urlquery - report: cgltreeservices.com/bossss/?entity=1073444

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
smarttag.rubiconproject.com (1)	10660	No data	No data	213.19.162.21
connect.facebook.net (1)	139	2012-05-22 02:51:28 UTC	2020-02-17 13:26:09 UTC	157.240.200.14
login.comcast.net (1)	187724	2012-07-19 18:52:07 UTC	2020-05-01 21:09:25 UTC	76.96.69.84
cgltreeservices.com (41)	0	2021-02-19 03:53:03 UTC	2022-12-05 19:55:07 UTC	108.167.141.129	Unknown ranking
staticxx.facebook.com (3)	13631	2018-06-15 20:48:04 UTC	2020-05-04 07:59:52 UTC	157.240.200.14
ocsp.comodoca.com (1)	1696	2012-05-21 07:01:17 UTC	2021-12-08 16:29:47 UTC	104.18.32.68
ocsp.digicert.com (6)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
z.moatads.com (1)	374	2014-02-11 16:19:47 UTC	2020-02-15 21:59:06 UTC	23.38.201.146
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
serviceo.comcast.net (2)	305710	2012-05-24 13:32:38 UTC	2020-05-03 23:52:14 UTC	13.36.218.177
r3.o.lencr.org (7)	344	No data	No data	95.101.11.115
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	34.218.164.174
vast.rubiconproject.com (4)	0	No data	No data	213.19.162.31	Domain (rubiconproject.com) ranked at: 4832
pixel.quantserve.com (1)	417	2018-12-15 05:23:00 UTC	2020-04-25 05:46:00 UTC	91.228.74.206
www.facebook.com (1)	99	2012-05-21 00:23:41 UTC	2021-06-08 06:38:51 UTC	31.13.72.36
status.geotrust.com (2)	3662	2018-06-23 22:14:44 UTC	2020-01-21 11:48:52 UTC	93.184.220.29
us-ads.openx.net (1)	433609	2012-06-02 13:26:50 UTC	2022-12-06 03:35:31 UTC	35.244.159.8
optimized-by.rubiconproject.com (4)	3992	2012-07-31 01:02:10 UTC	2020-01-20 00:50:38 UTC	3.74.171.125
dpm.demdex.net (1)	204	2018-07-06 04:53:56 UTC	2020-04-29 23:04:31 UTC	54.170.10.162
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-12-05 04:09:09 UTC	34.102.187.140
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-05 04:09:48 UTC	34.117.237.239
ads.rubiconproject.com (1)	2626	2012-05-30 19:51:38 UTC	2020-04-12 07:33:42 UTC	2.21.206.244
secure-assets.rubiconproject.com (1)	1057	2012-05-30 19:51:39 UTC	2019-04-29 14:08:03 UTC	2.21.206.244
fast.comcastathena.demdex.net (1)	0	No data	No data	23.33.119.16	Domain (demdex.net) ranked at: 5815
rtax.criteo.com (1)	24191	2012-05-29 06:45:10 UTC	2020-02-21 18:34:27 UTC	178.250.0.166
comcastathena.demdex.net (1)	38236	2018-06-13 18:02:53 UTC	2018-07-05 22:46:05 UTC	54.72.53.159

Scan Date	Severity	Indicator	Comment
2022-12-05	2	cgltreeservices.com/bossss/?entity=1073444	Comcast Corporation

Scan Date	Severity	Indicator	Comment
2022-12-06	2	cgltreeservices.com/bossss/?entity=1073444	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/data.json	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/1203273213x32.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/11648.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/150582-15.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/150582-10.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/1647526060x32.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/asc.txt	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/moatad_002.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/event	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/moatad.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/omniture_visId.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/rta.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/all.js	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/segments.js	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLigh (...)	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLigh (...)	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/dest5.htm	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf	Phishing
2022-12-06	2	cgltreeservices.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf	Phishing
2022-12-06	2	cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/jquery-1.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-01-28 18:15:14 +0000	0 - 0 - 34	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129
2023-01-08 11:13:57 +0000	0 - 0 - 2	ptcruz.com/	108.167.141.129
2023-01-07 05:29:34 +0000	0 - 0 - 37	cgltreeservices.com/comsx	108.167.141.129
2023-01-06 07:50:31 +0000	0 - 0 - 34	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129
2022-12-08 18:35:26 +0000	0 - 0 - 71	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129

Date	UQ / IDS / BL	URL	IP
2023-02-05 07:13:15 +0000	0 - 0 - 2	mail.estartupchallenge-egabon.org/web/Jorange (...)	108.179.242.163
2023-02-05 06:59:28 +0000	0 - 5 - 0	gaydiscounts.net/__media__/js/netsoltrademark (...)	192.254.225.222
2023-02-05 06:58:57 +0000	4 - 0 - 3	www.spottherare.com/vendor/Spotify/Dashboard/ (...)	162.240.0.136
2023-02-05 06:52:52 +0000	0 - 30 - 0	avyvliyh4.tk/	142.4.5.138
2023-02-05 06:46:05 +0000	0 - 0 - 3	americansuniteagainstfracking.com/	69.49.244.168

Date	UQ / IDS / BL	URL	IP
2023-01-28 18:15:14 +0000	0 - 0 - 34	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129
2023-01-07 05:29:34 +0000	0 - 0 - 37	cgltreeservices.com/comsx	108.167.141.129
2023-01-06 07:50:31 +0000	0 - 0 - 34	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129
2022-12-08 18:35:26 +0000	0 - 0 - 71	cgltreeservices.com/comsx/?entity=1073444	108.167.141.129
2022-12-06 12:45:51 +0000	0 - 0 - 36	cgltreeservices.com/bossss/?entity=1073444	108.167.141.129

Date	UQ / IDS / BL	URL	IP
2023-02-04 17:13:30 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2016753d (...)	188.93.63.73
2023-02-04 17:13:18 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2016753d (...)	188.93.63.73
2023-02-04 17:05:54 +0000	0 - 2 - 0	lrxdmhrr.biz/rugcgombisejfom	169.50.13.61
2023-02-04 17:05:29 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2017195d (...)	188.93.63.73
2023-02-04 17:00:27 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2015872d (...)	188.93.63.73

HTTP Transactions (94)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4577 Expires: Tue, 06 Dec 2022 11:15:21 GMT Date: Tue, 06 Dec 2022 09:59:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4022 Cache-Control: max-age=92357 Date: Tue, 06 Dec 2022 09:59:04 GMT Etag: "638dc877-1d7" Expires: Wed, 07 Dec 2022 11:38:21 GMT Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee088fab9b287e174cfd1f2c735a909f Sha1: 25c3335b514a36ad1a24d00413d60c3d394f5161 Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16362 Expires: Tue, 06 Dec 2022 14:31:46 GMT Date: Tue, 06 Dec 2022 09:59:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 06 Dec 2022 09:20:23 GMT cache-control: public,max-age=3600 age: 2321 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: TZswYYE/CvnDofIShgUv1S9ECSf5hFLh2Gym7QiHdnlrCfyimtzLxtffDDl9M/AXlKe+HHsHdxo= x-amz-request-id: 5BH9Y6F75D48N7VC content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 06 Dec 2022 09:47:03 GMT age: 721 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 09:59:04 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /bossss/?entity=1073444 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/?entity=1073444 FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 393e784229e9e51ee9a0deabe8213c6407e1cbc146cc35b2c46ee36458c38786 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: nginx/1.21.6 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: none Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168) Size: 12476 Md5: c3efe83741a31102819cb5bfbc70a164 Sha1: f175bc04b9c902e4ad394955aeaec1a6947672d3 Sha256: 393e784229e9e51ee9a0deabe8213c6407e1cbc146cc35b2c46ee36458c38786 Alerts: Blocklists: - openphish: Comcast Corporation - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 06 Dec 2022 09:11:20 GMT cache-control: public,max-age=3600 age: 2864 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /bossss/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/json Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 295 --- Additional Info --- Magic: ASCII text Size: 295 Md5: c4e699111d8c5ee41a03610b94ff02d5 Sha1: 7b4ec667ab9d73b69d752931fa675eca988ac1be Sha256: f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: b0e765e63a6d5c24e7197c491bae8ea2193d93a2c085b9b72ff5bfa4a5edc0d1 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (50848), with no line terminators Size: 19094 Md5: 049b3d8d779e070847174a63fbdbea8b Sha1: 750f842ebbf752faf947c87ec57979d25a21b882 Sha256: b0e765e63a6d5c24e7197c491bae8ea2193d93a2c085b9b72ff5bfa4a5edc0d1
GET /bossss/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 8210268d9c4641543fffbd2394c23a7585408a90e94fcc58f84e6ae4b568936d 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 772 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403) Size: 772 Md5: 7c2c39d578f8a54322d2f1084bf458db Sha1: b9da3c835240b6217ced4d7f8d792de9faafea74 Sha256: 8210268d9c4641543fffbd2394c23a7585408a90e94fcc58f84e6ae4b568936d Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 867f02cd87490f12f458ec91eb03ba6f23f94c585c26746a2b60937b3fa3bbd3 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8455 --- Additional Info --- Magic: HTML document text\012- C source, ASCII text, with very long lines (25399) Size: 8455 Md5: c540292a1c3d83602949e4f4af9272cd Sha1: 2695d7e1ae9dd40ab88d9e7a45cc8a8930623e74 Sha256: 867f02cd87490f12f458ec91eb03ba6f23f94c585c26746a2b60937b3fa3bbd3 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: da8f696dae05fbc2ecf74b9dcb6aadb94d1bcd7192ffe2d4528c825d43a52193 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1382 --- Additional Info --- Magic: HTML document text\012- exported SGML document, ASCII text, with very long lines (2808) Size: 1382 Md5: 1247a38a9cdacf0e00ed543c62127fe5 Sha1: 940c71c36b5a0f6bee39a4f89555b43f7dd668cd Sha256: da8f696dae05fbc2ecf74b9dcb6aadb94d1bcd7192ffe2d4528c825d43a52193 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: a5bb938bc07b3bf08ae755ba4494f285c7684fef6c0dc9349e7d52f2366ad88e 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 477 --- Additional Info --- Magic: HTML document text\012- exported SGML document, ASCII text, with very long lines (728) Size: 477 Md5: daef3004cc94546e9cd07c793db655a6 Sha1: 286c98c28b3e7a628f8a5eb28134c13f58e1f779 Sha256: a5bb938bc07b3bf08ae755ba4494f285c7684fef6c0dc9349e7d52f2366ad88e Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ce02fcf5ec2a7c9caa9aeed72f1fbdd4581a4745da89c9dfba7e84137dcd96a6 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 556 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433) Size: 556 Md5: fe32fbe869ac4a88f764abd1bc438cf1 Sha1: b1b4f1a0581746de7a45e1f0663220da83d02af1 Sha256: ce02fcf5ec2a7c9caa9aeed72f1fbdd4581a4745da89c9dfba7e84137dcd96a6 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4001 Cache-Control: max-age=87269 Date: Tue, 06 Dec 2022 09:59:04 GMT Etag: "638db4ac-1d7" Expires: Wed, 07 Dec 2022 10:13:33 GMT Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2b9d6a686aa3c4ea24568425e43a5221 Sha1: d53bb4c9579bd1db78a0520619e888aec79f750f Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
GET /bossss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 4294186559939218bf8494573b4dce94cc722bb52f54756832bef1423d873a37 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1698 --- Additional Info --- Magic: ASCII text, with very long lines (3906), with no line terminators Size: 1698 Md5: 0b5a2ee34ecb1141a47f9d569ff54893 Sha1: a7685dbc86190a3d8161bab891ad4489a493e21f Sha256: 4294186559939218bf8494573b4dce94cc722bb52f54756832bef1423d873a37 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/plain Date: Tue, 06 Dec 2022 09:59:06 GMT Server: nginx/1.21.6 Content-Length: 17 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with no line terminators Size: 17 Md5: 92ecce91e58ca501e89410701805ffd2 Sha1: fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803 Sha256: af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 72384 Md5: 72378a0eda9ae895d3b9a85b18998c75 Sha1: e78c8b727ab8e4cdb38cd1a43e694cc72942da04 Sha256: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/event HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24 108.167.141.129 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 09:59:06 GMT Server: nginx/1.21.6 Content-Length: 191 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with no line terminators Size: 191 Md5: 2d5d169b7afabb783f8994c576f005cb Sha1: d3c1f326303b3cd98f892a5ab28cea82222d058b Sha256: 384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 5AEzDyUFkzYqEceOOKlMnA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.218.164.174 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.218.164.174 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: LY8t8yGOGa/CzlxvRLWct+xlwRk= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bossss/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 72384 Md5: 72378a0eda9ae895d3b9a85b18998c75 Sha1: e78c8b727ab8e4cdb38cd1a43e694cc72942da04 Sha256: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 6fff922e860e02fb4bc322b3807ab5e37dd8079072929c2b233c3ae9cdd21d8f 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8409 --- Additional Info --- Magic: ASCII text, with very long lines (815), with CRLF line terminators Size: 8409 Md5: 79940589e33f37f68f9a80ce5e13c037 Sha1: d7572fb9ef61134c9cb335a6db3740468b93b36f Sha256: 6fff922e860e02fb4bc322b3807ab5e37dd8079072929c2b233c3ae9cdd21d8f Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 74d0b37d1cccb61abb1678b181b5784501b488f6f65c8b2989a28d108f78c6a0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (707), with CRLF line terminators Size: 36160 Md5: 993f685dda3ba38c62260c5c7f690057 Sha1: 9a9673bc1c0f6d516e2e8da1acdd86ebcb89f803 Sha256: 74d0b37d1cccb61abb1678b181b5784501b488f6f65c8b2989a28d108f78c6a0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 3ee657e09030047c5792c02cf0f206708cfd3f33aa98b0ccf28cd9c4b098f610 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 159 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with no line terminators Size: 159 Md5: a66a008566af0e3807b90760012863c2 Sha1: e09466fb3c0b0d2b94f6233b54321d179903eb17 Sha256: 3ee657e09030047c5792c02cf0f206708cfd3f33aa98b0ccf28cd9c4b098f610 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: af710747fdaf30a7775f1915817fad217a2a1e64ae09ba719da243abf6ee67f4 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (18053) Size: 81701 Md5: d3c16f63bb394161ab950761946097c7 Sha1: e2db8104260b5e9574af432bb5162072ccf9e774 Sha256: af710747fdaf30a7775f1915817fad217a2a1e64ae09ba719da243abf6ee67f4 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 39 --- Additional Info --- Magic: ASCII text Size: 39 Md5: 9c5453ce3943ebf709c68c4358907916 Sha1: 25c057fa107fca0917c7dca9f432cdce93ce2316 Sha256: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 42 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /bossss/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 3091 --- Additional Info --- Magic: PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data Size: 3091 Md5: be19bc645a5d70db58e4317fb1f7f791 Sha1: 8c38f471f3e6d17af148acaab219db7e3e4a8d23 Sha256: 6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /bossss/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 35514 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data Size: 35514 Md5: a98fbe346dd7c66a4ca5f1f77aa75e44 Sha1: ee1c12063d821ba884efe2afedd6cab81c825363 Sha256: de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d
GET /bossss/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 42 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /comcastapn56341864860/moatad.js HTTP/1.1 Host: z.moatads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: z.moatads.com/comcastapn56341864860/moatad.js FQDN: z.moatads.com IP: 23.38.201.146 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.38.201.146 HTTP/2 200 OK content-type: application/x-javascript x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw= x-amz-request-id: CA2DQ7A5WM2MGH3Y last-modified: Mon, 11 May 2020 15:59:42 GMT etag: "d41d8cd98f00b204e9800998ecf8427e" accept-ranges: bytes server: AmazonS3 content-length: 0 cache-control: max-age=31488 date: Tue, 06 Dec 2022 09:59:05 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.geotrust.com/ FQDN: status.geotrust.com IP: 93.184.220.29 HASH: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6217 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:05 GMT Last-Modified: Tue, 06 Dec 2022 08:15:28 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6a1b976735685cee0e12b8edd836ea44 Sha1: d0caa3fedecb3adce697d8dcad78fb70f4e0fe9f Sha256: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /w/1.0/jstag HTTP/1.1 Host: us-ads.openx.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: us-ads.openx.net/w/1.0/jstag FQDN: us-ads.openx.net IP: 35.244.159.8 HASH: c7912dd203837530845da50cfec5daf435a99eb4c6ade95a7c6d41a55605cbb4 35.244.159.8 HTTP/2 200 OK content-type: text/javascript vary: Accept-Encoding server: OXGW/0.0.0 p3p: CP="CUR ADM OUR NOR STA NID" expires: Tue, 06 Dec 2022 10:59:05 GMT date: Tue, 06 Dec 2022 09:59:05 GMT content-length: 18071 content-encoding: gzip cache-control: max-age=3600 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (12594) Size: 18071 Md5: ca86d365471cdc0fdbbdcf961803eb48 Sha1: ce7f84533218cd78c2d81527b3dc5c1945bcf3b7 Sha256: c7912dd203837530845da50cfec5daf435a99eb4c6ade95a7c6d41a55605cbb4
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.geotrust.com/ FQDN: status.geotrust.com IP: 93.184.220.29 HASH: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6217 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:05 GMT Last-Modified: Tue, 06 Dec 2022 08:15:28 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6a1b976735685cee0e12b8edd836ea44 Sha1: d0caa3fedecb3adce697d8dcad78fb70f4e0fe9f Sha256: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /a/11648/36314/150582-10.js?&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-10 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:05 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f1269-4385d93436d4ce010b144c5d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UG5Q-23-8K2N; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qpuP10wWc85gO9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 7bdda9f1de292e7e006306b2d85c9cb1 Sha1: 36a60514a49f5f2d58deb949fdf037ed29a067cc Sha256: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-10 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-037f277e1f1d2e300297c500 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UG8A-4-EQ82; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qoxvDJ1+CxEnu9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 7bdda9f1de292e7e006306b2d85c9cb1 Sha1: 36a60514a49f5f2d58deb949fdf037ed29a067cc Sha256: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /ad/11648.js HTTP/1.1 Host: ads.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ads.rubiconproject.com/ad/11648.js FQDN: ads.rubiconproject.com IP: 2.21.206.244 HASH: 69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa 2.21.206.244 HTTP/2 200 OK content-type: text/javascript server: Apache x-powered-by: PHP/5.3.3 content-encoding: gzip content-length: 8946 cache-control: max-age=12439 expires: Tue, 06 Dec 2022 13:26:25 GMT date: Tue, 06 Dec 2022 09:59:06 GMT vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (26545) Size: 8946 Md5: 5aecf12e8c3cb1d14458bc71c6b8cf0c Sha1: b0cedce6e8165041981ba59a9b7277053a37ba89 Sha256: 69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6d14a5d3df707015be4ca6e368b8cf5dd32aeb408d34aeaf09c3c0f2deedf844 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3860 Cache-Control: max-age=144731 Date: Tue, 06 Dec 2022 09:59:06 GMT Etag: "638e95b1-1d7" Expires: Thu, 08 Dec 2022 02:11:17 GMT Last-Modified: Tue, 06 Dec 2022 01:06:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b7894571eb7d4837e1dee13aaacac990 Sha1: 486b9d79414f9eb33b76b0b423982b351c6a110f Sha256: 6d14a5d3df707015be4ca6e368b8cf5dd32aeb408d34aeaf09c3c0f2deedf844
GET /a/11648/36314/150582-15.js?&cb=0.09370195725039776&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1 Host: smarttag.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: smarttag.rubiconproject.com/a/11648/36314/150582-15.js? (...) FQDN: smarttag.rubiconproject.com IP: 213.19.162.21 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.21 HTTP/2 200 OK content-type: text/javascript server: nginx/1.21.4 date: Tue, 06 Dec 2022 09:59:06 GMT cache-control: no-cache, no-store, max-age=0, must-revalidate expires: Wed, 17 Sep 1975 21:32:10 GMT pragma: no-cache vary: Accept-Encoding set-cookie: khaos=LBC1UGEQ-25-AQDX; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qrliVj5xbZ8cO9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length: 147 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /a/11648/36314/150582-15.js?&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-15 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-40e5747a7a6ff39326a72892 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5790 x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSvoEoUoAMFsxg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:46:52 GMT age: 43934 etag: "1f25392db4cf3693259202b24e898f21093b8bf9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5790 Md5: 18bbcbf84b00d3bc602830478ff1bd7f Sha1: 1f25392db4cf3693259202b24e898f21093b8bf9 Sha256: cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10183 x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUDYEQbIAMFwRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:47:14 GMT age: 43912 etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10183 Md5: 99d1ff8fa2e095dcf2bda3d1e1af1221 Sha1: f914f04a0e1fb45a221d31d2105bfc73015b03e6 Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4827 x-amzn-requestid: 9091cc45-8fb1-4b07-8ef9-3f42b85fb81e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSuYH_KIAMFpMQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64c2-6bf3bf8659ef3feb27c1803f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fxdYE-ftBwC_0KcBJBQqvUbVXM54TmsKR8QXIfLIhdLYsqtaxdx9tg== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:26 GMT age: 41800 etag: "0f1c7567b89cc3de60196e47e37879296359bc78" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4827 Md5: 73b9f329cd3a39d0756de62dd5f190b7 Sha1: 0f1c7567b89cc3de60196e47e37879296359bc78 Sha256: e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10594 x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSyIHpGoAMF1fw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:03:16 GMT age: 42950 etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10594 Md5: 7e1b54923ba506fde6b21c5bfb51ccc8 Sha1: 366aa3ab0790c496ea51bc08d1f2ff3358530d9e Sha256: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12293 x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSyGHPOIAMFYqw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:29:38 GMT age: 41368 etag: "9a26884875abb0652c568c50438b65f801779f9a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12293 Md5: 53afd826523f4c18bf968764818d7ca7 Sha1: 9a26884875abb0652c568c50438b65f801779f9a Sha256: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:23:09 GMT age: 41757 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UGH6-10-99B5; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|SDziDG3X/EjbucnZjE4Zgu9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-15 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-54731f217741047916856eed User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UGJ1-V-LKV3; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qoHzIKf8+GpNe9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3ba0c6659d7753189961c649bc889e6823a77dd64400e13cd74aca5fc90e2704 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3463 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:06 GMT Last-Modified: Tue, 06 Dec 2022 09:01:23 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a020f64fea80cefdee3833231b62ed32 Sha1: 934f5206a482c5c02f4ed31717b7de4d7a4d5105 Sha256: 3ba0c6659d7753189961c649bc889e6823a77dd64400e13cd74aca5fc90e2704
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1 Host: pixel.quantserve.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux4 (...) FQDN: pixel.quantserve.com IP: 91.228.74.206 HASH: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a 91.228.74.206 HTTP/2 200 OK content-type: application/x-javascript date: Tue, 06 Dec 2022 09:59:06 GMT content-length: 39 cache-control: private, no-transform, must-revalidate, max-age=86400 expires: Wed, 07 Dec 2022 09:59:06 GMT p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" set-cookie: mc=638f126a-acbeb-cedf7-2bf46; expires=Sat, 06-Jan-2024 09:59:06 GMT; path=/; domain=.quantserve.com X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 39 Md5: 9c5453ce3943ebf709c68c4358907916 Sha1: 25c057fa107fca0917c7dca9f432cdce93ce2316 Sha256: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1 Host: serviceo.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131 (...) FQDN: serviceo.comcast.net IP: 13.36.218.177 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.36.218.177 HTTP/1.1 302 Found content-type: text/plain;charset=utf-8 access-control-allow-origin: * vary: Origin date: Tue, 06 Dec 2022 09:59:06 GMT expires: Mon, 05 Dec 2022 09:59:06 GMT last-modified: Wed, 07 Dec 2022 09:59:06 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_vi=[CS]v1\|31C789353B9FE884-40000711294619F4[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 05 Dec 2024 09:59:59 GMT; location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&pccr=true&vidn=31C789353B9FE884-40000711294619F4&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 content-length: 0 cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/fb-logo-29.png HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/images/fb-logo-29.png FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 462 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&pccr=true&vidn=31C789353B9FE884-40000711294619F4&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1 Host: serviceo.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131 (...) FQDN: serviceo.comcast.net IP: 13.36.218.177 HASH: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 13.36.218.177 HTTP/1.1 200 OK content-type: image/gif;charset=utf-8 access-control-allow-origin: * date: Tue, 06 Dec 2022 09:59:06 GMT expires: Mon, 05 Dec 2022 09:59:06 GMT last-modified: Wed, 07 Dec 2022 09:59:06 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_vi=[CS]v1\|31C7893503C12570-40001772894A5845[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 05 Dec 2024 09:59:59 GMT; etag: 3586986489013141504-4619804204704880708 vary: * content-length: 43 cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 2 x 2\012- data Size: 43 Md5: ad480fd0732d0f6f1a8b06359e3a42bb Sha1: a544538683a2dfe574eeb2e358ac8fcc78289d50 Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444 Cookie: OX_sd=1; OX_plg=pm Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 686657c40c7df232e408c1bb2ee85b6d7bdb256581ecd22686d23bd178befc9a 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 16871 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: false --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators Size: 16871 Md5: 9922458cb6254769b56591dbc1dc09fe Sha1: 9e5e45878fd2024b41bc47dcb59a096fb65bc65d Sha256: 686657c40c7df232e408c1bb2ee85b6d7bdb256581ecd22686d23bd178befc9a Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444 Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ac3af5d86b1b86bed0c272d4bee25d13f4993322fce9906018c299a764365d6b 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: false Content-Length: 4199 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators Size: 4199 Md5: bca5675fe990e0cf10ada92892b4469b Sha1: fe22bdb21a46264c5d41dd0a032f26cfcd9314bf Sha256: ac3af5d86b1b86bed0c272d4bee25d13f4993322fce9906018c299a764365d6b Alerts: Blocklists: - fortinet: Phishing
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.200.14 HTTP/1.1 301 Moved Permanently Content-Type: text/plain Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 Server: proxygen-bolt Date: Tue, 06 Dec 2022 09:59:07 GMT Connection: keep-alive Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3514 Cache-Control: max-age=105504 Date: Tue, 06 Dec 2022 09:59:07 GMT Etag: "638dfdd1-1d7" Expires: Wed, 07 Dec 2022 15:17:31 GMT Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a179b3b6ab78e29169af8cc2363d6280 Sha1: 501cd2871c5b70c56852c6cd0c87f383504ca933 Sha256: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 157.240.200.14 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-opener-policy: same-origin-allow-popups x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 strict-transport-security: max-age=15552000; preload x-fb-debug: 4zCgIkiR3r345Ofx2xoxMf+GVw59SRiFnBRFEZrDOw10AYKRuKEQE9oamVsnrO65t+PGsh2Ph04a9JUm5FKvGA== content-length: 9 x-fb-trip-id: 1679558926 date: Tue, 06 Dec 2022 09:59:07 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: 9d1ead73e678fa2f51a70a933b0bf017 Sha1: d205cbd6783332a212c5ae92d73c77178c2d2f28 Sha256: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3514 Cache-Control: max-age=105504 Date: Tue, 06 Dec 2022 09:59:07 GMT Etag: "638dfdd1-1d7" Expires: Wed, 07 Dec 2022 15:17:31 GMT Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a179b3b6ab78e29169af8cc2363d6280 Sha1: 501cd2871c5b70c56852c6cd0c87f383504ca933 Sha256: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://cgltreeservices.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 157.240.200.14 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-opener-policy: same-origin-allow-popups x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 strict-transport-security: max-age=15552000; preload x-fb-debug: R1nKnNMLL06m94etrmO2VufrGjsxolLtRvEKg5JqPb2flk5Vknb7sxlPtEUMQfG3Ipxwan8HUaOe9pofUFGMzw== content-length: 9 x-fb-trip-id: 1679558926 date: Tue, 06 Dec 2022 09:59:07 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: 9d1ead73e678fa2f51a70a933b0bf017 Sha1: d205cbd6783332a212c5ae92d73c77178c2d2f28 Sha256: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/psa/blank/1x1.png HTTP/1.1 Host: secure-assets.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: secure-assets.rubiconproject.com/static/psa/blank/1x1.png FQDN: secure-assets.rubiconproject.com IP: 2.21.206.244 HASH: 172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7 2.21.206.244 HTTP/2 200 OK content-type: image/png server: Apache last-modified: Tue, 01 Oct 2019 16:53:58 GMT accept-ranges: bytes content-encoding: gzip unused62: 8096267 content-length: 155 date: Tue, 06 Dec 2022 09:59:07 GMT vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Size: 155 Md5: 0fed6b76619acefb38a43867d5fbbd65 Sha1: b4881fe00376089907ce39fb43398fe2b9d55b8a Sha256: 172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /en_US/all.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: connect.facebook.net/en_US/all.js FQDN: connect.facebook.net IP: 157.240.200.14 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.200.14 HTTP/1.1 301 Moved Permanently Content-Type: text/plain Location: https://connect.facebook.net/en_US/all.js Server: proxygen-bolt Date: Tue, 06 Dec 2022 09:59:07 GMT Connection: keep-alive Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=88649387466&varName=crtg_content HTTP/1.1 Host: rtax.criteo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieNa (...) FQDN: rtax.criteo.com IP: 178.250.0.166 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 178.250.0.166 HTTP/1.1 204 No Content server: nginx/1.20.1 date: Tue, 06 Dec 2022 09:59:07 GMT strict-transport-security: max-age=31536000; preload; --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2 (...) FQDN: dpm.demdex.net IP: 54.170.10.162 HASH: e26ed3a5228d1bc7984bd3ec5eb2717793d26314180ef8bc9dccba799ec8c4a9 54.170.10.162 HTTP/1.1 200 OK Content-Type: application/javascript;charset=utf-8 Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 2 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=83115032145783221531960445016253317958; Max-Age=15552000; Expires=Sun, 04 Jun 2023 09:59:07 GMT; Path=/; Domain=.demdex.net X-TID: 2u1kMmQLSnI= Content-Length: 689 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with very long lines (1652), with no line terminators Size: 689 Md5: 2eb0020fc0e9a7e736d114b91c63e2fa Sha1: 3e0f13639e4b9eab8dc6ca319397d89e2f47eb29 Sha256: e26ed3a5228d1bc7984bd3ec5eb2717793d26314180ef8bc9dccba799ec8c4a9
GET /event?d_mid=83458936266698363721999053362717893115&d_nsid=1&d_ld=_ts%3D1670320746853&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1670320746853&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbossss%2F%2F%3Asign%20in&c_eVar1=%2Fbossss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbossss%2F HTTP/1.1 Host: comcastathena.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: comcastathena.demdex.net/event?d_mid=834589362666983637 (...) FQDN: comcastathena.demdex.net IP: 54.72.53.159 HASH: f441cb4b6ac2c4dad07e0590da8dcbb0ec4355543b72c20fe8e30c2a87c5c9a8 54.72.53.159 HTTP/1.1 200 OK Content-Type: application/javascript;charset=utf-8 Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 4 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=83115032145783221531960445016253317958; Max-Age=15552000; Expires=Sun, 04 Jun 2023 09:59:07 GMT; Path=/; Domain=.demdex.net X-TID: eBsQg1PqSPM= Content-Length: 150 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with no line terminators Size: 150 Md5: 20e0a8aedb4e525c741fb3112426ac56 Sha1: f98ce8a3b126e27201873828c958f54ec67e2145 Sha256: f441cb4b6ac2c4dad07e0590da8dcbb0ec4355543b72c20fe8e30c2a87c5c9a8
GET /dest5.html?d_nsid=undefined HTTP/1.1 Host: fast.comcastathena.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1	URL: fast.comcastathena.demdex.net/dest5.html?d_nsid=undefined FQDN: fast.comcastathena.demdex.net IP: 23.33.119.16 HASH: 80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd 23.33.119.16 HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238" Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT Server: AkamaiNetStorage Vary: Accept-Encoding Content-Encoding: gzip Cache-Control: max-age=21600 Date: Tue, 06 Dec 2022 09:59:07 GMT Content-Length: 2785 Connection: keep-alive P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550) Size: 2785 Md5: b8a1b21bd0651935d53a7bff0c2479d6 Sha1: 31527c952669b6d1d06c537eb50c9043f576e607 Sha256: 80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd
POST / HTTP/1.1 Host: ocsp.comodoca.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.comodoca.com/ FQDN: ocsp.comodoca.com IP: 104.18.32.68 HASH: 7027399aeffa4204f19fd7744f3bdab382613096c0845adc60282b62801c064e 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 09:59:08 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 10:07:33 GMT Expires: Mon, 12 Dec 2022 10:07:32 GMT Etag: "3948927f98e2938fb38eb761eb834d20b848d048" Cache-Control: max-age=602281,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 77542ac49d590b69-OSL --- Additional Info --- Magic: data Size: 471 Md5: a7b496adbd3ad3cc22d50af273146305 Sha1: 3948927f98e2938fb38eb761eb834d20b848d048 Sha256: 7027399aeffa4204f19fd7744f3bdab382613096c0845adc60282b62801c064e
GET /static/images/global/favicon.ico HTTP/1.1 Host: login.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: login.comcast.net/static/images/global/favicon.ico FQDN: login.comcast.net IP: 76.96.69.84 HASH: a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97 76.96.69.84 HTTP/1.1 200 OK Content-Type: image/vnd.microsoft.icon Date: Tue, 06 Dec 2022 09:59:08 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubDomains; Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT Accept-Ranges: bytes Content-Length: 1150 Keep-Alive: timeout=5, max=500 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 8591b1e1977be23073d13751a5f203d0 Sha1: 3f549eff3cf641803992d8748202bf0775f4765e Sha256: a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /impression.php/f30a9b6c172d95a/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/impression.php/f30a9b6c172d95a/?api_ke (...) FQDN: www.facebook.com IP: 31.13.72.36 31.13.72.36 HTTP/2 200 OK content-type: image/gif vary: Accept-Encoding content-encoding: br x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security: max-age=15552000; preload x-fb-debug: AAwlCwSwSe3ulUWXsevDkRT5CTafQKL8GBMHRSKplpS/e/DqxnKCfhMd234bd0qdyPNH/fKeVGOMJnODqszN6A== date: Tue, 06 Dec 2022 09:59:07 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /bossss/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

URL	cgltreeservices.com/bossss/?entity=1073444
IP	108.167.141.129 (United States)
ASN	#46606 UNIFIEDLAYER-AS-1
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-06 09:59:15 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	36
urlquery alerts	No alerts detected
Tags	None

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4577 Expires: Tue, 06 Dec 2022 11:15:21 GMT Date: Tue, 06 Dec 2022 09:59:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4022 Cache-Control: max-age=92357 Date: Tue, 06 Dec 2022 09:59:04 GMT Etag: "638dc877-1d7" Expires: Wed, 07 Dec 2022 11:38:21 GMT Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: ee088fab9b287e174cfd1f2c735a909f Sha1: 25c3335b514a36ad1a24d00413d60c3d394f5161 Sha256: 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16362 Expires: Tue, 06 Dec 2022 14:31:46 GMT Date: Tue, 06 Dec 2022 09:59:04 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 06 Dec 2022 09:20:23 GMT cache-control: public,max-age=3600 age: 2321 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: TZswYYE/CvnDofIShgUv1S9ECSf5hFLh2Gym7QiHdnlrCfyimtzLxtffDDl9M/AXlKe+HHsHdxo= x-amz-request-id: 5BH9Y6F75D48N7VC content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 06 Dec 2022 09:47:03 GMT age: 721 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Tue, 06 Dec 2022 09:59:04 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /bossss/?entity=1073444 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/?entity=1073444 FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 393e784229e9e51ee9a0deabe8213c6407e1cbc146cc35b2c46ee36458c38786 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: nginx/1.21.6 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: none Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168) Size: 12476 Md5: c3efe83741a31102819cb5bfbc70a164 Sha1: f175bc04b9c902e4ad394955aeaec1a6947672d3 Sha256: 393e784229e9e51ee9a0deabe8213c6407e1cbc146cc35b2c46ee36458c38786 Alerts: Blocklists: - openphish: Comcast Corporation - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 06 Dec 2022 09:11:20 GMT cache-control: public,max-age=3600 age: 2864 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /bossss/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/json Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 295 --- Additional Info --- Magic: ASCII text Size: 295 Md5: c4e699111d8c5ee41a03610b94ff02d5 Sha1: 7b4ec667ab9d73b69d752931fa675eca988ac1be Sha256: f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: b0e765e63a6d5c24e7197c491bae8ea2193d93a2c085b9b72ff5bfa4a5edc0d1 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/css Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (50848), with no line terminators Size: 19094 Md5: 049b3d8d779e070847174a63fbdbea8b Sha1: 750f842ebbf752faf947c87ec57979d25a21b882 Sha256: b0e765e63a6d5c24e7197c491bae8ea2193d93a2c085b9b72ff5bfa4a5edc0d1
GET /bossss/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 8210268d9c4641543fffbd2394c23a7585408a90e94fcc58f84e6ae4b568936d 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 772 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403) Size: 772 Md5: 7c2c39d578f8a54322d2f1084bf458db Sha1: b9da3c835240b6217ced4d7f8d792de9faafea74 Sha256: 8210268d9c4641543fffbd2394c23a7585408a90e94fcc58f84e6ae4b568936d Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 867f02cd87490f12f458ec91eb03ba6f23f94c585c26746a2b60937b3fa3bbd3 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8455 --- Additional Info --- Magic: HTML document text\012- C source, ASCII text, with very long lines (25399) Size: 8455 Md5: c540292a1c3d83602949e4f4af9272cd Sha1: 2695d7e1ae9dd40ab88d9e7a45cc8a8930623e74 Sha256: 867f02cd87490f12f458ec91eb03ba6f23f94c585c26746a2b60937b3fa3bbd3 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: da8f696dae05fbc2ecf74b9dcb6aadb94d1bcd7192ffe2d4528c825d43a52193 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1382 --- Additional Info --- Magic: HTML document text\012- exported SGML document, ASCII text, with very long lines (2808) Size: 1382 Md5: 1247a38a9cdacf0e00ed543c62127fe5 Sha1: 940c71c36b5a0f6bee39a4f89555b43f7dd668cd Sha256: da8f696dae05fbc2ecf74b9dcb6aadb94d1bcd7192ffe2d4528c825d43a52193 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: a5bb938bc07b3bf08ae755ba4494f285c7684fef6c0dc9349e7d52f2366ad88e 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 477 --- Additional Info --- Magic: HTML document text\012- exported SGML document, ASCII text, with very long lines (728) Size: 477 Md5: daef3004cc94546e9cd07c793db655a6 Sha1: 286c98c28b3e7a628f8a5eb28134c13f58e1f779 Sha256: a5bb938bc07b3bf08ae755ba4494f285c7684fef6c0dc9349e7d52f2366ad88e Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ce02fcf5ec2a7c9caa9aeed72f1fbdd4581a4745da89c9dfba7e84137dcd96a6 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 556 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433) Size: 556 Md5: fe32fbe869ac4a88f764abd1bc438cf1 Sha1: b1b4f1a0581746de7a45e1f0663220da83d02af1 Sha256: ce02fcf5ec2a7c9caa9aeed72f1fbdd4581a4745da89c9dfba7e84137dcd96a6 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4001 Cache-Control: max-age=87269 Date: Tue, 06 Dec 2022 09:59:04 GMT Etag: "638db4ac-1d7" Expires: Wed, 07 Dec 2022 10:13:33 GMT Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 2b9d6a686aa3c4ea24568425e43a5221 Sha1: d53bb4c9579bd1db78a0520619e888aec79f750f Sha256: c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
GET /bossss/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 4294186559939218bf8494573b4dce94cc722bb52f54756832bef1423d873a37 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 1698 --- Additional Info --- Magic: ASCII text, with very long lines (3906), with no line terminators Size: 1698 Md5: 0b5a2ee34ecb1141a47f9d569ff54893 Sha1: a7685dbc86190a3d8161bab891ad4489a493e21f Sha256: 4294186559939218bf8494573b4dce94cc722bb52f54756832bef1423d873a37 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/plain Date: Tue, 06 Dec 2022 09:59:06 GMT Server: nginx/1.21.6 Content-Length: 17 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with no line terminators Size: 17 Md5: 92ecce91e58ca501e89410701805ffd2 Sha1: fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803 Sha256: af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 72384 Md5: 72378a0eda9ae895d3b9a85b18998c75 Sha1: e78c8b727ab8e4cdb38cd1a43e694cc72942da04 Sha256: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/event HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24 108.167.141.129 HTTP/1.1 200 OK Date: Tue, 06 Dec 2022 09:59:06 GMT Server: nginx/1.21.6 Content-Length: 191 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT X-Server-Cache: true X-Proxy-Cache: HIT Accept-Ranges: bytes --- Additional Info --- Magic: ASCII text, with no line terminators Size: 191 Md5: 2d5d169b7afabb783f8994c576f005cb Sha1: d3c1f326303b3cd98f892a5ab28cea82222d058b Sha256: 384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 5AEzDyUFkzYqEceOOKlMnA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.218.164.174 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.218.164.174 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: LY8t8yGOGa/CzlxvRLWct+xlwRk= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bossss/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (554) Size: 72384 Md5: 72378a0eda9ae895d3b9a85b18998c75 Sha1: e78c8b727ab8e4cdb38cd1a43e694cc72942da04 Sha256: f742f5aff25449afd9df0a489303e1d4fd903aba2ec784528d1b68b8bdbdaeb0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 6fff922e860e02fb4bc322b3807ab5e37dd8079072929c2b233c3ae9cdd21d8f 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 8409 --- Additional Info --- Magic: ASCII text, with very long lines (815), with CRLF line terminators Size: 8409 Md5: 79940589e33f37f68f9a80ce5e13c037 Sha1: d7572fb9ef61134c9cb335a6db3740468b93b36f Sha256: 6fff922e860e02fb4bc322b3807ab5e37dd8079072929c2b233c3ae9cdd21d8f Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 74d0b37d1cccb61abb1678b181b5784501b488f6f65c8b2989a28d108f78c6a0 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (707), with CRLF line terminators Size: 36160 Md5: 993f685dda3ba38c62260c5c7f690057 Sha1: 9a9673bc1c0f6d516e2e8da1acdd86ebcb89f803 Sha256: 74d0b37d1cccb61abb1678b181b5784501b488f6f65c8b2989a28d108f78c6a0 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 3ee657e09030047c5792c02cf0f206708cfd3f33aa98b0ccf28cd9c4b098f610 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 159 --- Additional Info --- Magic: Unicode text, UTF-8 (with BOM) text, with no line terminators Size: 159 Md5: a66a008566af0e3807b90760012863c2 Sha1: e09466fb3c0b0d2b94f6233b54321d179903eb17 Sha256: 3ee657e09030047c5792c02cf0f206708cfd3f33aa98b0ccf28cd9c4b098f610 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: af710747fdaf30a7775f1915817fad217a2a1e64ae09ba719da243abf6ee67f4 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Magic: ASCII text, with very long lines (18053) Size: 81701 Md5: d3c16f63bb394161ab950761946097c7 Sha1: e2db8104260b5e9574af432bb5162072ccf9e774 Sha256: af710747fdaf30a7775f1915817fad217a2a1e64ae09ba719da243abf6ee67f4 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 39 --- Additional Info --- Magic: ASCII text Size: 39 Md5: 9c5453ce3943ebf709c68c4358907916 Sha1: 25c057fa107fca0917c7dca9f432cdce93ce2316 Sha256: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 42 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /bossss/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 3091 --- Additional Info --- Magic: PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data Size: 3091 Md5: be19bc645a5d70db58e4317fb1f7f791 Sha1: 8c38f471f3e6d17af148acaab219db7e3e4a8d23 Sha256: 6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
GET /bossss/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 35514 --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data Size: 35514 Md5: a98fbe346dd7c66a4ca5f1f77aa75e44 Sha1: ee1c12063d821ba884efe2afedd6cab81c825363 Sha256: de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d
GET /bossss/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 108.167.141.129 HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Content-Length: 42 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 42 Md5: d89746888da2d9510b64a9f031eaecd5 Sha1: d5fceb6532643d0d84ffe09c40c481ecdf59e15a Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /comcastapn56341864860/moatad.js HTTP/1.1 Host: z.moatads.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: z.moatads.com/comcastapn56341864860/moatad.js FQDN: z.moatads.com IP: 23.38.201.146 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 23.38.201.146 HTTP/2 200 OK content-type: application/x-javascript x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw= x-amz-request-id: CA2DQ7A5WM2MGH3Y last-modified: Mon, 11 May 2020 15:59:42 GMT etag: "d41d8cd98f00b204e9800998ecf8427e" accept-ranges: bytes server: AmazonS3 content-length: 0 cache-control: max-age=31488 date: Tue, 06 Dec 2022 09:59:05 GMT X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.geotrust.com/ FQDN: status.geotrust.com IP: 93.184.220.29 HASH: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6217 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:05 GMT Last-Modified: Tue, 06 Dec 2022 08:15:28 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6a1b976735685cee0e12b8edd836ea44 Sha1: d0caa3fedecb3adce697d8dcad78fb70f4e0fe9f Sha256: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /w/1.0/jstag HTTP/1.1 Host: us-ads.openx.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: us-ads.openx.net/w/1.0/jstag FQDN: us-ads.openx.net IP: 35.244.159.8 HASH: c7912dd203837530845da50cfec5daf435a99eb4c6ade95a7c6d41a55605cbb4 35.244.159.8 HTTP/2 200 OK content-type: text/javascript vary: Accept-Encoding server: OXGW/0.0.0 p3p: CP="CUR ADM OUR NOR STA NID" expires: Tue, 06 Dec 2022 10:59:05 GMT date: Tue, 06 Dec 2022 09:59:05 GMT content-length: 18071 content-encoding: gzip cache-control: max-age=3600 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (12594) Size: 18071 Md5: ca86d365471cdc0fdbbdcf961803eb48 Sha1: ce7f84533218cd78c2d81527b3dc5c1945bcf3b7 Sha256: c7912dd203837530845da50cfec5daf435a99eb4c6ade95a7c6d41a55605cbb4
POST / HTTP/1.1 Host: status.geotrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: status.geotrust.com/ FQDN: status.geotrust.com IP: 93.184.220.29 HASH: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6217 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:05 GMT Last-Modified: Tue, 06 Dec 2022 08:15:28 GMT Server: ECS (ska/F71E) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 6a1b976735685cee0e12b8edd836ea44 Sha1: d0caa3fedecb3adce697d8dcad78fb70f4e0fe9f Sha256: 630e9c9f04f03c94d1171df47368978fc0ad0153261d9f1fd511894a7ca336c5
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:05 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /a/11648/36314/150582-10.js?&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-10 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:05 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f1269-4385d93436d4ce010b144c5d User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UG5Q-23-8K2N; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qpuP10wWc85gO9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 7bdda9f1de292e7e006306b2d85c9cb1 Sha1: 36a60514a49f5f2d58deb949fdf037ed29a067cc Sha256: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-10 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-037f277e1f1d2e300297c500 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.5477071014438208&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UG8A-4-EQ82; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qoxvDJ1+CxEnu9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 7bdda9f1de292e7e006306b2d85c9cb1 Sha1: 36a60514a49f5f2d58deb949fdf037ed29a067cc Sha256: 83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /ad/11648.js HTTP/1.1 Host: ads.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ads.rubiconproject.com/ad/11648.js FQDN: ads.rubiconproject.com IP: 2.21.206.244 HASH: 69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa 2.21.206.244 HTTP/2 200 OK content-type: text/javascript server: Apache x-powered-by: PHP/5.3.3 content-encoding: gzip content-length: 8946 cache-control: max-age=12439 expires: Tue, 06 Dec 2022 13:26:25 GMT date: Tue, 06 Dec 2022 09:59:06 GMT vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: C source, ASCII text, with very long lines (26545) Size: 8946 Md5: 5aecf12e8c3cb1d14458bc71c6b8cf0c Sha1: b0cedce6e8165041981ba59a9b7277053a37ba89 Sha256: 69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 6d14a5d3df707015be4ca6e368b8cf5dd32aeb408d34aeaf09c3c0f2deedf844 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3860 Cache-Control: max-age=144731 Date: Tue, 06 Dec 2022 09:59:06 GMT Etag: "638e95b1-1d7" Expires: Thu, 08 Dec 2022 02:11:17 GMT Last-Modified: Tue, 06 Dec 2022 01:06:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: b7894571eb7d4837e1dee13aaacac990 Sha1: 486b9d79414f9eb33b76b0b423982b351c6a110f Sha256: 6d14a5d3df707015be4ca6e368b8cf5dd32aeb408d34aeaf09c3c0f2deedf844
GET /a/11648/36314/150582-15.js?&cb=0.09370195725039776&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1 Host: smarttag.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: smarttag.rubiconproject.com/a/11648/36314/150582-15.js? (...) FQDN: smarttag.rubiconproject.com IP: 213.19.162.21 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.21 HTTP/2 200 OK content-type: text/javascript server: nginx/1.21.4 date: Tue, 06 Dec 2022 09:59:06 GMT cache-control: no-cache, no-store, max-age=0, must-revalidate expires: Wed, 17 Sep 1975 21:32:10 GMT pragma: no-cache vary: Accept-Encoding set-cookie: khaos=LBC1UGEQ-25-AQDX; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qrliVj5xbZ8cO9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" content-length: 147 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /a/11648/36314/150582-15.js?&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-15 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-40e5747a7a6ff39326a72892 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 95.101.11.115 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 95.101.11.115 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11042 Expires: Tue, 06 Dec 2022 13:03:08 GMT Date: Tue, 06 Dec 2022 09:59:06 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5790 x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSvoEoUoAMFsxg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: WBNaNTgYQaDVlJqu2u341xYy_6zmr5LqmCD2BPjGPGgmAG20WNHyKw== via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:46:52 GMT age: 43934 etag: "1f25392db4cf3693259202b24e898f21093b8bf9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5790 Md5: 18bbcbf84b00d3bc602830478ff1bd7f Sha1: 1f25392db4cf3693259202b24e898f21093b8bf9 Sha256: cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10183 x-amzn-requestid: 557e6b38-7be9-4953-968b-2e5bd3491ef4 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUDYEQbIAMFwRg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e66e2-1fcd8fc4719bc0bc7d11abd2;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: z1_zJTJMuk724WMOmIc660b54AyZK8ffNVF5N7ehZ00W2kaL3Lcd1A== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 21:47:14 GMT age: 43912 etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10183 Md5: 99d1ff8fa2e095dcf2bda3d1e1af1221 Sha1: f914f04a0e1fb45a221d31d2105bfc73015b03e6 Sha256: 90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ca09fa3-9c1c-4e27-b763-2de04564da9d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4827 x-amzn-requestid: 9091cc45-8fb1-4b07-8ef9-3f42b85fb81e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSuYH_KIAMFpMQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64c2-6bf3bf8659ef3feb27c1803f;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: fxdYE-ftBwC_0KcBJBQqvUbVXM54TmsKR8QXIfLIhdLYsqtaxdx9tg== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:22:26 GMT age: 41800 etag: "0f1c7567b89cc3de60196e47e37879296359bc78" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4827 Md5: 73b9f329cd3a39d0756de62dd5f190b7 Sha1: 0f1c7567b89cc3de60196e47e37879296359bc78 Sha256: e15711efe27a3d302a9869cf01d27fd65bd0beca9d03a19d93bbf11e28f3e1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10594 x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSyIHpGoAMF1fw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:03:16 GMT age: 42950 etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10594 Md5: 7e1b54923ba506fde6b21c5bfb51ccc8 Sha1: 366aa3ab0790c496ea51bc08d1f2ff3358530d9e Sha256: a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12293 x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csSyGHPOIAMFYqw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q== via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:29:38 GMT age: 41368 etag: "9a26884875abb0652c568c50438b65f801779f9a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12293 Md5: 53afd826523f4c18bf968764818d7ca7 Sha1: 9a26884875abb0652c568c50438b65f801779f9a Sha256: 4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11224 x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: csUINEwdoAMFuOw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0 x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT x-amz-cf-pop: YVR50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ== via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google date: Mon, 05 Dec 2022 22:23:09 GMT age: 41757 etag: "36082b7329d473829178f280cb71a83b1531e486" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11224 Md5: b15136d60fd0a5e0f657a4f5c75d540f Sha1: 36082b7329d473829178f280cb71a83b1531e486 Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UGH6-10-99B5; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|SDziDG3X/EjbucnZjE4Zgu9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: optimized-by.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: optimized-by.rubiconproject.com/a/11648/36314/150582-15 (...) FQDN: optimized-by.rubiconproject.com IP: 3.74.171.125 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 3.74.171.125 HTTP/1.1 307 Temporary Redirect Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 0 Connection: keep-alive Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 X-Forwarded-For: 91.90.42.154 X-Forwarded-Proto: http X-Forwarded-Port: 80 Host: optimized-by.rubiconproject.com X-Amzn-Trace-Id: Root=1-638f126a-54731f217741047916856eed User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7101548064243212&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1 Host: vast.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_v (...) FQDN: vast.rubiconproject.com IP: 213.19.162.31 HASH: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749 213.19.162.31 HTTP/1.1 200 OK Content-Type: text/javascript Server: nginx/1.21.4 Date: Tue, 06 Dec 2022 09:59:06 GMT Content-Length: 147 Connection: keep-alive Cache-Control: no-cache, no-store, max-age=0, must-revalidate Expires: Wed, 17 Sep 1975 21:32:10 GMT Pragma: no-cache Vary: Accept-Encoding Set-Cookie: khaos=LBC1UGJ1-V-LKV3; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure audit=1\|naVuGyos1qoHzIKf8+GpNe9DtVM30fCgV3PdyjZap6Td0XM3A4FRH5t8UDkxNtLxZjgLr2G0q8TggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=; Domain=.rubiconproject.com; Path=/; Expires=Wed, 06-Dec-2023 09:59:06 GMT; Max-Age=31536000; SameSite=None; Secure P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" --- Additional Info --- Magic: ASCII text Size: 147 Md5: 9441d4459f9bdf15aad152e66fc88643 Sha1: e97b5816d440de61a5d5a7f47bb921cec240580b Sha256: 9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3ba0c6659d7753189961c649bc889e6823a77dd64400e13cd74aca5fc90e2704 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3463 Cache-Control: 'max-age=158059' Date: Tue, 06 Dec 2022 09:59:06 GMT Last-Modified: Tue, 06 Dec 2022 09:01:23 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a020f64fea80cefdee3833231b62ed32 Sha1: 934f5206a482c5c02f4ed31717b7de4d7a4d5105 Sha256: 3ba0c6659d7753189961c649bc889e6823a77dd64400e13cd74aca5fc90e2704
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1 Host: pixel.quantserve.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux4 (...) FQDN: pixel.quantserve.com IP: 91.228.74.206 HASH: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a 91.228.74.206 HTTP/2 200 OK content-type: application/x-javascript date: Tue, 06 Dec 2022 09:59:06 GMT content-length: 39 cache-control: private, no-transform, must-revalidate, max-age=86400 expires: Wed, 07 Dec 2022 09:59:06 GMT p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" set-cookie: mc=638f126a-acbeb-cedf7-2bf46; expires=Sat, 06-Jan-2024 09:59:06 GMT; path=/; domain=.quantserve.com X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 39 Md5: 9c5453ce3943ebf709c68c4358907916 Sha1: 25c057fa107fca0917c7dca9f432cdce93ce2316 Sha256: c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1 Host: serviceo.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131 (...) FQDN: serviceo.comcast.net IP: 13.36.218.177 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 13.36.218.177 HTTP/1.1 302 Found content-type: text/plain;charset=utf-8 access-control-allow-origin: * vary: Origin date: Tue, 06 Dec 2022 09:59:06 GMT expires: Mon, 05 Dec 2022 09:59:06 GMT last-modified: Wed, 07 Dec 2022 09:59:06 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_vi=[CS]v1\|31C789353B9FE884-40000711294619F4[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 05 Dec 2024 09:59:59 GMT; location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&pccr=true&vidn=31C789353B9FE884-40000711294619F4&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 content-length: 0 cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/images/fb-logo-29.png HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/images/fb-logo-29.png FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 462 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /b/ss/comcastnetdev/1/H.27.5/s98131181810116?AQB=1&pccr=true&vidn=31C789353B9FE884-40000711294619F4&ndh=1&t=6%2F11%2F2022%209%3A59%3A6%202%200&fid=685599E80737753A-3D3A1B3112774C13&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fcgltreeservices.com%2Fbossss%2F%3Fentity%3D1073444&cc=USD&ch=sign%20in&events=event11&c1=%2Fbossss%2F%2F%3Asign%20in&v1=%2Fbossss%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fbossss%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1 Host: serviceo.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://cgltreeservices.com/ Connection: keep-alive	URL: serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s98131 (...) FQDN: serviceo.comcast.net IP: 13.36.218.177 HASH: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 13.36.218.177 HTTP/1.1 200 OK content-type: image/gif;charset=utf-8 access-control-allow-origin: * date: Tue, 06 Dec 2022 09:59:06 GMT expires: Mon, 05 Dec 2022 09:59:06 GMT last-modified: Wed, 07 Dec 2022 09:59:06 GMT pragma: no-cache p3p: CP="This is not a P3P policy" server: jag set-cookie: s_vi=[CS]v1\|31C7893503C12570-40001772894A5845[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 05 Dec 2024 09:59:59 GMT; etag: 3586986489013141504-4619804204704880708 vary: * content-length: 43 cache-control: no-cache, no-store, max-age=0, no-transform, private x-xss-protection: 1; mode=block x-content-type-options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 2 x 2\012- data Size: 43 Md5: ad480fd0732d0f6f1a8b06359e3a42bb Sha1: a544538683a2dfe574eeb2e358ac8fcc78289d50 Sha256: a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:06 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444 Cookie: OX_sd=1; OX_plg=pm Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 686657c40c7df232e408c1bb2ee85b6d7bdb256581ecd22686d23bd178befc9a 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 16871 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: false --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators Size: 16871 Md5: 9922458cb6254769b56591dbc1dc09fe Sha1: 9e5e45878fd2024b41bc47dcb59a096fb65bc65d Sha256: 686657c40c7df232e408c1bb2ee85b6d7bdb256581ecd22686d23bd178befc9a Alerts: Blocklists: - fortinet: Phishing
GET /bossss/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444 Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D Upgrade-Insecure-Requests: 1	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: ac3af5d86b1b86bed0c272d4bee25d13f4993322fce9906018c299a764365d6b 108.167.141.129 HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: none Vary: Accept-Encoding Content-Encoding: gzip X-Server-Cache: false Content-Length: 4199 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators Size: 4199 Md5: bca5675fe990e0cf10ada92892b4469b Sha1: fe22bdb21a46264c5d41dd0a032f26cfcd9314bf Sha256: ac3af5d86b1b86bed0c272d4bee25d13f4993322fce9906018c299a764365d6b Alerts: Blocklists: - fortinet: Phishing
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.200.14 HTTP/1.1 301 Moved Permanently Content-Type: text/plain Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 Server: proxygen-bolt Date: Tue, 06 Dec 2022 09:59:07 GMT Connection: keep-alive Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3514 Cache-Control: max-age=105504 Date: Tue, 06 Dec 2022 09:59:07 GMT Etag: "638dfdd1-1d7" Expires: Wed, 07 Dec 2022 15:17:31 GMT Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a179b3b6ab78e29169af8cc2363d6280 Sha1: 501cd2871c5b70c56852c6cd0c87f383504ca933 Sha256: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:07 GMT Server: Apache Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Content-Length: 746 Vary: Accept-Encoding --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 746 Md5: dbf8ec3db1d4b93b848197591827939c Sha1: 2e12f671d6101f52060133c32f8d359af756f9b2 Sha256: 63c52aa99ca361b59a27e7f51fe5fadffef99e671f8b4f9560fab204219e0666 Alerts: Blocklists: - fortinet: Phishing
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 157.240.200.14 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-opener-policy: same-origin-allow-popups x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 strict-transport-security: max-age=15552000; preload x-fb-debug: 4zCgIkiR3r345Ofx2xoxMf+GVw59SRiFnBRFEZrDOw10AYKRuKEQE9oamVsnrO65t+PGsh2Ph04a9JUm5FKvGA== content-length: 9 x-fb-trip-id: 1679558926 date: Tue, 06 Dec 2022 09:59:07 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: 9d1ead73e678fa2f51a70a933b0bf017 Sha1: d205cbd6783332a212c5ae92d73c77178c2d2f28 Sha256: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3514 Cache-Control: max-age=105504 Date: Tue, 06 Dec 2022 09:59:07 GMT Etag: "638dfdd1-1d7" Expires: Wed, 07 Dec 2022 15:17:31 GMT Last-Modified: Mon, 05 Dec 2022 14:18:57 GMT Server: ECS (ska/F716) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a179b3b6ab78e29169af8cc2363d6280 Sha1: 501cd2871c5b70c56852c6cd0c87f383504ca933 Sha256: ceecf34d673dd0d910e3622aa0fa8d84fea748592acc796286c4ec5e76fbc170
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1 Host: staticxx.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://cgltreeservices.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site TE: trailers	URL: staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq. (...) FQDN: staticxx.facebook.com IP: 157.240.200.14 HASH: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5 157.240.200.14 HTTP/2 404 Not Found content-type: text/html; charset="utf-8" pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT content-security-policy-report-only: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy: default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-opener-policy: same-origin-allow-popups x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 strict-transport-security: max-age=15552000; preload x-fb-debug: R1nKnNMLL06m94etrmO2VufrGjsxolLtRvEKg5JqPb2flk5Vknb7sxlPtEUMQfG3Ipxwan8HUaOe9pofUFGMzw== content-length: 9 x-fb-trip-id: 1679558926 date: Tue, 06 Dec 2022 09:59:07 GMT alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 9 Md5: 9d1ead73e678fa2f51a70a933b0bf017 Sha1: d205cbd6783332a212c5ae92d73c77178c2d2f28 Sha256: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_files/styles-light.css Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=685599E80737753A-3D3A1B3112774C13; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D	URL: cgltreeservices.com/static/fonts/Xfinity-Standard/Xfini (...) FQDN: cgltreeservices.com IP: 108.167.141.129 HASH: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 108.167.141.129 HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Dec 2022 09:59:08 GMT Server: nginx/1.21.6 Content-Length: 462 Last-Modified: Thu, 23 Jun 2022 12:39:47 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 462 Md5: 3b58a4197a90ce28f053f853e9f5201a Sha1: 1764aa95ccf139706beb229625b9d6d6f154bd5d Sha256: e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648 Alerts: Blocklists: - fortinet: Phishing
GET /static/psa/blank/1x1.png HTTP/1.1 Host: secure-assets.rubiconproject.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers	URL: secure-assets.rubiconproject.com/static/psa/blank/1x1.png FQDN: secure-assets.rubiconproject.com IP: 2.21.206.244 HASH: 172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7 2.21.206.244 HTTP/2 200 OK content-type: image/png server: Apache last-modified: Tue, 01 Oct 2019 16:53:58 GMT accept-ranges: bytes content-encoding: gzip unused62: 8096267 content-length: 155 date: Tue, 06 Dec 2022 09:59:07 GMT vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Size: 155 Md5: 0fed6b76619acefb38a43867d5fbbd65 Sha1: b4881fe00376089907ce39fb43398fe2b9d55b8a Sha256: 172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /en_US/all.js HTTP/1.1 Host: connect.facebook.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: connect.facebook.net/en_US/all.js FQDN: connect.facebook.net IP: 157.240.200.14 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 157.240.200.14 HTTP/1.1 301 Moved Permanently Content-Type: text/plain Location: https://connect.facebook.net/en_US/all.js Server: proxygen-bolt Date: Tue, 06 Dec 2022 09:59:07 GMT Connection: keep-alive Content-Length: 0 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=88649387466&varName=crtg_content HTTP/1.1 Host: rtax.criteo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieNa (...) FQDN: rtax.criteo.com IP: 178.250.0.166 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 178.250.0.166 HTTP/1.1 204 No Content server: nginx/1.20.1 date: Tue, 06 Dec 2022 09:59:07 GMT strict-transport-security: max-age=31536000; preload; --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP/1.1 Host: dpm.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2 (...) FQDN: dpm.demdex.net IP: 54.170.10.162 HASH: e26ed3a5228d1bc7984bd3ec5eb2717793d26314180ef8bc9dccba799ec8c4a9 54.170.10.162 HTTP/1.1 200 OK Content-Type: application/javascript;charset=utf-8 Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-1-v045-0d492e21d.edge-irl1.demdex.com 2 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=83115032145783221531960445016253317958; Max-Age=15552000; Expires=Sun, 04 Jun 2023 09:59:07 GMT; Path=/; Domain=.demdex.net X-TID: 2u1kMmQLSnI= Content-Length: 689 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with very long lines (1652), with no line terminators Size: 689 Md5: 2eb0020fc0e9a7e736d114b91c63e2fa Sha1: 3e0f13639e4b9eab8dc6ca319397d89e2f47eb29 Sha256: e26ed3a5228d1bc7984bd3ec5eb2717793d26314180ef8bc9dccba799ec8c4a9
GET /event?d_mid=83458936266698363721999053362717893115&d_nsid=1&d_ld=_ts%3D1670320746853&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1670320746853&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fbossss%2F%2F%3Asign%20in&c_eVar1=%2Fbossss%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fbossss%2F HTTP/1.1 Host: comcastathena.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/	URL: comcastathena.demdex.net/event?d_mid=834589362666983637 (...) FQDN: comcastathena.demdex.net IP: 54.72.53.159 HASH: f441cb4b6ac2c4dad07e0590da8dcbb0ec4355543b72c20fe8e30c2a87c5c9a8 54.72.53.159 HTTP/1.1 200 OK Content-Type: application/javascript;charset=utf-8 Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding: gzip DCS: dcs-prod-irl1-1-v045-0327f6936.edge-irl1.demdex.com 4 ms Expires: Thu, 01 Jan 1970 00:00:00 UTC P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma: no-cache set-cookie: demdex=83115032145783221531960445016253317958; Max-Age=15552000; Expires=Sun, 04 Jun 2023 09:59:07 GMT; Path=/; Domain=.demdex.net X-TID: eBsQg1PqSPM= Content-Length: 150 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with no line terminators Size: 150 Md5: 20e0a8aedb4e525c741fb3112426ac56 Sha1: f98ce8a3b126e27201873828c958f54ec67e2145 Sha256: f441cb4b6ac2c4dad07e0590da8dcbb0ec4355543b72c20fe8e30c2a87c5c9a8
GET /dest5.html?d_nsid=undefined HTTP/1.1 Host: fast.comcastathena.demdex.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/ Upgrade-Insecure-Requests: 1	URL: fast.comcastathena.demdex.net/dest5.html?d_nsid=undefined FQDN: fast.comcastathena.demdex.net IP: 23.33.119.16 HASH: 80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd 23.33.119.16 HTTP/1.1 200 OK Content-Type: text/html Accept-Ranges: bytes ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238" Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT Server: AkamaiNetStorage Vary: Accept-Encoding Content-Encoding: gzip Cache-Control: max-age=21600 Date: Tue, 06 Dec 2022 09:59:07 GMT Content-Length: 2785 Connection: keep-alive P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550) Size: 2785 Md5: b8a1b21bd0651935d53a7bff0c2479d6 Sha1: 31527c952669b6d1d06c537eb50c9043f576e607 Sha256: 80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd
POST / HTTP/1.1 Host: ocsp.comodoca.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.comodoca.com/ FQDN: ocsp.comodoca.com IP: 104.18.32.68 HASH: 7027399aeffa4204f19fd7744f3bdab382613096c0845adc60282b62801c064e 104.18.32.68 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 06 Dec 2022 09:59:08 GMT Content-Length: 471 Connection: keep-alive Last-Modified: Mon, 05 Dec 2022 10:07:33 GMT Expires: Mon, 12 Dec 2022 10:07:32 GMT Etag: "3948927f98e2938fb38eb761eb834d20b848d048" Cache-Control: max-age=602281,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb6 X-Frame-Options: SAMEORIGIN CF-Cache-Status: REVALIDATED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 77542ac49d590b69-OSL --- Additional Info --- Magic: data Size: 471 Md5: a7b496adbd3ad3cc22d50af273146305 Sha1: 3948927f98e2938fb38eb761eb834d20b848d048 Sha256: 7027399aeffa4204f19fd7744f3bdab382613096c0845adc60282b62801c064e
GET /static/images/global/favicon.ico HTTP/1.1 Host: login.comcast.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: login.comcast.net/static/images/global/favicon.ico FQDN: login.comcast.net IP: 76.96.69.84 HASH: a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97 76.96.69.84 HTTP/1.1 200 OK Content-Type: image/vnd.microsoft.icon Date: Tue, 06 Dec 2022 09:59:08 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubDomains; Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT Accept-Ranges: bytes Content-Length: 1150 Keep-Alive: timeout=5, max=500 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 8591b1e1977be23073d13751a5f203d0 Sha1: 3f549eff3cf641803992d8748202bf0775f4765e Sha256: a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /impression.php/f30a9b6c172d95a/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1 Host: www.facebook.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://cgltreeservices.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.facebook.com/impression.php/f30a9b6c172d95a/?api_ke (...) FQDN: www.facebook.com IP: 31.13.72.36 31.13.72.36 HTTP/2 200 OK content-type: image/gif vary: Accept-Encoding content-encoding: br x-fb-rlafr: 0 document-policy: force-load-at-top cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups pragma: no-cache cache-control: private, no-cache, no-store, must-revalidate expires: Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options: nosniff report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} strict-transport-security: max-age=15552000; preload x-fb-debug: AAwlCwSwSe3ulUWXsevDkRT5CTafQKL8GBMHRSKplpS/e/DqxnKCfhMd234bd0qdyPNH/fKeVGOMJnODqszN6A== date: Tue, 06 Dec 2022 09:59:07 GMT priority: u=3,i alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info ---
GET /bossss/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1 Host: cgltreeservices.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://cgltreeservices.com/bossss/?entity=1073444	URL: cgltreeservices.com/bossss/Sign%20in%20to%20XFINITY_fil (...) FQDN: cgltreeservices.com IP: 108.167.141.129 108.167.141.129 HTTP/1.1 200 OK Content-Type: application/javascript Date: Tue, 06 Dec 2022 09:59:04 GMT Server: Apache Last-Modified: Fri, 02 Dec 2022 11:38:26 GMT Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Transfer-Encoding: chunked --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

Overview

Domain Summary (27)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 108.167.141.129

Last 5 reports on ASN: UNIFIEDLAYER-AS-1

Last 5 reports on domain: cgltreeservices.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (57)

Executed Evals (2)

#1 JavaScript::Eval (size: 50) - SHA256: 9fda12704d141686ffade43cfc0269f3533ed4cbbdbda7ad8d37bf9e80391f9a

#2 JavaScript::Eval (size: 1972) - SHA256: 8f14c536fdc78829b38cb06804c824b03b814a2990121cc0e259eb1c1dad9749

Executed Writes (52)

#1 JavaScript::Write (size: 28) - SHA256: b03a9cc712628555461e789056014f0278ad2cd7c767bae0a40d1e9b3a93372d

#2 JavaScript::Write (size: 8) - SHA256: e96725072752f5da3641f73d04526eb67ca33e7397297631da463fc5a5ccf106

#3 JavaScript::Write (size: 39) - SHA256: 97e88b2f6433ef546c362c8154d9be54beee35e54731fcab526523bd374e5210

#4 JavaScript::Write (size: 275) - SHA256: 23bf1753b0de1bb2f7b24f87a93aa989712f9a430ed50ac0a96c66e01dc21336

#5 JavaScript::Write (size: 273) - SHA256: b38a98f8d38a159caf4b79a332f7cfd4623d8d81da59a10d10d48e7b16ac8170

#6 JavaScript::Write (size: 6) - SHA256: 72a2f9a731af9047b27b0a7db7269c948182f3b1e44b04e5ca1088f3ce269f33

#7 JavaScript::Write (size: 1) - SHA256: a318c24216defe206feeb73ef5be00033fa9c4a74d0b967f6532a26ca5906d3b

#8 JavaScript::Write (size: 3) - SHA256: 49967ec1ed3836f8eb17aff172b5bfef7de60485a439c6ca11c591e1755739ae

#9 JavaScript::Write (size: 382) - SHA256: a0672f450acfa14c081cbca5d92a8dba13344217dc82bc1a03b04cd8340eb563

#10 JavaScript::Write (size: 66) - SHA256: bf1cb87d7f117da26bb818eadef3c7d21e04b7e4d265e4e069d5fce8d8082308

#11 JavaScript::Write (size: 414) - SHA256: 3e4f6e6ac28f392d59d8b0817fd8c55be4d5da18370765e8d5949e4b0a48f69a

#12 JavaScript::Write (size: 124) - SHA256: b8a55bdf970191f0208873a0cc443759035a6164d338db454b4efbac2a3d4520

#13 JavaScript::Write (size: 1) - SHA256: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

#14 JavaScript::Write (size: 412) - SHA256: 2bde6cf0925cc943ef307f2e72941e4338163fd1882462ecf3d1b1aa962f3a3d

#15 JavaScript::Write (size: 280) - SHA256: 0bd6b92ab472988f69204700c08cfab7013feeba242295d7bcde697496933cce

#16 JavaScript::Write (size: 2375) - SHA256: 32eb4d449d10bd365e9c58716abc30356fbc136ef1439c6d42d582e0a9dfdc3b

#17 JavaScript::Write (size: 4) - SHA256: 58e9d05a64d7c8ddd50c4e2e0bfe41a2d762b454d2fbdac24e5f0ae10e150e7b

#18 JavaScript::Write (size: 296) - SHA256: 4c428080cb22eb0d79fa3fe70674bbe473add7fe68a71d5cd8de48fe9216fb59

#19 JavaScript::Write (size: 3) - SHA256: 34bb1fea2555eac5f1543ab10ac5710d1ccd5ee7c0038af49fe38d503663563d

#20 JavaScript::Write (size: 4) - SHA256: fc5415e0722187f8976c12b444fa25e2bf742b32a8295ddb3eca837d70d0c2b1

#21 JavaScript::Write (size: 9) - SHA256: cf14a32120c034eafc76d4138166beb8c7a968a3633a0008e74f406dd9d2126d

#22 JavaScript::Write (size: 79) - SHA256: 52af0e1f9eda55a68da84d3ee99a5d644017b39b5796ec66ac4d2a227ef7f9a5

#23 JavaScript::Write (size: 60) - SHA256: 482b4e182e6d5b1bca2b3c7e57181d8c8c02e627a705beee2fe4be750188ccbc

#24 JavaScript::Write (size: 60) - SHA256: 074dc062bd376dc8e4b71d25afa96ac513fe5e52d014a42a6f32d7282e130cc3

#25 JavaScript::Write (size: 81) - SHA256: af84a1de668edf37cce9710b63d309c9bbd02c1039542ea0f38efc9d81084212

#26 JavaScript::Write (size: 124) - SHA256: 8761bba21972d65f2e379c4238888816f8235f067bc43d5a2d53f0a454840a94

#27 JavaScript::Write (size: 208) - SHA256: 42acab08304bef2c0b72ec8e379792d0a369bc9e00ba65e1e97522cf041b99b2

#28 JavaScript::Write (size: 2) - SHA256: 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070

#29 JavaScript::Write (size: 429) - SHA256: 2af4b82f040de50d65367bc357cc9004e5df82e7b1fd90ce67ec5864359553a2

#30 JavaScript::Write (size: 208) - SHA256: c1e7c8afdc94afa394243cb3cae33b600664f260310714052ed2aaf764661429

#31 JavaScript::Write (size: 15) - SHA256: 7cd0e6dd19083e25d38dfb35b2d0cb518903dd6da28631aad368d6a2424726b9

#32 JavaScript::Write (size: 215) - SHA256: 765565860addcf56f8fc07bf483d3212c0c13d214532af60bd07be3afc90b9fc

#33 JavaScript::Write (size: 5) - SHA256: 0dd4d955accc30fd912938e3f7bbb0325a19550e0b9f37348481204a78ae5b10

#34 JavaScript::Write (size: 11) - SHA256: 742c800c05fd69a5f2237dea34dc68f8c7e67f737212bd98fdba8adc476c667a

#35 JavaScript::Write (size: 5) - SHA256: 7879981d4f226a8f0191d36730c07205d7a5ff1c780fca9b2f905f25264cf636

#36 JavaScript::Write (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

#37 JavaScript::Write (size: 218) - SHA256: 2a4a1c92ddaece66f6d093ee042d358a6b1ab975dd3d9ec889f0b992d753e8eb

#38 JavaScript::Write (size: 37) - SHA256: df346a80a88198424a2f9e4a04508477b4c2eafc615941707d03989c5513fd8e

#39 JavaScript::Write (size: 8) - SHA256: 28bfbc1fd4382053eb80d39838ea9c4b19a7e66cf286a3bbdaa2a32dd95f6738

#40 JavaScript::Write (size: 72) - SHA256: 4d271784f8a0f343c63cc61d13a66c23b95a6b08cc551938a0d33dbd8aae3368

#41 JavaScript::Write (size: 10) - SHA256: 2f358f0371a6e732c4340332235199dcd91ebc46239a5ddcfe6f9a63e6ebecfe

#42 JavaScript::Write (size: 4) - SHA256: 4786fdb4166cd7d10007951f7e085916076b1970b08bb0dc2a5d5d321d7dfe4c

#43 JavaScript::Write (size: 2) - SHA256: 412ca345ccf75bf9c0806bce695be8de808b79984251a7a54d202cf6101dd451

#44 JavaScript::Write (size: 126) - SHA256: 5b265dea38a156641f5d5dff6586fe6564e5c1d63ec9dd09b7a62118548dc721

#45 JavaScript::Write (size: 215) - SHA256: bcf55eb27b9985133a2c9701132e8bb4f2a835a7c25b8dc549ef456fe6e7ada5

#46 JavaScript::Write (size: 34) - SHA256: 0f96e300ca342d0d9228b07be10ee3a9310aa2ee392b12175f88733505c3132f

#47 JavaScript::Write (size: 65) - SHA256: a2769bf687e12cd8c0a6ade33204918b592e434787db8bd8327f7e57350df8cd

#48 JavaScript::Write (size: 32) - SHA256: 24be741ecfc0488f0e9a9a62af470487470585c046f1940afaaa22ccdb282a84

#49 JavaScript::Write (size: 49) - SHA256: 17dc4a7702ed84ec8db6d42f7bfe6cfe5145746d8d774e9b50d8b8abacc441f8

#50 JavaScript::Write (size: 126) - SHA256: e0994f5bb7ba37f0df4a1e8cf43f488c0d199c5c196f1c3bd1d01a0052da577f

#51 JavaScript::Write (size: 301) - SHA256: 3b4d6649c419d60f2fc6d239050749a3893b24fc200a2d63e7b9b07a9a20aac9

#52 JavaScript::Write (size: 1) - SHA256: 265fda17a34611b1533d8a281ff680dc5791b0ce0a11c25b35e11c8e75685509

HTTP Transactions (94)

Network Intrusion Detection Systems