F%2Fwww.desonmarketing.com%2Fedu%2FlinkedinVerify%2Fb39c3d14eaed928d26681783212ad909%2Fsingle.php%3Fcbcxt%3Dmai%26ct%3D1504448382%26id%3D64855%26lc%3D1033%26mkt%3Den-us%26rpsnv%3D13%26rver%3D6.7.6643.0%26uas%2Floginpsettings%2Fguest-email-din_com&dt=Page%20Not%20Found%20-%20Tata%20Tiscon%2C%20Tata%20Tiscon%20Dealer%2C%20Tata%20Pravesh%2C%20Tata%20Colours%20Dealer%2C%20Deson%20Marketing.&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.desonmarketing.com
date: Tue, 21 Mar 2023 07:20:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12264, version 1.0\012- data
Hash 392c1284fb4d2a415e68ed385400ef31
612d49a20ddcf8a5192c5dc3a84093a7565265d5
71b275cf770fc22290fc17ff30ac170908e40c03a682218600f5fef533af02a0
GET /s/koho/v16/K2F-fZ5fmddNNi4UfQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Mar 2023 17:43:29 GMT
expires: Mon, 18 Mar 2024 17:43:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:38:54 GMT
content-type: font/woff2
age: 135450
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/26a1.svg
192.0.77.48200 OK 451 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/26a1.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (451), with no line terminators
Hash bcca43b1c7aa91d47f62962ce2422ae1
6bd13c3ba629e5f79d9ddf15cc79b7dc34729638
d3a6d0c18f6887f771aa3cd51db375e7a9588e1af63801cc100cd9bcc5bccaac
GET /images/core/emoji/14.0.0/svg/26a1.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 07:20:59 GMT
content-type: image/svg+xml
content-length: 451
last-modified: Tue, 12 Apr 2022 03:53:44 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c26dba42c0d5a8ae943ac677b38929ea
21c68777a8249158f53f6f1bbf33d12769146cec
a890859401ea2f9079622841f24a700215fcab7fe291d0b1f581e675ae130342
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png?574
23.227.60.200200 OK 758 B URL HTTP/2 cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png?574
IP 23.227.60.200:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type RIFF (little-endian) data, Web/P image\012- data
Hash 417af1b73e64ae3f002952c5b65dbe45
b3f0a35ad3dd54970f9e28e5fcfb2686db0518c8
28d290a83e330f58f522249b50a1bb354fa61b75579a5e758dd40d2002763b58
GET /s/files/1/0070/3666/5911/files/Vector.png?574 HTTP/1.1
Host: cdn.shopify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:20:59 GMT
content-type: image/webp
content-length: 758
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0070/3666/5911/files/Vector.png>; rel="canonical"
timing-allow-origin: *
vary: Accept, Accept-Encoding
x-content-type-options: nosniff
x-request-id: b2e9e036-d6ba-48d2-8a55-a3eb55a79fa6
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,us-central1
last-modified: Fri, 26 Aug 2022 03:18:00 GMT
cf-cache-status: HIT
age: 17898748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csol068rRJvnrYRnH6y7F0Xh7eBhh%2BBsldMPT7zooEBSjkIamsLbRWjf%2BPwuLYKNQzDwMpbR7jmSKK%2BK%2BB9IDP%2BRwpR2CrXoO1iMzrMXC9hwr%2FoGwKBCIBjl36Qrds9goQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: imagery;dur=71.919, imageryFetch;dur=58.746, imageryProcess;dur=12.586;desc="image", cfRequestDuration;dur=35.999775
server: cloudflare
cf-ray: 7ab46f7a8e86b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
68.178.145.205200 OK 77 kB URL HTTP/2 www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.desonmarketing.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css
Cookie: _ga_L2T885P65T=GS1.1.1679383260.1.0.1679383260.0.0.0; _ga=GA1.1.863347617.1679383261; ic_pixel_ratio=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 01 Mar 2023 06:47:23 GMT
etag: "29623ca-12d68-5f5d115a9e096"
accept-ranges: bytes
content-length: 77160
vary: Accept-Encoding
content-type: font/woff2
date: Tue, 21 Mar 2023 07:20:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/07/logo.png
68.178.145.205200 OK 16 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/logo.png
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 122 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 00d39b728c1f66c77e1e3044e11b10b5
c902b78a447feecc5b3194f02f0f709b8073e0d3
2e9e24040ff2b3fb0952f13f7bc0add0d6536579bc4d43c3b4b9206bcc2902ed
GET /wp-content/uploads/2022/07/logo.png HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Cookie: _ga_L2T885P65T=GS1.1.1679383260.1.0.1679383260.0.0.0; _ga=GA1.1.863347617.1679383261; ic_pixel_ratio=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Jul 2022 10:09:50 GMT
etag: "2b01fca-3f37-5e35c84f05cff"
accept-ranges: bytes
content-length: 16183
content-type: image/png
date: Tue, 21 Mar 2023 07:20:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 06:12:29 GMT
expires: Tue, 21 Mar 2023 08:12:29 GMT
cache-control: public, max-age=7200
age: 4110
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.78200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 06:42:34 GMT
expires: Tue, 21 Mar 2023 07:42:34 GMT
cache-control: public, max-age=3600
age: 2305
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=863347617.1679383261>m=45je33f0&aip=1&z=1696802905
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=863347617.1679383261>m=45je33f0&aip=1&z=1696802905
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EG503KT2TS&cid=863347617.1679383261>m=45je33f0&aip=1&z=1696802905 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:20:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg
68.178.145.205200 OK 4.8 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 192x192, components 3\012- data
Hash 9a8bfd34aaf5823e56afd251d7dede5a
929272d649057e9fc7408fa20c4cbf8e2033dff8
4a57340a0a687cff5bd3c2fcf76178cc13caccdf9e80ed8945e42502204dbabd
GET /wp-content/uploads/2022/07/cropped-fav-1-192x192.jpg HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Cookie: _ga_L2T885P65T=GS1.1.1679383260.1.0.1679383260.0.0.0; _ga=GA1.1.863347617.1679383261; ic_pixel_ratio=1; _ga_EG503KT2TS=GS1.1.1679383261.1.0.1679383261.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 07:21:15 GMT
etag: "2b00634-12c5-5e61a3e7873af"
accept-ranges: bytes
content-length: 4805
content-type: image/jpeg
date: Tue, 21 Mar 2023 07:20:59 GMT
server: Apache
X-Firefox-Spdy: h2
www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg
68.178.145.205200 OK 1.5 kB URL HTTP/2 www.desonmarketing.com/wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg
IP 68.178.145.205:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Hash d47fba708daa01fb50c946ececaa2937
17143436c4ff5649b611518852ac27dd34be6563
edb13cdd2ad2efd0287676aa15fe0545eae311e36e5397af403f49b3bd3fa931
GET /wp-content/uploads/2022/07/cropped-fav-1-32x32.jpg HTTP/1.1
Host: www.desonmarketing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/edu/linkedinVerify/b39c3d14eaed928d26681783212ad909/single.php?cbcxt=mai&ct=1504448382&id=64855&lc=1033&mkt=en-us&rpsnv=13&rver=6.7.6643.0&uas/loginpsettings/guest-email-din_com
Cookie: _ga_L2T885P65T=GS1.1.1679383260.1.0.1679383260.0.0.0; _ga=GA1.1.863347617.1679383261; ic_pixel_ratio=1; _ga_EG503KT2TS=GS1.1.1679383261.1.0.1679383261.60.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Aug 2022 07:21:15 GMT
etag: "2b00636-5b4-5e61a3e78dd28"
accept-ranges: bytes
content-length: 1460
content-type: image/jpeg
date: Tue, 21 Mar 2023 07:20:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&gjid=413440184&_gid=1116740136.1679383262&_u=aCDAAUIgAAAAACAAI~&z=811141547
64.233.162.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&gjid=413440184&_gid=1116740136.1679383262&_u=aCDAAUIgAAAAACAAI~&z=811141547
IP 64.233.162.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&gjid=413440184&_gid=1116740136.1679383262&_u=aCDAAUIgAAAAACAAI~&z=811141547 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.desonmarketing.com
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.desonmarketing.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 07:20:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&_u=aCDAAUIgAAAAACAAI~&z=2078337146
216.58.211.4200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&_u=aCDAAUIgAAAAACAAI~&z=2078337146
IP 216.58.211.4:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-216472247-1&cid=863347617.1679383261&jid=1379671115&_u=aCDAAUIgAAAAACAAI~&z=2078337146 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 07:20:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 07:20:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97a37cecfd90072794d657e2074620cb
34c456db4f8b0bd7e3affe31a7cf02e4596a8188
889d4f26715418088c8747251ee068dfdb5c8d5024b1d43862012cb31acf9650
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13522
x-amzn-requestid: d39593de-64b8-44f6-9160-7aa61c26ed88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E-YoAMFm4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-7ad0b7e7747de71b5f751226;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: n5pAxSJ1BcrVBZmoxXkR4iYCHzev2j58oxPB75xwGbHI3Uyu-svmsw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:43 GMT
age: 34520
etag: "34c456db4f8b0bd7e3affe31a7cf02e4596a8188"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?29537
104.18.28.4200 OK 0 B URL HTTP/2 wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?29537
IP 104.18.28.4:0
GET /ShopifyWidget/shopifyWidget.js?29537 HTTP/1.1
Host: wati-integration-service.clare.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 21 Mar 2023 07:20:59 GMT
content-type: application/javascript
last-modified: Tue, 07 Mar 2023 10:27:39 GMT
etag: W/"1d950df71202bdd"
cf-cache-status: HIT
age: 2744
expires: Tue, 21 Mar 2023 11:20:59 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ab46f79d8510b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Niramit:400,700%7CKoHo:400,700&display=swap
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Niramit:400,700%7CKoHo:400,700&display=swap
IP 142.250.74.138:0
GET /css?family=Niramit:400,700%7CKoHo:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.desonmarketing.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 21 Mar 2023 07:20:58 GMT
date: Tue, 21 Mar 2023 07:20:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2