ci.asigno.ro/css
86.105.198.149302 Found 208 B IP 86.105.198.149:0
ASN #43459 Sc Maguay Impex Srl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1e4de38a9c61ec05dbc32907e0940a2a
0466d8511a44e1b68a09abe75fd44438219f8191
712b8ed62250719eeebf79f79ec35d74d0650a95b6867daf7aebabc1d77fa28a
GET /css HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:28 GMT
Server: Apache
Location: https://ci.asigno.ro/css
Content-Length: 208
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2159
Expires: Mon, 19 Dec 2022 04:39:27 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12561
Expires: Mon, 19 Dec 2022 07:32:49 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 03:34:21 GMT
content-type: application/json
age: 1747
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Mon, 19 Dec 2022 04:48:42 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CH22GpjgiRshNnxtgvrB/7e8eay1yzhRLMi0m9JOnv4uu0WVuZMgS7bgKQp3EgFd1ibfIohJJ4tu6aawyzlntw==
x-amz-request-id: PKZMGK72YD33Q3XW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 03:28:50 GMT
age: 2078
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 04:03:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8d0c01fa4b239b76293f79b107795ad8
19a34d9ef300633f83974c4116123650aeed0d7a
989cf4cf537ea879c7d34ea6d673801f3866173b525c85881ecb116232a471a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989CF4CF537EA879C7D34EA6D673801F3866173B525C85881ECB116232A471A2"
Last-Modified: Sun, 18 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Dec 2022 10:03:28 GMT
Date: Mon, 19 Dec 2022 04:03:28 GMT
Connection: keep-alive
ci.asigno.ro/css
86.105.198.149301 Moved Permanently 310 B IP 86.105.198.149:0
ASN #43459 Sc Maguay Impex Srl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ac2d4816b8f6dbf0c29c4f0c137fd2a
0ac062b950f1a3b45ebbf6b7f388ae2403e5be41
2b2275a96c05bbc5af3b67a91eb666063f76feba667f6d1e1de8d264ef2cbbd0
GET /css HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Dec 2022 04:03:28 GMT
Server: Apache/2.4.54 (Debian)
Location: http://ci.asigno.ro/css/
Content-Length: 310
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 03:08:01 GMT
age: 3328
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ci.asigno.ro/css/
86.105.198.149302 Found 209 B IP 86.105.198.149:0
ASN #43459 Sc Maguay Impex Srl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 19ebe23f330b20ccfaf72a835a0f288e
c643e5524808b92b9fbb53eba14205662070e3b1
20c0a7ca5b9b49526c9883920795664ef16926c94855d47828be0cd868ad7f31
GET /css/ HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:29 GMT
Server: Apache
Location: https://ci.asigno.ro/css/
Content-Length: 209
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ci.asigno.ro/css/
86.105.198.149302 Found 0 B IP 86.105.198.149:0
ASN #43459 Sc Maguay Impex Srl
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/ HTTP/1.1
Host: ci.asigno.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Mon, 19 Dec 2022 04:03:29 GMT
Server: Apache/2.4.54 (Debian)
X-Powered-By: PHP/7.4.33
Location: https://arocks.tech/css/WebTrackings
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3636
Cache-Control: max-age=108238
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 10:07:27 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
IP 142.250.74.131:0
Hash c24ce612e2f8377dc1a765b10594b04b
1b978177f38add3b4748d651d211f7ada2f4a001
5354662765919a240d42f75adb00196ce38bcb5887053ef628dfc889abefdbf1
POST /s/gts1p5/9PmOMpMwL4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6OHP8eBHwnIuV3rNUe5s3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S4qcCypQxCEYbZilwfVgTLeX35E=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5983
Expires: Mon, 19 Dec 2022 05:43:12 GMT
Date: Mon, 19 Dec 2022 04:03:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c990c360fd972821af876119dd8555b
458555bf2ac16225da8adfc9fbe75aed89526287
beae8e1d373cbe333272e54db93f44e18f063e93f12f005e793ba64e4f7696a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff17f5cdf-f263-46fc-b0f6-fb0fa1945efd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7760
x-amzn-requestid: a0b96eff-245a-48ab-b09b-013861bbad27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKwhKFTtIAMF6TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a946d-513964bc657a326217d85e42;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V4q1avv0fLvIQNz1dek4qxd2Yen1EJfKBhbvtK3W8AkfBJ775JhZBQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:52:15 GMT
age: 22274
etag: "458555bf2ac16225da8adfc9fbe75aed89526287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da7f54bc8961e24cce4c3910d7657b9e
95f9529aa321d707eac3e133db97c6b641648bdf
ae58b97cc6f584713fbd73bc210ecfcfafd9c5c997008e7e79d59a6e45949846
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe426aa98-61a0-4fb6-9e2a-8295c764a39b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9266
x-amzn-requestid: 24005bea-65b5-41af-9281-b95ac7e5f945
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dLRC3E_UIAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ac878-0369a03043a1ccd31f2d7243;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 07:10:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cF5viZkDzq98kxBlMVDLxkbWy8x0Dip1H-jLNqqsYutHG9FwMt8T0w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:06:40 GMT
age: 68209
etag: "95f9529aa321d707eac3e133db97c6b641648bdf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 945d09b8aa956ddee667614c08687f76
0db0497203df4f2ec5da40cd0ab89383479e5d9b
a0953dafcf933d120941f84b60d2884b3df33fa01dfbc5bfe62fc4910b392a83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F098a9ffa-a930-493a-86d2-96d21a07d7ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9824
x-amzn-requestid: 921ea0f0-7d7d-467e-b3f8-2eb47a62747c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dURWQGoXIAMF_OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e628e-6e4016837f2b38615bff371e;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 00:45:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DgMx1NDqKgwNAIUP-itlH4d6NP5yvSMv8JYpgxo5rdMoPraPrwLzqw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 05:59:13 GMT
age: 79456
etag: "0db0497203df4f2ec5da40cd0ab89383479e5d9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f8b260b0cc287f1b66c97f552b2a3c21
7efa342abc52a36cd3fa2dd4b3e85cec1def58c0
7263d7176d5879c550158fee5259605dc298a99902cb8a2c340ab2b92f92bc90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F469f917b-9e91-486a-b711-ccb25e7bfae0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7432
x-amzn-requestid: 3254bdde-1e56-4423-a87b-5955c64f52ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA6FUVIAMF2gQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-09a330722c1eec79103d9b9e;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: W2HZAazNTP-6o2Vyr2jrOTutIt4ed3Fs0L_TgUEH8dM9RtqBiBSdAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:40:13 GMT
age: 66196
etag: "7efa342abc52a36cd3fa2dd4b3e85cec1def58c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sg4SOln-mB63kOrv2oVmW25o92Sxw7bW4QA78iT5eq3Tpbk_SYUEdw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 00:09:11 GMT
age: 14058
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3aba060983b21c03fd43a14b313fa70e
005128984586fbfa35db5e75e38c43603cae24e1
805ee8bc4be00bc288a082083281984c54cd802138636b9df01f40f22a860897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5029f8fb-29cf-4de0-b8e7-d6f183712d1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12172
x-amzn-requestid: 26e2fb4f-5bc5-4bc8-9e44-08461977187a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVIjgHuiIAMFhYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebae3-79e72e6522d1c0016e46668f;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rtAWDomNd7jCyemJptNJajRruNjBVSNAAbDoUra8_3xhVQmNJIj53w==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 09:18:09 GMT
age: 67520
etag: "005128984586fbfa35db5e75e38c43603cae24e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9PmOMpMwL4c
IP 142.250.74.131:0
Hash c24ce612e2f8377dc1a765b10594b04b
1b978177f38add3b4748d651d211f7ada2f4a001
5354662765919a240d42f75adb00196ce38bcb5887053ef628dfc889abefdbf1
POST /s/gts1p5/9PmOMpMwL4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 04:03:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
arocks.tech/css/WebTrackings/
172.67.155.162200 OK 189 B URL HTTP/1.1 arocks.tech/css/WebTrackings/
IP 172.67.155.162:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 6d505e1d84beeda9ee0bcf9b145a0313
d92862a331c9c67135be16e046c96dc8bdfa4947
72bbd4540336ef913c43e7d88edf4108103d417f7ffa3d98774385c55ceebd8d
GET /css/WebTrackings/ HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcXrSoKORmFen4fkmaJV%2BgnUxNMMRVljHAOMkHRH52hZDZB%2FiWpvTypnFEoPIyx22WlgYbFtaF0En4%2FnN4zVOFd6US7564L7ZbWP80f0AsCwsZVoYmPXJZRmHxbtjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fae6f41fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
172.67.155.162200 OK 14 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
IP 172.67.155.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3982), with CRLF line terminators
Hash 09431904d3380604b345eb704849d153
3d2054276545c42b574adbb82cf13d792b1ccb79
4f5fc0b75b5391a1000f5590d9fd6dc48cf3a9ebcd3de0635e52d296297c0f0a
GET /css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915 HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 20:37:46 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBN8PvwEgMj%2BhrnTYwrxsbvgwi63C2%2B9oH2VB88vp2Tt0e3iNdSa3U%2F4qYH%2BNjOdTRmBHShiF5KHdWXV00o5DyEoKzvXQrEAwXJ2lwPCaOZqhgxAKzvn6wvDiflLgg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb59825fac4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
172.67.155.162200 OK 3.9 kB URL HTTP/1.1 arocks.tech/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 172.67.155.162:0
File type ASCII text, with very long lines (12331)
Hash 54c87b7a9007d256c837e382cab4170d
6c8f44204021f68596af9ae5a742c3ad1b76a6ec
3a09f98b09786cd8fbe71cc17d07660e767fc1c8d2ea467f912bc328766a54a1
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 14 Dec 2022 12:21:11 GMT
ETag: W/"6399bfb7-302c"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFlpczPEkyJsTfaXRgbvAOhnFtQMY6WXwCZCD1NLsSbfV9RGGq6Vp0%2FFYROGV2wT9lVx6wia%2FPUciCJHClsJ6FiY%2FRfTffEHUtwec4gsEGqm2YUixy7r310g2oXMhw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3fb88892fac4-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 21 Dec 2022 04:03:31 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
arocks.tech/css/WebTrackings/track_files/ups_004.css
172.67.155.162200 OK 9.7 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups_004.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65472)
Hash 52eae85c7bc86965b3ec13b3d8cd3a6e
cafae326586190f331a75140c4e752a94d38063a
20e42257e6c3b8e0a57d6ce40f66fa7cb791def350015c61b876ec9116227e3b
GET /css/WebTrackings/track_files/ups_004.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 9674
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ0SQGCxro7JR6xZojKDZs%2BkI9UtPTxj8jStQOG2HGhZK4r1Jdtn3DpZZGlpsGYqf42Nfe0KA%2B5qwYjUBwxT46yMxkh4B03%2FaRS3sD%2BuYoUfiAAESw0XObxZ2DOrag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88899fac4-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/styles.css
172.67.155.162200 OK 181 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/styles.css
IP 172.67.155.162:0
File type ASCII text, with no line terminators
Hash 4a038b1f3a296c0fa73e1d89d22dceda
4b7a9583474b0be80b09303049832acd901c1c46
b484036267305c3d89589db66d136e94f1c4e07a5aa979d1efad598809578ba3
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/WebTrackings/track_files/styles.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 181
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOvKxdEOujQe87aa2WXOvXDKRpQlkoOewaHSiDhRkYgzFgQ6jaPqrDp%2Fovgss2Un%2BFKwamLwxDLl8YQv4dwupx2Evjpgmg92%2BFJQqaLmKJIJd6VY2ip0PVfL%2BDB6%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88aa6b50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/ups_003.css
172.67.155.162200 OK 8.3 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups_003.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 89487a8085746ab4589e2897965b980d
de5a78418b2303dc2a683708cea29a733380effa
ef49d443b004d6697f957cb12e66a384aa0ac53dd74f152feb7e7ae4a28b27a3
GET /css/WebTrackings/track_files/ups_003.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:31 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 8328
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 20:06:32 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Lc3pnUfCUGgfTwOPS4TK8zMufUrnEujam0yrl%2FL0Ab8%2FRnkhGCxSB%2BKA2Utif3Yt5PGgVbbsN9KwtX29dQXiWj1iLv%2FSj5BVVel46ZkkH%2FGwiFiA0qj%2FPqCfhP1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88893fac4-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/ups_005.css
172.67.155.162200 OK 23 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups_005.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65352)
Hash a5861caf32ca4187abebe6ce6d430464
1092ee81914c0967249ebea9b23d35cc8efbe6ed
d0bedcf32c8e7ea96aa0c852091982a824e7b7e05a8deda627969a6a56bcad8b
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/WebTrackings/track_files/ups_005.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 22638
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwJ7Xd0mFnu%2BHenGAp%2BeT%2B%2F%2BsZF4i%2FKVIRpJkGtAxibebGJm49eeLuPb6i2D5F4BhqKpjxmnhneTLPle%2Fd7zLDt3tx5xoU8hIivE1q%2BiW6cjKhgUjx9omolZ2tVcPw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88fd6b511-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/ups.css
172.67.155.162200 OK 93 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65472)
Hash 17c06163fc8d0c68e30197e10d16ee3a
bbdb566f7e94318a58eeef61dc628c244589495b
23adfd209732af34b2a9500fa5cabf67da4a1f002536b7ecb7ecd10a86154b41
GET /css/WebTrackings/track_files/ups.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGsOKjoxA36mpuk7QNeGeIwzu1eRXl4dgwFDT9GWc8MrMcwwdqnZfAis7yxkPrDl0X4fYB934MxCm33iECUTy8bnI3wEovqoUn7IxuJNsv9GUOORvViu1JEQHV70fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88b771c06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/ups_002.css
172.67.155.162200 OK 75 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups_002.css
IP 172.67.155.162:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65461)
Hash d109963d6bee3ff546f1fecc0ba17e19
7e481b8756b8e35e2bb48f8b1c75e39db74fdc8a
6d1c57b810b08236b9c2efe00e78e5975bb23dda35459b7b308f51be8f5c6ca1
GET /css/WebTrackings/track_files/ups_002.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:32 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 20:06:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06fMtOFC%2FANAtOCAid69AiZNZrpa29cRNeipHydP4JCHSnOX8J7PYkN%2BdMMSX6WA1i57FKSQk7TvcugJC2yCdK%2BjiwCY5Gv5WB7l8niIVljPgA1SaVT%2FeyOT%2FeKldQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fb88aa0b50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/UPS_logo.svg
172.67.155.162200 OK 1.2 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/UPS_logo.svg
IP 172.67.155.162:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9ec0923b4e7f4df87ac9ba226439b202
79d2dbef2a1fe136f8f6c506d1c4fc4e2688b9c7
30bf2c723094bdd32e764d27ebc381a104dabeee8a2e60bf12da479952326e62
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/WebTrackings/track_files/UPS_logo.svg HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/svg+xml
Content-Length: 1152
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZQha3vXeltgLzIw4SRKWiJg7q0hfwTDVxJBrgJn8TsMukueUPkcivJecNtDUHbpsasv4OA7KUPYauj9ZwcjikYdjWwT84vQQKCndLnh4z3acnyrnoaTzT15xqKs0w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc46a2efac4-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/icp.gif
172.67.155.162200 OK 43 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/icp.gif
IP 172.67.155.162:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/WebTrackings/track_files/icp.gif HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQSLpqsgIRDQb1Jw4SiFzLIP4P%2Btq82BMkEbDjJqGFxZc3HZkOb4pnEbpBtyrTyXPht5UUQ5SK69fDI%2FJe4foniE%2B9KyFeN0pEz%2FTtIIrcKJ%2Fp5ZkTSjipMRwOpTZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bd3fc46be5b511-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/b96dOB0.gif
172.67.155.162200 OK 8.5 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/b96dOB0.gif
IP 172.67.155.162:0
File type GIF image data, version 89a, 256 x 256\012- data
Hash 07144a45b1ff76fe9cb4aa9c92a646c8
a365ff55a6f0a1018f687585d3c154f01b976e56
8527958c37439fbb2193c9bb70637b30dde1d87884014712a07786e67ada9eaa
GET /css/WebTrackings/track_files/b96dOB0.gif HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: image/gif
Content-Length: 8508
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:26:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnAajP6PDyDX7qU2RvanaacJz9qofoeBug%2BGmIpmofAit1JHoAvE1imz4Crpps1TcYcVrSazPUEj4alZCC13cjCNzZoV%2Bt69p%2B3Mve6cIBEtJo1w%2BCnSVolHv9L5qg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc46de41c06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/sii.js
172.67.155.162200 OK 803 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/sii.js
IP 172.67.155.162:0
File type Unicode text, UTF-8 (with BOM) text
Hash e8a77219b7db64f2cf8dddf0b1109967
fc5344110543ef86735c98a8a76389dd76a093d8
fe7d194cca8d9fddc3102dff18fa2f8070579bb256a6171cb0ef5a546787e10a
GET /css/WebTrackings/track_files/sii.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 803
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjZa9qghkjIDQ7gLqtnS1l8jdwwDBYon99HGtt%2FTDZSwnc0z2tZveH8C4wibeyQMqy%2FcoVRsj8GMOhS1PuUlQBQ3I4Cbwt%2B4tvF7DKKc0wzucSEMs1OnBtazdbEIOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4da3cfac4-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/print.js
172.67.155.162200 OK 612 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/print.js
IP 172.67.155.162:0
File type Unicode text, UTF-8 (with BOM) text
Hash 1f54153dfddc95fcbd99cf33ba3b7890
6bfa2e51fe4765434d0b73e9e5b98db9483f2ada
20c42aeb320dc87615737e7b090f2409409eac07bd35e0d96f424417d07a48f5
GET /css/WebTrackings/track_files/print.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 612
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTxN%2FYFV%2F4G7v6w%2FaQpShC7GoQChPQiMAdc0zWam%2BNZrWkEhyxQlMKaASHMh89hUje70BJgura0u0pugQtKydnoYWdcVWWhbOGpu6HDcIZa9zBMODc0yyXfO1T0xDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4debfb50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/inline.js
172.67.155.162200 OK 442 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/inline.js
IP 172.67.155.162:0
File type ASCII text, with very long lines (796), with no line terminators
Hash b76825c4e09f887a8de5767befe6e929
f3526a4052d819b7108082fbf24a90e90fdf548a
4af2d76c8271e95ebe63ac2d3f634cb9a03fe2f1e3a535d007e5f8f2351b0de4
GET /css/WebTrackings/track_files/inline.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 442
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BM5d4HS0J69SkTsH7uEf8hgzY7GawhdOY9n2ZN88TQZSMDtLpDRi0YhFvxfCmD4XLbjeoaTaOsxjHe7LMglN8z%2BQa7qOwPzo5lqsARHJJYGnU94xPBralXsrdkmmg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc60e551c06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/mnmCompleted.js
172.67.155.162200 OK 1.5 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/mnmCompleted.js
IP 172.67.155.162:0
File type Unicode text, UTF-8 (with BOM) text
Hash a767d4383178427b09de5fce2bfccab0
f8fe814e0c2c80162451b9a1d0d4ee461120054c
d36f5a8bde036001ea2d02d7f188e44e049d3e05e64acb3b05645e637bcc3ea7
GET /css/WebTrackings/track_files/mnmCompleted.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1473
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BGRrOtM71Ibri3F6zTTncyko6Uhc04dxzRuUqN5VC%2Bh4u5U92JvvYdsZu41nBwkuUUiWS2uMc%2Bc2C9IPIiN810ENGgDnUbDM8c5JccyLAP5q8lljHX2rA11d4ClVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc64a68fac4-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/mnm.js
172.67.155.162200 OK 1.9 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/mnm.js
IP 172.67.155.162:0
File type ASCII text, with very long lines (7462), with CRLF line terminators
Hash d5eca3a4ae25b48ce3cb2a0d60c7c408
6e953b85633de059e6395123fc5349d36f4da088
3ee96aeaffb4e7ac3971840d67e80d7d366c9056f7f02fc44fb2bacc88a125b3
GET /css/WebTrackings/track_files/mnm.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 1928
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3WhBZ4%2BzqiITeyYj4tp7P%2BuwlAaIQwui5M4IPBsDdLT4sbHBpEA9ycXF8EvPD3SHr%2FENsP6XOIT9jpE70v8kLNKRSofgqGwCUMHbMayZwsHeyeJMIth5VExiPrpjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc64f3ab50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5
172.67.155.162200 OK 19 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5
IP 172.67.155.162:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 67f50a5cbbae90b1391c6774c95bb082
94fca65c1408cb79bdb231cc805d77783386e5e4
684c41ee3d9dde8c136e96cf888577e9273bb7939dbc103a748f24de8d86f9a9
GET /css/WebTrackings/track_files/8f71d169ui228ea333b9052029f5a5 HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Length: 18654
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVy8fcpcfUFtKnHTXDW6Wyarub8NICj83wBXtns%2FkaF4GnRABR1PmgFVe1rvW%2BHbCOAqoyecb4f6nfIpBVWh77nx3gnwIGZCDRN4PcoITjw6PCMHZd6je4KPreloLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc4cebdb50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/mcdi-01.js
172.67.155.162200 OK 3.5 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/mcdi-01.js
IP 172.67.155.162:0
File type ASCII text, with very long lines (13182), with no line terminators
Hash a5f9fa6fb607b71b0c9128cca99057fa
0075f5b1a9eef4d57a789e5378620cf4cc176503
b556199630f83d6e07f21bce830996969898a20924825fddcf472af1aa1fea07
GET /css/WebTrackings/track_files/mcdi-01.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:33 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 3460
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDS6NdnrURPwxEX7GWF5t30pPQOW3LdLJFYzGvUDXBD0SaT2kpV0uy1%2BfEB2Nemo308OJ2Znf7TXFjcZVNy1WohVF2eY%2Fg4glqn4GFj%2FmDY0Iw%2BSasEWQQ08LPSjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc71e8d1c06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/UPS_Smart_Banner.js
172.67.155.162200 OK 305 B URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/UPS_Smart_Banner.js
IP 172.67.155.162:0
File type ASCII text, with very long lines (503), with no line terminators
Hash cd5dcd199eda3c917e26d301f3ce51e8
ebcd0fb2f1723ebf0884821bd0443e9f3f50b30a
6144e061ba4d44dc7c498873e8f2d62b38ea8b4b32826be9e05cf6c69b62157f
GET /css/WebTrackings/track_files/UPS_Smart_Banner.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 305
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ny68OBSSvwmORKgnurLEF7oeLcm3pdyq8q8eYe0XwDodQWHt7yazHReKIIbtKyAHsYChjz22au48GAwM%2B8QS8OLnFnV82wNA%2BMypr%2B1TNcdAbx9z3QVwGdy9vzrswQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc85feab50c-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/track_files/ups.js
172.67.155.162200 OK 8.7 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/track_files/ups.js
IP 172.67.155.162:0
File type Unicode text, UTF-8 text, with very long lines (32019)
Hash 6179e9c2efd4c4f419acb1c1afe6923d
4a5fb2812cce74cc08081dfe18f1d0f549e706a2
2bafa2f2e5323fc8e591455bdf9a1f8cbaad7030d121b424cb7b38aaf513c384
GET /css/WebTrackings/track_files/ups.js HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 8669
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 15:41:14 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRIbQawpE27ly90oQwmrR46Fe2I%2F8VWQwyAjsva7uUv%2BeMneagEFjCLaugocoa9QRvIIGhXKi6zYRMdpKTOOqm9UFCGZXa9MZgUBUlS%2FLNVcGaFgkr%2FIE7uE57h%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fc8eee31c06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
172.67.155.162200 OK 13 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
IP 172.67.155.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (4021), with CRLF line terminators
Hash ab1a73dd1a11b15b6afda8e590b5513f
5df86f89e8382a6a38a2ac263b66fc1b2b21a4e4
aeb941762036e30aa90f45110641c94ab209cef5f213d5dcab454e07f37e313a
GET /css/WebTrackings/tracking.html?lang=en_EN HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/track.html?resource_url=https://www.ups.com/track=99435&session=15915
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 30 Jun 2021 21:26:46 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Wj8sRh%2Bn2N4ubXkZPtTsUKuOoDZ4sXf50%2FgcbbYlFQx%2BasmabHuzHxxBQ8qUK9Exdun7gsxX06D65%2FhJwmXPFEgOm66M8VqDgoEqUErD%2FqdC5MbexaY%2FFdVtILyZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fcba8560af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/tracking_files/ups_003.css
172.67.155.162200 OK 8.3 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/tracking_files/ups_003.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 65d77577e873e382846a9404e008d0f8
30f71585e78dca88846e75c43cc583a489d0333b
95ac89d6a9bec201c0c3cf4d621970caaf150a1e2900ae172f551b8c1a03eb26
GET /css/WebTrackings/tracking_files/ups_003.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 8348
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfDkp3INVUpHBwSMChL0Q0ICxJjy%2FzgKXRgUb4cqINnI%2FsgG8%2FZGpzsBM7IPXW6XAYRfCjSTRw%2FCa7DRARr4DjaLIgTekamLu3YIclGbiphUd4qS7LzWvlqNsfw4YA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fce0a12b527-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings/tracking_files/ups_004.css
172.67.155.162200 OK 23 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/tracking_files/ups_004.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65352)
Hash a5861caf32ca4187abebe6ce6d430464
1092ee81914c0967249ebea9b23d35cc8efbe6ed
d0bedcf32c8e7ea96aa0c852091982a824e7b7e05a8deda627969a6a56bcad8b
Analyzer Verdict Alert urlquery phishing Phishing - UPS
GET /css/WebTrackings/tracking_files/ups_004.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 22638
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjjgCsZwqs6ofnf0Wnw9q5%2BNJG2%2Bz1ya5TKNTzuZ5wuWxVJk32S1tmF2pNs5riNxsmwInjcMnu63tuWIkAZzB1k5u3I9wj1kxR5oUQnTUabBncAImXL3CZIFHJUycw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fcdf9070af6-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e5d824-eb30-4eec-8bc0-43392e282ac1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e5d824-eb30-4eec-8bc0-43392e282ac1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac21abf8783acf4dab9ce933d644025f
98b6d6a3793e4b3f1aac9d4258c04866fa11f80c
5239bc12bdd94fe9fb20f34bf36f794600e147e492e2090311b97a1b41d31055
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5e5d824-eb30-4eec-8bc0-43392e282ac1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9950
x-amzn-requestid: 4e729609-0e45-4b25-8137-37ec47534023
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHbA5E4SoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63993ed2-0bc55b2c1b08bda2023bf207;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:11:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9tCIn42zpNL7ZgqRj9I4MVjo98uBRcY1odt7EZpPx2aEj9RZkDbkBw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 20:16:18 GMT
age: 28038
etag: "98b6d6a3793e4b3f1aac9d4258c04866fa11f80c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
arocks.tech/css/WebTrackings/tracking_files/ups.css
172.67.155.162200 OK 93 kB URL HTTP/1.1 arocks.tech/css/WebTrackings/tracking_files/ups.css
IP 172.67.155.162:0
File type ASCII text, with very long lines (65472)
Hash 17c06163fc8d0c68e30197e10d16ee3a
bbdb566f7e94318a58eeef61dc628c244589495b
23adfd209732af34b2a9500fa5cabf67da4a1f002536b7ecb7ecd10a86154b41
GET /css/WebTrackings/tracking_files/ups.css HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://arocks.tech/css/WebTrackings/tracking.html?lang=en_EN
HTTP/1.1 200 OK
Date: Mon, 19 Dec 2022 04:03:35 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Sep 2020 16:31:38 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcjZrMpjJ48cft39KkGJSfEimlMDt8wuscwq6LA9mWUpj34wxkVA6gvYM5wVqTnC2klnGydsdhqa7%2F%2FCm%2FJsl7D8AmsRk7uVfuogt8fxlsxQz%2BJeueSoMKiF87lyyg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77bd3fce0bae0b06-OSL
alt-svc: h2=":443"; ma=60
arocks.tech/css/WebTrackings
172.67.155.162301 Moved Permanently 0 B URL HTTP/2 arocks.tech/css/WebTrackings
IP 172.67.155.162:0
GET /css/WebTrackings HTTP/1.1
Host: arocks.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 19 Dec 2022 04:03:29 GMT
content-type: text/html; charset=iso-8859-1
location: http://arocks.tech/css/WebTrackings/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lMKoH1pXMPAIOVMXYwPhg1qOKrpGt8G6SUZSSQWWAIud2zc2gyIISqfjIw0os9SZ4QmA4fXmE%2B5SOh8%2FGkPxdWDEzxNNYxHkfchhFEOAezdpdKnaO6V7mLTDehVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bd3facbd851bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2