r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b93010cbf31ba3ec785b4088e5d0f529
c0f1ab8a2aae3c445a8f24959a4eea433a345caf
2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9370
Expires: Fri, 31 Mar 2023 16:24:35 GMT
Date: Fri, 31 Mar 2023 13:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7234
Expires: Fri, 31 Mar 2023 15:48:59 GMT
Date: Fri, 31 Mar 2023 13:48:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Length, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 13:16:12 GMT
content-type: application/json
age: 1933
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3479
Expires: Fri, 31 Mar 2023 14:46:24 GMT
Date: Fri, 31 Mar 2023 13:48:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 74Dxj0ignzx/Y8EZ1+cf6rYtnC3S6q0xu5PKGJ6eVKaceJsMpXnDlmDAY8cYzdhpsS29PIS1uF8=
x-amz-request-id: 947BEMFQJAR70R4Q
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 13:12:11 GMT
age: 2174
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 13:48:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11331
Expires: Fri, 31 Mar 2023 16:57:17 GMT
Date: Fri, 31 Mar 2023 13:48:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Pragma, Backoff, Expires, Last-Modified, Content-Type, Alert, Retry-After, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 13:17:26 GMT
age: 1860
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lopmnkoh.com/sc/2737aa62209735c613a5f475cd52ac57/login.php
23.82.12.31302 Found 11 B URL HTTP/1.1 lopmnkoh.com/sc/2737aa62209735c613a5f475cd52ac57/login.php
IP 23.82.12.31:0
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Phishing
GET /sc/2737aa62209735c613a5f475cd52ac57/login.php HTTP/1.1
Host: lopmnkoh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 31 Mar 2023 13:48:25 GMT
location: http://ishku-wbq.com/zcvisitor/b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=d14b8690-51bd-11ed-8dac-0a918cbcbb97
server: nginx
set-cookie: sid=b5b42c12-cfca-11ed-b296-6ab5649c5501; path=/; domain=.lopmnkoh.com; expires=Wed, 18 Apr 2091 17:02:33 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0OBePYr/yNYrXwZbrmdrBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 27DmUcf+FbcRevqkC5mMzeizuIM=
Date: Fri, 31 Mar 2023 13:48:26 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ishku-wbq.com/zcvisitor/b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=d14b8690-51bd-11ed-8dac-0a918cbcbb97
3.92.171.111200 1.1 kB URL HTTP/1.1 ishku-wbq.com/zcvisitor/b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=d14b8690-51bd-11ed-8dac-0a918cbcbb97
IP 3.92.171.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 74604e44867aa2fd765d4b1264da3b2a
7a4114f3620b2f071add1c2e67dea10d7535a067
f1b89e814883db9154e9bfbad5681ee4a7d642f145c562bad04a9182f24843c0
Analyzer Verdict Alert fortinet Spam
GET /zcvisitor/b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=d14b8690-51bd-11ed-8dac-0a918cbcbb97 HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 31 Mar 2023 13:48:26 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: TjelniRv
ishku-wbq.com/zcredirect?visitid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
3.92.171.111200 758 B URL HTTP/1.1 ishku-wbq.com/zcredirect?visitid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 3.92.171.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (336)
Hash e3b93e8358eb1d0f43bfe1a4277c9949
5383b4daaaa49bd091d1dd762e27f32f906e6388
6dcc2044c6c401c872bb4998cee171a019851924a9495f4d5c6ddb40dbb2d110
GET /zcredirect?visitid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcvisitor/b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=d14b8690-51bd-11ed-8dac-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Fri, 31 Mar 2023 13:48:26 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: fYjgEVZp
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&caid=7e1dce5e-58ca-4f8d-8f8e-f4c47b4dab83&zpid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&cid=wgqg4ambd372d5mni73j1ffu&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&caid=7e1dce5e-58ca-4f8d-8f8e-f4c47b4dab83&zpid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&cid=wgqg4ambd372d5mni73j1ffu&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&caid=7e1dce5e-58ca-4f8d-8f8e-f4c47b4dab83&zpid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&cid=wgqg4ambd372d5mni73j1ffu&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ishku-wbq.com/
Cookie: cc-v4=%2BqwMx8k5mlVf8qe3BMbtPN4zfaDDNGcsj2NrKZg2Ff7%2Byg8zMkFL5oJVKWqRjpEPNrgAln0aBGiUvgzB2UMB8De%2FlW%2Bs8pWRZTQNqBUMBBoesNiyqsFo98WmXYduGlymlEGDgWxkZZ6VNKh91m7sIw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 31 Mar 2023 13:48:26 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://securedsmcd.com/smartlink/?a=52677&sm=110&co=52097&mt=7&s2=wgqg4ambd372d5mni73j1ffu
pragma: no-cache
set-cookie: cc-v4=dI%2FIoyBaQ3%2BI%2FTDN6W0CgND%2FaZxhGih9eiBemurkrXWnO3lb1DuxNdmCMLpRXEUA8NCDRD8pw5w7cuxT8mHSdy%2BBgLoenS%2Fmm4gfvTAXgmttsn9AzDSe5i%2Bm5wsZd1ZMz9eFV4AUK24KtfCSoRcEdQ%3D%3D; Max-Age=31536000; Expires=Sat, 30-Mar-2024 13:48:26 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ishku-wbq.com/favicon.ico
3.92.171.111404 653 B URL HTTP/1.1 ishku-wbq.com/favicon.ico
IP 3.92.171.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcredirect?visitid=b5b8e456-cfca-11ed-9a71-0aaa8eaa0e77&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Fri, 31 Mar 2023 13:48:27 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: hUiVHSqM
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash facbf0781698afcc9bf366e617439f9a
aa1df8caf9bb740d12b2a57298e1adbdf9d66d05
c5da3b57734a18d79a26d707fb5eee3da76b304826b3e50666cae745ea6190a4
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108925
Date: Fri, 31 Mar 2023 13:48:27 GMT
Etag: "6425ea7a-1d7"
Expires: Sat, 01 Apr 2023 20:03:52 GMT
Last-Modified: Thu, 30 Mar 2023 20:00:58 GMT
Server: ECAcc (dcb/7F33)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZkU23r9WwqTM_pFXd685fTVG-ekCeJg6K5Os1-wrBdQHzQxmoDf6ng==
Age: 174
code.jquery.com/jquery-3.6.0.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedsmcd.com
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 13:48:27 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680270507.dop229.sk1.t,1680270507.cds209.sk1.hn,1680270507.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a2b3390193472dbb248eabb72c3c9aa
ab9a9b782f42a8f16e4769ab49145747e0550b22
1b1c2573f926f8303d4a4c3a0d4db87910ab413b5d181791df6e1e5c146c9da5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B1C2573F926F8303D4A4C3A0D4DB87910AB413B5D181791DF6E1E5C146C9DA5"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Fri, 31 Mar 2023 14:10:48 GMT
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a2b3390193472dbb248eabb72c3c9aa
ab9a9b782f42a8f16e4769ab49145747e0550b22
1b1c2573f926f8303d4a4c3a0d4db87910ab413b5d181791df6e1e5c146c9da5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B1C2573F926F8303D4A4C3A0D4DB87910AB413B5D181791DF6E1E5C146C9DA5"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Fri, 31 Mar 2023 14:10:48 GMT
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a2b3390193472dbb248eabb72c3c9aa
ab9a9b782f42a8f16e4769ab49145747e0550b22
1b1c2573f926f8303d4a4c3a0d4db87910ab413b5d181791df6e1e5c146c9da5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B1C2573F926F8303D4A4C3A0D4DB87910AB413B5D181791DF6E1E5C146C9DA5"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Fri, 31 Mar 2023 14:10:48 GMT
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a2b3390193472dbb248eabb72c3c9aa
ab9a9b782f42a8f16e4769ab49145747e0550b22
1b1c2573f926f8303d4a4c3a0d4db87910ab413b5d181791df6e1e5c146c9da5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B1C2573F926F8303D4A4C3A0D4DB87910AB413B5D181791DF6E1E5C146C9DA5"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Fri, 31 Mar 2023 14:10:48 GMT
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.35200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 18:05:11 GMT
expires: Thu, 28 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
age: 157396
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a2b3390193472dbb248eabb72c3c9aa
ab9a9b782f42a8f16e4769ab49145747e0550b22
1b1c2573f926f8303d4a4c3a0d4db87910ab413b5d181791df6e1e5c146c9da5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B1C2573F926F8303D4A4C3A0D4DB87910AB413B5D181791DF6E1E5C146C9DA5"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1341
Expires: Fri, 31 Mar 2023 14:10:48 GMT
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.35200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 18:05:11 GMT
expires: Thu, 28 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
age: 157396
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bf29feb5d124115ffaf0b00e89ab0309
693d2ad3694d3171af6545ef4758855127b2e669
40c67d04ae6c3d13fd0a77cf0c804660a5498d0c24425162f8e21c86d9e85eb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/prod/push-subscriber.js
95.101.10.10200 OK 4.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-subscriber.js
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
Hash d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: ZYeyEUjVfozwVHu4cvD2yRWXyoEpdjgR_UyNsFpXUKnSHG4ckehEag==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 13:48:27 GMT
Content-Length: 4395
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 8232a07220278f530fd282ec89d534f5
56b938809c2fe3c24d2389ee2bb5970ea4b25823
d522d18bd60123e4321c02837b30b7f5f5fc70f72d32ac0bfcefd278e8862f0d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 13:48:27 GMT
Last-Modified: Fri, 31 Mar 2023 12:02:58 GMT
Server: ECAcc (nya/1C3C)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7XchH5jRALmTp0ckq_rs8k9b-PdNvBdNMxyrc2DtTyImFx_jJZab9w==
Age: 6330
cdn.smrt-assets.com/assets/1387/js/backoffer.js
95.101.10.10200 OK 660 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: Ct4gwLcTloBEVOXNAkPHVE_nt09klAc2VQmBXL2NgHnXp5GYhbW-rA==
Date: Fri, 31 Mar 2023 13:48:27 GMT
Connection: keep-alive
cdn.smrt-assets.com/prod/push-lang-config.js
95.101.10.10200 OK 2.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-lang-config.js
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Hash 86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: EyZZgpjeSVI5bZ65quK1ibmASd3k9YGFQNJJw86sflsz5sUolQ5lig==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 13:48:27 GMT
Content-Length: 2366
Connection: keep-alive
cdn.smrt-assets.com/assets/1822/css/main.css
95.101.10.10200 OK 2.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1822/css/main.css
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 411953469b0a9e8f0b6550f4dea2c818
9a0e1f0eb9f7b6c9c9fb7875b4cc1cd147c24657
30629fcbd365777a4383c8467ca905da7e8bab1ec81c16626b0288851c6182ec
GET /assets/1822/css/main.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 18 Oct 2021 09:00:11 GMT
ETag: "eac3e7e5cab4c729a0345ea8d8286b96"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P7
X-Amz-Cf-Id: mj_aiysoayzu706o9P3rtgDBVaObibl01M3I42Rwrv-5yZ2Q8qg_0g==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 13:48:27 GMT
Content-Length: 2221
Connection: keep-alive
cdn.smrt-assets.com/assets/1822/js/translate.js
95.101.10.10200 OK 18 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1822/js/translate.js
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a9c2be99f967c47cfb1fbec2f4ae9f7e
921b0cfff4483a336a87e8840e989248c6dd89eb
44fa44aa80e60ffd3372c6dd5d1bbf234fb48dd8118212120bc17738942d39ab
GET /assets/1822/js/translate.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 18 Oct 2021 09:09:58 GMT
ETag: "a1d6d5af3b1a2d56f82f449b5c734a83"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: XpnAUyJzHf5VFUQlfOQqkx1kWjCmkdDyfbeoT8JfyiP_WWtcei3LAg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 31 Mar 2023 13:48:27 GMT
Content-Length: 17929
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7117d0725779b203269d6c54c3ccedcf
24f4e806fd15c39484288a88c67117c918ce0829
ecfdfee4723c973d404d5e580a8cead357de755354328bfa40c1041350a76504
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP 142.250.74.106:0
Hash af423d3e701ee4aa9f7ce7c0a7f3bb29
9018333da231d52bf817fdc8537565520500e8c7
7014f8da03f229db082d085044bfc57e92e4ae80456a17631e16aabb9f176625
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 13:48:27 GMT
date: Fri, 31 Mar 2023 13:48:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://securedsmcd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:16 GMT
expires: Wed, 27 Mar 2024 10:31:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 271031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
142.250.74.168200 OK 49 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP 142.250.74.168:0
File type ASCII text, with very long lines (2274)
Hash 65e6b920276ba46f7305b24979227e48
612f39c11bf6fec3518cfccd6341b052cdf41f50
4e4d2296782b04d11266a0c3defce63607724e57bb991ef562e1e2b91e16d166
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Mar 2023 13:48:27 GMT
expires: Fri, 31 Mar 2023 13:48:27 GMT
cache-control: private, max-age=900
last-modified: Fri, 31 Mar 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48723
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 66d3c8a2dc7656b819dfe99dd74ef41b
9ac102973657c13264a7a17ad2e3ffc6f4d1f570
23346d5aae2c9440f6a6d9c1d366003dfaefd1cc83212ce033bfdc30e5054cc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7491
Expires: Fri, 31 Mar 2023 15:53:19 GMT
Date: Fri, 31 Mar 2023 13:48:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7491
Expires: Fri, 31 Mar 2023 15:53:19 GMT
Date: Fri, 31 Mar 2023 13:48:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7491
Expires: Fri, 31 Mar 2023 15:53:19 GMT
Date: Fri, 31 Mar 2023 13:48:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jktkwc3JLU31AY5B5pC5JTjPGARjflqoJRZiD6IpF5-10IO6UNlH_Q==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:33 GMT
age: 57715
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:49:08 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 57560
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:36 GMT
age: 57712
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 49016
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 57665
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: JMvV8caOiRMRcDrT78aodKrihx7EcnIjnvOfbFIptyCxV-PB0_zfuA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 04:19:18 GMT
age: 34150
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 584480c63797467606206de19aaa81c3
965c276522632a0c333f8c8ea6abad2b061339f8
b22fbfd44bcb206e6307ad8ece7987474909fe91285a657f34a88de4ee5f9efd
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 13:48:28 GMT
Last-Modified: Fri, 31 Mar 2023 13:25:26 GMT
Server: ECAcc (bsa/EAF6)
X-Cache: Miss from cloudfront
Via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0ZeoRZsA3aArupEN_eBdG11-8KlYu2JLp7fSoJpOzS4UVO2xs8AONw==
Age: 1382
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
136.243.69.157200 OK 35 B URL HTTP/2 tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 13:48:28 GMT
content-type: text/plain; charset=utf-8
content-length: 35
pragma: no-cache
expires: 0
vary: *
x-api-version: 1
x-request-id: 5ac28db1793cb985
set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sat, 30 Mar 2024 13:48:28 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
securedsmcd.com/smartlink/?a=52677&sm=110&co=52097&mt=7&s2=wgqg4ambd372d5mni73j1ffu
52.48.186.34200 OK 5.8 kB URL HTTP/2 securedsmcd.com/smartlink/?a=52677&sm=110&co=52097&mt=7&s2=wgqg4ambd372d5mni73j1ffu
IP 52.48.186.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- C source text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1971), with CRLF, LF line terminators
Hash db51b1abb62003916f8a87b83cc27613
f9ed4ccba4953953708a06c6cfe5f115f615d454
b0f24489384b798a280323ea3a45aa5eb808e2c90d5c83d7751d2865c1739f57
GET /smartlink/?a=52677&sm=110&co=52097&mt=7&s2=wgqg4ambd372d5mni73j1ffu HTTP/1.1
Host: securedsmcd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ishku-wbq.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 13:48:27 GMT
content-type: text/html;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
set-cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BILduoTPPwYzAabnV8N2EFRU=; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/
gdm_uid_v2_1_001=YgE1zqPN1lFqSGo7/89L1PqPmiYhEZ235rHYokEbbgj/iCYjlJVd/EyqxYX6aLM6; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5SAFkb46Abq2Ix+6hIpFU4U=; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5SAFkb46Abq2Ix+6hIpFU4U=; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BILduoTPPwYzAabnV8N2EFRU=; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=YgE1zqPN1lFqSGo7/89L1PqPmiYhEZ235rHYokEbbgj/iCYjlJVd/EyqxYX6aLM6; Domain=.securedsmcd.com; Expires=Thu, 29-Jun-2023 13:48:27 GMT; Path=/
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVkc21jZC5jb20vc21hcnRsaW5rLz9hPTUyNjc3JnNtPTExMCZjbz01MjA5NyZtdD03JnMyPXdncWc0YW1iZDM3MmQ1bW5pNzNqMWZmdQ==
34.203.86.43204 No Content 0 B URL HTTP/2 guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVkc21jZC5jb20vc21hcnRsaW5rLz9hPTUyNjc3JnNtPTExMCZjbz01MjA5NyZtdD03JnMyPXdncWc0YW1iZDM3MmQ1bW5pNzNqMWZmdQ==
IP 34.203.86.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /color?x=1&forScheme=aHR0cHM6Ly9zZWN1cmVkc21jZC5jb20vc21hcnRsaW5rLz9hPTUyNjc3JnNtPTExMCZjbz01MjA5NyZtdD03JnMyPXdncWc0YW1iZDM3MmQ1bW5pNzNqMWZmdQ== HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedsmcd.com
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 31 Mar 2023 13:48:28 GMT
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 12:05:11 GMT
expires: Fri, 31 Mar 2023 14:05:11 GMT
cache-control: public, max-age=7200
age: 6197
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securedsmcd.com/service-worker.js
52.48.186.34200 OK 5.6 kB URL HTTP/2 securedsmcd.com/service-worker.js
IP 52.48.186.34:0
Hash 455cae198ddd1f1c517361fba3ee0c0d
ebcbac2a46dd9c97115412683567c66c0a8708b4
f36b6607d32574688813efa5728cfbf159baf5d36bf02f46907dc403a51a34d1
Analyzer Verdict Alert fortinet Phishing
GET /service-worker.js HTTP/1.1
Host: securedsmcd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BILduoTPPwYzAabnV8N2EFRU=; gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_uid_v2_1_001=YgE1zqPN1lFqSGo7/89L1PqPmiYhEZ235rHYokEbbgj/iCYjlJVd/EyqxYX6aLM6; v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5SAFkb46Abq2Ix+6hIpFU4U=; v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5SAFkb46Abq2Ix+6hIpFU4U=; gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BILduoTPPwYzAabnV8N2EFRU=; gdm_uid_v1_1_001=YgE1zqPN1lFqSGo7/89L1PqPmiYhEZ235rHYokEbbgj/iCYjlJVd/EyqxYX6aLM6; _ga_C3EPRPS8FB=GS1.1.1680270507.1.0.1680270507.0.0.0; _ga=GA1.1.2132821927.1680270508
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 13:48:28 GMT
content-type: text/javascript;charset=utf-8
server: nginx
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.smrt-assets.com/assets/1373/other/favicon.ico
95.101.10.10200 OK 1.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1373/other/favicon.ico
IP 95.101.10.10:0
ASN #20940 Akamai International B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /assets/1373/other/favicon.ico HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: hRGwTMWM9126KynU_hBy09kCvTZ65FQe2UvG17pu3CCa6ZCk7SC7Iw==
Date: Fri, 31 Mar 2023 13:48:28 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179148962-2&cid=2132821927.1680270508&jid=614838027&gjid=296055675&_gid=671847655.1680270508&_u=YADAAEAAAAAAACAAI~&z=1907969349
64.233.161.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179148962-2&cid=2132821927.1680270508&jid=614838027&gjid=296055675&_gid=671847655.1680270508&_u=YADAAEAAAAAAACAAI~&z=1907969349
IP 64.233.161.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-179148962-2&cid=2132821927.1680270508&jid=614838027&gjid=296055675&_gid=671847655.1680270508&_u=YADAAEAAAAAAACAAI~&z=1907969349 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://securedsmcd.com
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://securedsmcd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 31 Mar 2023 13:48:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7ea999a491ab4009f8658e78af2bfb94
f0cbd3d48c9081acfdeb53adf55135dba5bbe08b
d159c0baaa0869f3e69e16ea482178e6184d68cb6f5ae8a6156955488fd415fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 13:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.trafficjunky.com/js/mp.min.js
205.185.208.79200 OK 3.6 kB URL HTTP/2 static.trafficjunky.com/js/mp.min.js
IP 205.185.208.79:0
File type ASCII text, with very long lines (10690), with no line terminators
Hash 044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 13:48:28 GMT
etag: "1652721327"
cache-control: max-age=31536000
content-encoding: gzip
content-length: 3628
content-type: application/javascript
last-modified: Mon, 16 May 2022 17:15:27 GMT
accept-ranges: bytes
x-hw: 1680270508.dop219.sk1.t,1680270508.cds071.sk1.hn,1680270508.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=45je33t0&_p=206923997&cid=2132821927.1680270508&ul=en-us&sr=1280x1024&_s=1&sid=1680270507&sct=1&seg=0&dl=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&dr=http%3A%2F%2Fishku-wbq.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=45je33t0&_p=206923997&cid=2132821927.1680270508&ul=en-us&sr=1280x1024&_s=1&sid=1680270507&sct=1&seg=0&dl=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&dr=http%3A%2F%2Fishku-wbq.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C3EPRPS8FB>m=45je33t0&_p=206923997&cid=2132821927.1680270508&ul=en-us&sr=1280x1024&_s=1&sid=1680270507&sct=1&seg=0&dl=https%3A%2F%2Fsecuredsmcd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26co%3D52097%26mt%3D7%26s2%3Dwgqg4ambd372d5mni73j1ffu&dr=http%3A%2F%2Fishku-wbq.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://securedsmcd.com
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://securedsmcd.com
date: Fri, 31 Mar 2023 13:48:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: AdbJgoCBGJGvjP53lBj3_GWyuRF8O_fgNTPPEjUmFmyRxMQl2pgTzw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:54:29 GMT
age: 57245
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
34.230.226.146200 OK 0 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP 34.230.226.146:0
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://securedsmcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 13:48:27 GMT
server: nginx
X-Firefox-Spdy: h2