r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7767
Expires: Mon, 05 Dec 2022 07:08:35 GMT
Date: Mon, 05 Dec 2022 04:59:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5232
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:08 GMT
Last-Modified: Mon, 05 Dec 2022 03:31:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 04:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2336
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19606
Expires: Mon, 05 Dec 2022 10:25:54 GMT
Date: Mon, 05 Dec 2022 04:59:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 712
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:59:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
34.149.204.188308 Permanent Redirect 188 B URL HTTP/1.1 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
IP 34.149.204.188:0
File type HTML document, ASCII text
Hash 313668ea22a4210abecb1f442fc1dc0e
cf30b7282ba438e0bf60fe4a74a4345483ce6a34
5c1a7dacc7723ec27ff792917bc29f1dc2750e60750e591814a78f12c542dfab
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Location: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Replit-Cluster: global
Date: Mon, 05 Dec 2022 04:59:08 GMT
Content-Length: 188
Via: 1.1 google
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 3011
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 202b4654c6f6de2ae54e5ba8200cced5
791971a79e6c1657ed8e6e9db121457a6008a510
4103deb47b69393c0e778547dd7d29032bb645cd1af8a423238ca02f5d23da59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4103DEB47B69393C0E778547DD7D29032BB645CD1AF8A423238CA02F5D23DA59"
Last-Modified: Mon, 05 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Mon, 05 Dec 2022 10:58:30 GMT
Date: Mon, 05 Dec 2022 04:59:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=106477
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:09 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:33:46 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PuPW6F45rdRKtK9ZV7r5NQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8q8E4jrgaWJCO0JcU4hJ7Gn1CWA=
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5278
Cache-Control: max-age=147231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:10 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:53:01 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
104.17.25.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65451)
Hash 391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b
GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 949477
expires: Sat, 25 Nov 2023 04:59:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZTC4X0lLuzDb19x8Y5K%2B2S2b%2B4wtiAvUbHjwQ%2BIXOQCwyxPlqmxCBk8ZlMkMKVJyoV1%2BnM4Ll2DD65IsQODfyt3RVNrZ%2BLPHL3Mh7fZv3AISHR45fqMaVo3xUmVzIfRN1V%2B8fuW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774a3601bafc1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:50:04 GMT
age: 547
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 25856
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:59:53 GMT
age: 86358
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 25856
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=147231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:11 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:53:02 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 25328
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 25328
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /page-https-cdn.optimizely.com/js/6261340341.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx
34.149.204.188200 OK 54 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx
IP 34.149.204.188:0
File type GIF image data, version 89a, 15 x 15\012- data
Hash b0c811c03908e627769be91798d2ca39
ad404412666874be821e3189ee06683d60eefc77
47361c9f2b452dbef25f029bf719f03fc1e2330bd43ecceccb800c773e0824d0
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 463106
cache-control: max-age=604800
content-disposition: inline; filename="img-placeholder.gif"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/gif
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Thu, 12 Dec 2019 21:20:20 GMT
replit-cluster: global
server: ECD (aga/86BC)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 54
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5
34.149.204.188200 OK 573 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5
IP 34.149.204.188:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (573), with no line terminators
Hash 3e81e948274b52f011e819d03e569bfa
d840bd9a5070bf52e24c35d4b481d03896778467
53c4c147e70a8c4b8c359b7794b6d1fe5658902f8a701a2ee20d62b6c0da9bbf
GET /page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
age: 271775
cache-control: max-age=604800
content-disposition: inline; filename="logo-adp-fy19.svg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/svg+xml
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Fri, 15 Feb 2019 16:22:30 GMT
replit-cluster: global
server: ECD (aga/86BE)
strict-transport-security: max-age=315360000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 573
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278
34.149.204.188200 OK 7.6 kB URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278
IP 34.149.204.188:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 768x384, components 3\012- data
Hash 805c3dfedf13730ab0109b9befe26d8b
9a93a48b5b95066450e54e0ca7cd634273dafc11
a59ed5d0828d95e4126fd461ba9dc13bbbd828dabbea0d88a468c6a891b8cfd5
GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 288581
cache-control: max-age=604800
content-disposition: inline; filename="hero-insight-mobile.jpg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/jpeg
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Thu, 20 Oct 2022 20:20:42 GMT
replit-cluster: global
server: ECD (aga/86B2)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 7613
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f
34.149.204.188200 OK 1.2 kB URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f
IP 34.149.204.188:0
Hash 465ce141f9303fa29c5f7e122b0bf23c
f61bb3f037ffba6ff97d5b084216caac55f14b1d
17fe1ee2b4edaac0bb45274c914c2853ac08b85492b0fd2fc7567cec372873c8
GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 04 Oct 2022 22:21:06 GMT
replit-cluster: global
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-208508211-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-208508211-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 2cd9ba0c8ec13b2165cf144dc629eac8
ca75cc9405722a684378cb3c41e0cd5ed4ef026b
5075c48fc28068f737bda879f30f88f94ed8056c975dc191718067d096c3ce8a
GET /gtag/js?id=UA-208508211-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:59:11 GMT
expires: Mon, 05 Dec 2022 04:59:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
milsteelonline.com/-/media/adp2022/ui/icn-search.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-search.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-search.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2682bd51329126ab8b7083015c6050d6
703a3fa0d9dc2449cd1e9d80b6c2483dd2abd54e
6b21484244e3fd1d476dd2a5e278a9abd3ebe54abf1e5404152776a04e004bd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B21484244E3FD1D476DD2A5E278A9ABD3EBE54ABF1E5404152776A04E004BD4"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4421
Expires: Mon, 05 Dec 2022 06:12:53 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2682bd51329126ab8b7083015c6050d6
703a3fa0d9dc2449cd1e9d80b6c2483dd2abd54e
6b21484244e3fd1d476dd2a5e278a9abd3ebe54abf1e5404152776a04e004bd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B21484244E3FD1D476DD2A5E278A9ABD3EBE54ABF1E5404152776A04E004BD4"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Mon, 05 Dec 2022 10:58:26 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive
milsteelonline.com/-/media/adp2022/ui/icn-globe-black.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-globe-black.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-globe-black.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26982), with no line terminators
Hash 2bf11646cfaba01c6bd7fba1fa9dcf09
545201cb77965529a15fd30476845e877ca7293d
d63c6a0849c50b2b4a883cc7a243d69fb454c2a7225a3835d0af1ef381a20a9f
GET /8fa04f55aa21f2ced2759b96e2702ac3/invoke.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c4b3330ec74416cb1fb1c3d06e765e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37134), with no line terminators
Hash 9ad524973df94f84871764690a144770
fa2046abea7fadcced97e12761a126d9db2323ed
c3d69187828f00e5cc3251bd7cf47079b01e8da690a7b20377e9c4bcc8b47687
GET /5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d98dfaec5ab0ac496ffbe0c50999adf1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 206ba62e3ac45d76baa935ea64fa2edd
4b9f2ab2a56aa6896ccb977dde33dadff86356de
6cbb311ca876627609acd3dcba58520b80ccb10d3b3a705bfe9ad02d26329841
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CBB311CA876627609ACD3DCBA58520B80CCB10D3B3A705BFE9AD02D26329841"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8102
Expires: Mon, 05 Dec 2022 07:14:14 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive
milsteelonline.com/-/media/adp2022/ui/social-media-sprite.png
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/social-media-sprite.png
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
GET /-/media/adp2022/ui/social-media-sprite.png HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
GET /-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-white.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-white.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-txtlink-arrow-white.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-ui.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-ui.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-txtlink-arrow-ui.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121579
Date: Mon, 05 Dec 2022 04:59:12 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:45:31 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LcWC5Npd4U_Ut93amH31EIi4lP6P7J_SL3-3M6oxi1H0Nq7yrzD0-w==
Age: 4463
milsteelonline.com/-/media/adp2022/ui/icn-sm-tw.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sm-tw.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-sm-tw.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-carat-down-ui.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-carat-down-ui.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-carat-down-ui.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-sm-yt.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sm-yt.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-sm-yt.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-sprite.png
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sprite.png
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
GET /-/media/adp2022/ui/icn-sprite.png HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-sm-fb.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sm-fb.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-sm-fb.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-sm-ig.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sm-ig.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-sm-ig.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9882
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 39813e1be47701d37968a3120c3162e8
2f76b13b766d7127eb446fc41b17c7f5a3a461db
8b6c010271cb1b5b5e87581f94f396922afb3dcf9b935c0896561d63a197fba4
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; expires=Thu, 02 Dec 2032 04:59:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
milsteelonline.com/static/project/adp/fonts/TaubSans-RegularItalic.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/static/project/adp/fonts/TaubSans-RegularItalic.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/static/project/adp/fonts/TaubSans-Bold.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/static/project/adp/fonts/TaubSans-Bold.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/static/project/adp/fonts/TaubSans-Regular.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/static/project/adp/fonts/TaubSans-Regular.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/static/project/adp/fonts/TaubSans-Medium.woff2
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/static/project/adp/fonts/TaubSans-Medium.woff2
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
milsteelonline.com/-/media/adp2022/ui/icn-sm-ln.svg
34.149.204.188200 OK 3 B URL HTTP/2 milsteelonline.com/-/media/adp2022/ui/icn-sm-ln.svg
IP 34.149.204.188:0
File type ASCII text, with no line terminators
Hash 4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b
Analyzer Verdict Alert fortinet Phishing
GET /-/media/adp2022/ui/icn-sm-ln.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121628
Date: Mon, 05 Dec 2022 04:59:12 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:46:20 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GrFYpfCZHOSgZKHyix2OTeVBv410VJsyUcvtit1IuwswiunqfxC6wQ==
Age: 4512
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 81d8ff5e302563978633666f7d600dd1
aa53067302d759001d27cde5e2ba0e530eb97c58
bbf74a3cf2f443925783c8d53fd55be36e2b4e03e57a7099e29f3d2f8fb6572e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=f06926fb-ddfc-46e9-bb9e-a43292029e27:2:1; expires=Thu, 02 Dec 2032 04:59:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9882
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive
kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js
192.243.61.225200 OK 29 kB URL HTTP/1.1 kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash e81334d6621316b95ca823f060a1cb2c
6fabca1b64e687e97438acbb61d6113dee53f9ab
4d1655d5bbf46c1763a2b94b92022b5c22500f6b5c7cca1424b32d618b2d30b5
Analyzer Verdict Alert quad9 Sinkholed
GET /2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: baf707c72d82e266aa3ea0765a7e5502
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1
192.243.61.225307 Temporary Redirect 0 B URL HTTP/1.1 kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Location: https://kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t
Set-Cookie: u_pl=16256856; expires=Tue, 06 Dec 2022 04:59:12 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64; expires=Mon, 05 Dec 2022 05:00:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22574b5a5cef737674e1c1272b044191
Strict-Transport-Security: max-age=0; includeSubdomains
kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t
192.243.61.225200 OK 641 B URL HTTP/1.1 kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 5d72dda75b278f10c2786f219dc881c5
d293810f40c7b99f60113d83243f780d7cdd8678
7e3a5979f01563aca97edfb728e65c56ff0b3676d2d3b73e99eca4a7e2bdd318
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Referer: https://milsteelonline.com/
Connection: keep-alive
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; expires=Mon, 12 Dec 2022 04:59:13 GMT; secure; SameSite=None
iprc4e30fb799a24f153e220ff6efd7ad081=2717342; expires=Tue, 06 Dec 2022 06:59:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47b4fd0757c09356f735a8b192998091
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kidhumiliateessay.com/pixel/sbe?t=1&error=timeout
192.243.61.225200 OK 0 B URL HTTP/1.1 kidhumiliateessay.com/pixel/sbe?t=1&error=timeout
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64; uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; iprc4e30fb799a24f153e220ff6efd7ad081=2717342; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5575d12e87dd96f370a6ef6332c460bf
4fc5e8837b5c0fcfeba488c58afe7915ae94434f
67016264f28c5cfaf12fa4aa15e69af8f2fc249c2c6eb3428f4723abb5541ec6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67016264F28C5CFAF12FA4AA15E69AF8F2FC249C2C6EB3428F4723ABB5541EC6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15515
Expires: Mon, 05 Dec 2022 09:17:48 GMT
Date: Mon, 05 Dec 2022 04:59:13 GMT
Connection: keep-alive
friendshipmale.com/sfp.js
172.64.141.24200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.141.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 61aae037b9981144492a2d70ca9847a6
b272670840e17fc40320a24a7fafb1b1a0cbac48
b0d5c0e8c8347a9f5ef18bc3f2ea1148b015c6fcc81738bbd79e6f34fdf1d295
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 17388a7ea8750b045e68e13b803252d2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 04:59:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0QdgkDEA%2FWSJNX0gqGQnNsbxlDm1URyRkOx2VqjIgMjirQml2tAaF4ZFLSUQmv9J%2Fjs%2BvX3rknCWQkm0l2usmuXw40iplfNdpnnykxOFeefdS0pHOCeQUJ%2FPSJbmdJx2x2dvA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a360bf9757756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.spikereekvelocity.com/dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856
192.243.61.225302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122935,16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.uNNvXDCNSbndzqy4pURZ3cDH74xqokStXEta2nyzaSY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Set-Cookie: uncs=2; expires=Tue, 06 Dec 2022 04:59:14 GMT
uncs28=2; expires=Tue, 06 Dec 2022 04:59:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5095aa2bd502745c70f1871f87174eb
Strict-Transport-Security: max-age=0; includeSubdomains
dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
3.212.50.125302 0 B URL HTTP/1.1 dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP 3.212.50.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Mon, 05 Dec 2022 04:59:14 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Server: jFeIVydX
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5eb7927960ce41e3ef457eb817020b34
6f4b4b6b47d045d9948235c5635dc418c74631d6
729caa785d1fa36caca999b56682b9515cf32088c06a70ef4f3f14a93855e90b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "729CAA785D1FA36CACA999B56682B9515CF32088C06A70EF4F3F14A93855E90B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19802
Expires: Mon, 05 Dec 2022 10:29:16 GMT
Date: Mon, 05 Dec 2022 04:59:14 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
135.181.6.240200 OK 569 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash de05cd85adadee9aec0e60f0556fb502
26089bd27c386007f95c6f73c5f213c6846b995e
1d09de2b16fbdb486be2ad415577fec4c0405c33dc4bdcfbda95bd39c482ffa0
GET /go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:14 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 04:59:14 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY
135.181.6.240200 OK 466 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362)
Hash 44ee2679785ce2bc3e3f1253c2897d74
796897bb128734395c4f8542845bc2e814318f46
2fada1a057ecf34df76dfbd4dce99d048d2c78bf2b1dae3ea5916c07138676a5
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:15 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 466
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b479c27a6e6909ff43b5650238b5af27
e81427361cd3d797f1d6d047aa5efb768b5f23a7
e477a0350b397c500a6bb6fa46aa3dc4012a1cd0eceff505bc339c177e4562fb
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:16 GMT
Last-Modified: Mon, 05 Dec 2022 03:45:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
95.211.116.27200 OK 28 kB URL HTTP/1.1 no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Hash 604ea869d9cf3f7c23748080ab5133a4
94cfb690c08476b7a9e89c19b2a2396a20b9fc18
42341d04d4f8e1043deafba858670015625b3653a7a90d300e2418d2a7a6e0e4
GET /ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289
clickId: 107698111_1670216356806_2601794
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017294S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 28262
Set-Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:16 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-184e0a713c7-c81fe; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:16 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
95.211.116.27200 OK 68 B URL HTTP/1.1 no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
Request-Time: PT0.001345S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=86
Connection: Keep-Alive
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
95.211.116.27200 OK 0 B URL HTTP/1.1 no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Content-Type: text/plain;charset=utf-8
Content-Length: 548
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
Request-Time: PT0.0061S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout
95.211.116.27303 See Other 0 B URL HTTP/1.1 no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout
IP 95.211.116.27:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 04:59:17 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289
clickId: 107698111_1670216356806_2601794
country: no
Location: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015433S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=6c_YgFfP4thPKu4cnKpeFFY9Fk1jkYmj7RYY_lqdVrjtyzbcClXgCIC8Xt4gRr_mcGUD5~htoz0YzSPv-nN-bH5zbxrLl-VtlrqpjmatZkpOPhho04SFq6lgl6XTemcE; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:17 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=100
Connection: Keep-Alive
Content-Type: text/plain
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 836cf9e1aa494dca1295e3f832365b4a
d1a4d25a078d34e6d27254c0ec585e888d57aca4
c68aeae387f9a16d3b6975186bb78ade78635832ec1ffcec7178eac1cac02790
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128258
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:17 GMT
Etag: "638ccca7-117"
Expires: Tue, 06 Dec 2022 16:36:55 GMT
Last-Modified: Sun, 04 Dec 2022 16:36:55 GMT
Server: nginx
Content-Length: 279
junkyard.com/static/css/app.acb11126b840f3bca2c6.css
104.18.10.54200 OK 36 kB URL HTTP/2 junkyard.com/static/css/app.acb11126b840f3bca2c6.css
IP 104.18.10.54:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 2355eac4898e77774079f2828945ba3d
346ceed48c87f25e0057220355b7f56f333e058d
55b1fee2e57ce1d16c5ac2809bb0f891e8a15de25e6349f01c9fa861468db1fe
GET /static/css/app.acb11126b840f3bca2c6.css HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/css
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 14:42:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2849195
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bab529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f44f9f9447027e069a0dc67ebaf08a54
335ba0ba0b3fe6b9a9293fd113341b5eacf320ef
447a28fc1d1fccfdc5086dbe3f2e161935b17b39fed7059a82229f2d248a3182
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4293
Cache-Control: max-age=96898
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:17 GMT
Etag: "638c4162-117"
Expires: Tue, 06 Dec 2022 07:54:15 GMT
Last-Modified: Sun, 04 Dec 2022 06:42:42 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js
104.18.10.54200 OK 18 kB URL HTTP/2 junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js
IP 104.18.10.54:0
File type Unicode text, UTF-8 text, with very long lines (58247), with no line terminators
Hash 238e6d5e95026386af21114d63233f01
cdefb99a6aeb7d15f77ea462714753c6022d27f8
ac472ca16382f4abf860fcaca44a128a57c0e09e449a6cdf5c15f8eee26b31a7
GET /no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
servedby: var-p-webp8
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Dec 2022 11:04:10 GMT
cf-cache-status: HIT
age: 237307
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
junkyard.com/static/build/datalayer.32bda4.bundle.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/static/build/datalayer.32bda4.bundle.js
IP 104.18.10.54:0
GET /static/build/datalayer.32bda4.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
vary: Accept-Encoding
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727224
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bcb529-OSL
content-encoding: br
X-Firefox-Spdy: h2
junkyard.com/static/build/client.0ddd58.bundle.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/static/build/client.0ddd58.bundle.js
IP 104.18.10.54:0
GET /static/build/client.0ddd58.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
vary: Accept-Encoding
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727224
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c4b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
IP 34.149.204.188:0
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Dec 2022 04:59:10 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2
junkyard.com/Static/generated/logo.svg?4.14.39.17
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/Static/generated/logo.svg?4.14.39.17
IP 104.18.10.54:0
GET /Static/generated/logo.svg?4.14.39.17 HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727223
expires: Tue, 05 Dec 2023 04:59:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
IP 104.18.3.3:0
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Fri, 02 Dec 2022 02:44:42 GMT
x-ms-request-id: 4c8ab55a-601e-0004-6d9f-06b54a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13049
expires: Tue, 06 Dec 2022 04:59:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774a36299c7d0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://junkyard.com
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a3629bea0b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cookie-cdn.cookiepro.com/scripttemplates/202211.1.0/otBannerSdk.js
104.18.3.3200 OK 0 B URL HTTP/2 cookie-cdn.cookiepro.com/scripttemplates/202211.1.0/otBannerSdk.js
IP 104.18.3.3:0
GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Fri, 11 Nov 2022 02:37:39 GMT
x-ms-request-id: a75738a1-701e-0037-1796-f5eae1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 8846
expires: Tue, 06 Dec 2022 04:59:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774a362aacdd0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
IP 104.18.10.54:0
GET /no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
servedby: var-p-web24
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; expires=Sun, 12-Feb-2023 15:39:17 GMT; path=/; HttpOnly; SameSite=None; secure
VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; expires=Mon, 12-Dec-2022 04:59:17 GMT; path=/; secure; SameSite=None; secure
ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; path=/; secure; HttpOnly; SameSite=Lax; secure
Varner_MainCategory=Men; path=/; secure; SameSite=None; secure
__cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66; path=/; expires=Mon, 05-Dec-22 05:29:17 GMT; domain=.junkyard.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a36282850b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
IP 34.149.204.188:0
Analyzer Verdict Alert fortinet Phishing
GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 01 Nov 2022 15:04:25 GMT
replit-cluster: global
X-Firefox-Spdy: h2
junkyard.com/static/build/apptustracking.1486af.bundle.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/static/build/apptustracking.1486af.bundle.js
IP 104.18.10.54:0
GET /static/build/apptustracking.1486af.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 14:42:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2849195
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
milsteelonline.com/assets/inject.js
34.149.204.188200 OK 0 B URL HTTP/2 milsteelonline.com/assets/inject.js
IP 34.149.204.188:0
Analyzer Verdict Alert fortinet Phishing
GET /assets/inject.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2
junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js
IP 104.18.10.54:0
GET /commonUI/script/js/vendors/jquery-3.5.1.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Mon, 06 Dec 2021 15:48:20 GMT
vary: Accept-Encoding
servedby: var-p-webp1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 31359087
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js
IP 104.18.10.54:0
GET /commonUI/script/js/vendors/react-17.0.2.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 12:29:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13260306
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c1b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js
104.18.10.54200 OK 0 B URL HTTP/2 junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js
IP 104.18.10.54:0
GET /commonUI/script/js/vendors/react-dom-17.0.2.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 12:29:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27558753
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c2b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
eu-library.klarnaservices.com/lib.js
54.230.111.80200 OK 0 B URL HTTP/2 eu-library.klarnaservices.com/lib.js
IP 54.230.111.80:0
GET /lib.js HTTP/1.1
Host: eu-library.klarnaservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 13:38:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 05 Dec 2022 04:55:23 GMT
cache-control: max-age=900
etag: W/"50f8de9b09f8d24965d7510eb0aa6df8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qYOlDsYYUa0LqsvAjmNQRvU5kVsHrR-49Z8M7dCaFqgn9qwkSNvd7Q==
age: 244
X-Firefox-Spdy: h2