Report - milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx

Report Overview

Submitted URL
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
IP
34.149.204.188
ASN
#15169 GOOGLE
Submitted
2022-12-05 04:59:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
becomesnerveshobble.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	810 B	25 kB	192.243.59.13
friendshipmale.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	29 kB	172.64.141.24
shopde.pricedeals.shop	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	2.0 kB	135.181.6.240
cookie-cdn.cookiepro.com	6678	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	797 B	1.7 kB	104.18.3.3
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	388 B	44 kB	142.250.74.168
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	700 B	142.250.74.131
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.158
www.spikereekvelocity.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	907 B	192.243.61.225
dipaka-ead.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	477 B	753 B	3.212.50.125
static.cloudflareinsights.com	1294	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	393 B	104.16.57.101
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	29 kB	104.17.25.14
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.208.34.131
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.76.226
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	822 B	18.185.190.54
no-go.kelkoogroup.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	32 kB	95.211.116.27
eu-library.klarnaservices.com	22427	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	535 B	54.230.111.80
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.9 kB	93.184.220.29
milsteelonline.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	20 kB	34.149.204.188
kidhumiliateessay.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.1 kB	35 kB	192.243.61.225
status.thawte.com	5123	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	737 B	93.184.220.29
junkyard.com	334834	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	60 kB	104.18.10.54
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.4 kB	12 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2	Phishing
2022-12-05	medium	milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-search.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-globe-black.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-white.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-ui.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-sm-tw.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-carat-down-ui.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-sm-yt.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-sm-fb.svg	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-sm-ig.svg	Phishing
2022-12-05	medium	milsteelonline.com/static/project/adp/fonts/TaubSans-RegularItalic.woff2	Phishing
2022-12-05	medium	milsteelonline.com/static/project/adp/fonts/TaubSans-Bold.woff2	Phishing
2022-12-05	medium	milsteelonline.com/static/project/adp/fonts/TaubSans-Regular.woff2	Phishing
2022-12-05	medium	milsteelonline.com/static/project/adp/fonts/TaubSans-Medium.woff2	Phishing
2022-12-05	medium	milsteelonline.com/-/media/adp2022/ui/icn-sm-ln.svg	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	Phishing
2022-12-05	medium	milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814	Phishing
2022-12-05	medium	milsteelonline.com/assets/inject.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	kidhumiliateessay.com	Sinkholed
2022-12-05	medium	kidhumiliateessay.com	Sinkholed
2022-12-05	medium	kidhumiliateessay.com	Sinkholed
2022-12-05	medium	kidhumiliateessay.com	Sinkholed
2022-12-04	medium	spikereekvelocity.com	Sinkholed

JavaScript (27)

	URL	Size	First Seen	Last Seen
	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	424 B	2023-03-07	2023-03-13
Pretty URL milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx IP 34.149.204.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:29 Last Seen2023-03-13 05:25:35 Times Seen1 Hash cab513685e6fe78505eb3ddb11005103 7aba9c0424a5c35cb63a86076d250f28a4a6e249 884e7383adca6b169d4f452bf8b5e6fb24e432b66ece4b8d07befce148dc893a Loading...

	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	155 B	2023-03-07	2023-03-13
Pretty URL milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx IP 34.149.204.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:29 Last Seen2023-03-13 05:25:35 Times Seen1 Hash 784875c82c1b12bf3f4b7a0e36b57b39 c4439c5fe6a8f8344fa8f25c1564dc8baab19438 2f94f53b436e622c53748f67bc3b0245d09379af9fec2ae868cc91e4b05bb959 Loading...

	cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js	22 kB	2023-03-07	2024-03-05
Pretty URL cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js IP 104.18.3.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:52 Last Seen2024-03-05 19:00:25 Times Seen96 Hash a750a84d2cd5eb69aa0b8b1b94db6da8 56fd3e55c49aa5f3e48e525ae794da9b070cfa6c bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0 Loading...

	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	1.4 kB	2023-03-08	2023-03-12
Pretty URL milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx IP 34.149.204.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-12 15:54:45 Times Seen1 Hash 2a77bca302bfe8eff2ec0f84d7c4283d 00d287b7b194f96bd77b68b1310ba6178a777e62 967f29de63c84875c4e5f8d38d828050901f9dafc0bc0aaef8469d57d4fad949 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856	357 B	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=16256856 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:21:39 Last Seen2023-04-05 02:08:58 Times Seen138 Hash 7901f5d3ff7ad16e7c532afe4cbd0fdc 7f923233aa6f62ef5897c7700f4d57e0a4c3ead1 fa514b84f8c6fdfcac78e966f7bcf5834de5f364862494cf608d2f637c824db6 Loading...

	shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY	372 B	2023-03-08	2023-03-08
Pretty URL shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY IP 135.181.6.240 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 149d98b099ed8992ace11ff4576882c4 86e14bb9250f91d5a1f8cae2162f3fdc09e192ca 167210ac26d99f19c7d87f5a081338671a2f286feee1ef344ee02f9b76331117 Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&	17 kB	2023-03-08	2023-03-08
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash cc3802ac9e0bc30c35483f1f4384a2fa 95e926e411f6e98c71ce796b00dd49226ed86335 e85bfdee0cc1118acb606235840d87fc1c48af5383f94e210bbe6f7a491c6202 Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&	1.6 kB	2023-03-08	2023-03-08
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 7fe1957837397dde1bb4143d5a5cb3af 21dbdc55ae20eed53e6595414cc8295105ca698e 2e58ee4fe58f23ee6d40867bc90524170969111da572149b4b3ad1d5e6d8fc8d Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js	90 kB	2023-03-07	2024-05-04
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:07 Last Seen2024-05-04 06:39:36 Times Seen56540 Hash 12108007906290015100837a6a61e9f4 1d6ae46f2ffa213dede37a521b011ec1cd8d1ad3 c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4 Loading...

	milsteelonline.com/assets/inject.js	18 kB	2023-03-07	2023-03-13
Pretty URL milsteelonline.com/assets/inject.js IP 34.149.204.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:29 Last Seen2023-03-13 05:25:35 Times Seen1 Hash 18d8781cc491472376ca3aa27c5b8df6 6bf5cf91aad2250e0e057426fbe3434d91f3adce 6d36726677874074dfbfe6cbd208885cccaaedacff6531ce7a92f7b754c200cd Loading...

	www.googletagmanager.com/gtag/js?id=UA-208508211-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-208508211-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash bcd93ae3df7d029ce49f1f8fed28a83c cdeec29ce4f408fb1331b7985cc36196eeb7fa23 9a2e9b2b07ee70791e60fe6c8f7874cdfa3e5a456439b01c6b6ae0fea08a60d4 Loading...

	junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-04
Pretty URL junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js IP 104.18.10.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-05-04 04:49:25 Times Seen14245 Hash b61aa6e2d68d21b3546b5b418bf0e9c3 9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7 f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Loading...

	junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js	12 kB	2023-03-08	2023-11-22
Pretty URL junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js IP 104.18.10.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:48 Last Seen2023-11-22 17:17:57 Times Seen9 Hash 186b41ac8d26fd83c379f4c2adaad41c 4dfc5446f90cf9bc476e22ef8f953c3c771fdbde 33636ecdd814c51ce9460ad98a75d30e4b548c98e347d168eae3b220c37d4446 Loading...

	static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993	17 kB	2023-03-08	2024-02-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 IP 104.16.57.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:25:00 Last Seen2024-02-28 12:44:37 Times Seen1362 Hash 33100f2355611b2375f05486299abf05 0b2d1b75f6695e67b884bee2eb72165d6e881a26 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Loading...

	milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx	139 B	2023-03-07	2023-03-13
Pretty URL milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx IP 34.149.204.188 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:49:04 Last Seen2023-03-13 05:25:35 Times Seen1 Hash ca63179dec083aa99bfba14979b01f23 9053e09030db1537b483fd30127f45123b5f44f9 96006fb6c016c6f6c50c2799d24073032666306757f6b5f511d98679995007cf Loading...

	becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js	27 kB	2023-03-08	2023-03-08
Pretty URL becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash c179a06f862891e11b0b19895a23f826 1ea8fd3d80943a091d2fb80c502c5aa74f3542a3 5edf61b03023aea2fb614f2450ef9dbe757045b01583ba90ba98a4e4c8e82183 Loading...

	kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js	86 kB	2023-03-08	2023-03-08
Pretty URL kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash d9a116be598ef554d970aca2a8fbbfa9 7a6cf99bb618510b5ffbff22c6390313b9d1b969 6f37517370a8e8270b2a515e9c95f116d698121c63c742bbddad68bfa31e2a25 Loading...

	shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777	501 B	2023-03-08	2023-03-08
Pretty URL shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777 IP 135.181.6.240 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 3d309d07ddee4eb927b9495e82c288b3 0c3ab46a1652f952725c1ad61cdda21c86645e83 ac171396c1b9decd6b5f718f905662701a88059b2886912fa3ebb8cf8bfb9ace Loading...

	no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&	8.2 kB	2023-03-08	2023-03-08
Pretty URL no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& IP 95.211.116.27 ASN #60781 LeaseWeb Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 2ce17dbdd6d4a6753440e7915b0415e6 b55e60444b3a30cd0b14d4dc983a0f84799853d4 1b70b0cc4d0df2cedb625d76300a618cd52c551838d82bf269048bca59713113 Loading...

	junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js	59 kB	2023-03-08	2023-03-08
Pretty URL junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js IP 104.18.10.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 361bd054001247130a2bdcdbe98f863b 2b957ede5c259d31ca1b0c74e347845991c557fa d2a27c9961f6a41c124cbda593189ca2d7cf9cd5fa64983c5dbbb86f164ac6e0 Loading...

	junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js	121 kB	2023-03-08	2023-11-22
Pretty URL junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js IP 104.18.10.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-11-22 17:17:57 Times Seen10 Hash 6843b3c9dbd6c5c06d1f50f22542ead9 94fd0d72eebdb09f08ab410707f34daa50d6f387 451d8cd9435b8878931b54c21ebf0cbf88a5acdd09deb030eb1a40a6ca3f3508 Loading...

	eu-library.klarnaservices.com/lib.js	34 kB	2023-03-08	2023-03-08
Pretty URL eu-library.klarnaservices.com/lib.js IP 54.230.111.80 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:18:52 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 50f8de9b09f8d24965d7510eb0aa6df8 f4e42df81366bfa0a8cccda46418cf244cc7b9d9 766c7d02fe2e4198b4eee320d84edf4190cf345e62c8acf0c193bd2a827ef457 Loading...

	becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js	37 kB	2023-03-08	2023-03-08
Pretty URL becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-08 16:34:39 Times Seen1 Hash 3ba10f1cbc0e8fbf8546f9bf3aba1a24 1aa6218d20cc6680cccb2976b6bba9751ad0ec0d 70a58352b83a0f046e03fc256dbe0d602a01dfa2097da35a0c6825313394a748 Loading...

	www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660	2.1 kB	2023-03-07	2023-04-05
Pretty URL www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2023-04-05 02:12:07 Times Seen388 Hash 4fd91164aa79d34ae401150b9f112bbe a09fe46ece27e06c82f059c481090481804461bc e717b18eba32145b270f89fb30d50c51c6fdd7060deff6f467fc8621973123f8 Loading...

	junkyard.com/static/build/client.0ddd58.bundle.js	673 kB	2023-03-08	2023-03-08
Pretty URL junkyard.com/static/build/client.0ddd58.bundle.js IP 104.18.10.54 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:35:48 Last Seen2023-03-08 16:34:39 Times Seen1 Hash c8fd063b93c5d3aaea3fd59312a6ac85 10577bfbcb1dbf6f8f1b90c7a4eac08e405a57de ee01a6a0117cff4e340b35d9a3b31af627d8620c5d3cafe892cb87af63ef832f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 127ac839a41bdd9ab92ad47b7411cdaf	29 B	2023-03-08	2024-01-15
Pretty Observations First Seen2023-03-08 14:23:53 Last Seen2024-01-15 00:09:04 Times Seen889 Hash 127ac839a41bdd9ab92ad47b7411cdaf c2f81b12778c909f055c3967caa638b643c4916a b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4 Loading...

	#2 Eval - efd5b3d5dbd2d61d2be305d4cef61ef2	469 B	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 16:34:39 Last Seen2023-03-12 15:54:45 Times Seen1 Hash efd5b3d5dbd2d61d2be305d4cef61ef2 3726f76a029760b04f779486d668f7d1e2a27f69 19bb2d070eface4d325691e9b56e6a1f3e2f97fb6cf031102c03cc3a50b7efe6 Loading...

HTTP Transactions (100)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7767
Expires: Mon, 05 Dec 2022 07:08:35 GMT
Date: Mon, 05 Dec 2022 04:59:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5232
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:08 GMT
Last-Modified: Mon, 05 Dec 2022 03:31:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 04:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2336
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19606
Expires: Mon, 05 Dec 2022 10:25:54 GMT
Date: Mon, 05 Dec 2022 04:59:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: kFZMis4Hxfxl6Cf4r3kHNqknz5BOZadzHZFLvwTIZihVyT1ct3nYEVrLQdmfVSgU50xG7uNMhqk=
x-amz-request-id: V22FM4RCNDZ9KD6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 04:47:16 GMT
age: 712
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:59:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx

34.149.204.188

308 Permanent Redirect

188 B

URL HTTP/1.1
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text
Size
188 B (188 bytes)
Hash
313668ea22a4210abecb1f442fc1dc0e
cf30b7282ba438e0bf60fe4a74a4345483ce6a34
5c1a7dacc7723ec27ff792917bc29f1dc2750e60750e591814a78f12c542dfab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 308 Permanent Redirect
Content-Type: text/html; charset=utf-8
Location: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Replit-Cluster: global
Date: Mon, 05 Dec 2022 04:59:08 GMT
Content-Length: 188
Via: 1.1 google

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 3011
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
202b4654c6f6de2ae54e5ba8200cced5
791971a79e6c1657ed8e6e9db121457a6008a510
4103deb47b69393c0e778547dd7d29032bb645cd1af8a423238ca02f5d23da59

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4103DEB47B69393C0E778547DD7D29032BB645CD1AF8A423238CA02F5D23DA59"
Last-Modified: Mon, 05 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Mon, 05 Dec 2022 10:58:30 GMT
Date: Mon, 05 Dec 2022 04:59:09 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5215
Cache-Control: max-age=106477
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:09 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:33:46 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.208.34.131

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.34.131:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PuPW6F45rdRKtK9ZV7r5NQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8q8E4jrgaWJCO0JcU4hJ7Gn1CWA=

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5278
Cache-Control: max-age=147231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:10 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:53:01 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive

cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js

104.17.25.14

200 OK

28 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.0/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
28 kB (27964 bytes)
Hash
391678ecd81abb89d767676563d04a0d
ca95c965bf5453f22a77969f650d82cc0495aedc
0688a8577842e3019d1880c5e32bf44ab58a93592218886291e05eb8a1907c7b

HTTP Headers

GET /ajax/libs/jquery/3.5.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 27964
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15d95"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 949477
expires: Sat, 25 Nov 2023 04:59:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZTC4X0lLuzDb19x8Y5K%2B2S2b%2B4wtiAvUbHjwQ%2BIXOQCwyxPlqmxCBk8ZlMkMKVJyoV1%2BnM4Ll2DD65IsQODfyt3RVNrZ%2BLPHL3Mh7fZv3AISHR45fqMaVo3xUmVzIfRN1V%2B8fuW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774a3601bafc1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:50:04 GMT
age: 547
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tsL8hmcWaBeKYVG2b4g7ebl-sQ0Z5jZaexEfvldfzq9COcOdzqLhUA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 25856
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7028 bytes)
Hash
9b475d52dd164b9cc0efbecfd58282b6
973e77db7fb34c60e08719dc7196d865e8831cb2
3985e24217a2bd811a0ea9bf0223eb0cda31604986f3467fae028a086a8b827e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d81855b-98f7-4c0c-bfb4-78957d8c433d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7028
x-amzn-requestid: 4d20bc36-d129-468d-b30d-f6b571d528af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKz6G86oAMF9oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abe7f-5f9353c04487352b64ba3bf8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:11:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pjwTv-Ry-1NHzZj6N-Mwul76sDeRSpLlVh7azqqqls44kH-mNhnggw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:59:53 GMT
age: 86358
etag: "973e77db7fb34c60e08719dc7196d865e8831cb2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Mon, 05 Dec 2022 06:34:06 GMT
Date: Mon, 05 Dec 2022 04:59:11 GMT
Connection: keep-alive

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZjAfnCIfBIkjjk0E62TZ7bHsCTUhJk9Wm_wIyhnUNvhgXja5ELfC4g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:15 GMT
age: 25856
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=147231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:11 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 21:53:02 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9825 bytes)
Hash
37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJYTPoArDEx6lR34nZ3DPCAtuWr2lW5qybqaGAu1gSQVdfRq8zlhOg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 25328
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11253 bytes)
Hash
557fea28a0a540d2ffdadd828e03de0b
c314368e2e73dabf2c5d856e2c3e1fae610a3005
0fdd195911cdfff46a6dd8ba7b760953e5317fd7ee88abf1e19458518979fdee

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba66ee21-e2f8-434c-a2b3-004950fdfd58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11253
x-amzn-requestid: e0561a00-8657-4af0-b24c-08b328282f79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_wKE9coAMFjmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1334-2844266d51d5c5672f34ff61;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iT3IPDIK-qKf-y1_x7hZNSW-4GqKLNuX6U__8bY8eZP178PPnD0IeA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:57:03 GMT
age: 25328
etag: "c314368e2e73dabf2c5d856e2c3e1fae610a3005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/page-https-cdn.optimizely.com/js/6261340341.js
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-cdn.optimizely.com/js/6261340341.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx

34.149.204.188

200 OK

54 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 15 x 15\012- data
Size
54 B (54 bytes)
Hash
b0c811c03908e627769be91798d2ca39
ad404412666874be821e3189ee06683d60eefc77
47361c9f2b452dbef25f029bf719f03fc1e2330bd43ecceccb800c773e0824d0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/shared/img-placeholder.ashx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 463106
cache-control: max-age=604800
content-disposition: inline; filename="img-placeholder.gif"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/gif
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Thu, 12 Dec 2019 21:20:20 GMT
replit-cluster: global
server: ECD (aga/86BC)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 54
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5

34.149.204.188

200 OK

573 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (573), with no line terminators
Size
573 B (573 bytes)
Hash
3e81e948274b52f011e819d03e569bfa
d840bd9a5070bf52e24c35d4b481d03896778467
53c4c147e70a8c4b8c359b7794b6d1fe5658902f8a701a2ee20d62b6c0da9bbf

HTTP Headers

GET /page-https-www.adp.ca/-/media/adp/redesign2018/ui/logo-adp-fy19.svg?rev=3fdcec0c1c7349e0a222b9864a196c45&hash=9A54A565FD08ED6AF0528D31B46265D5 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 271775
cache-control: max-age=604800
content-disposition: inline; filename="logo-adp-fy19.svg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/svg+xml
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Fri, 15 Feb 2019 16:22:30 GMT
replit-cluster: global
server: ECD (aga/86BE)
strict-transport-security: max-age=315360000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 573
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278

34.149.204.188

200 OK

7.6 kB

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 768x384, components 3\012- data
Size
7.6 kB (7613 bytes)
Hash
805c3dfedf13730ab0109b9befe26d8b
9a93a48b5b95066450e54e0ca7cd634273dafc11
a59ed5d0828d95e4126fd461ba9dc13bbbd828dabbea0d88a468c6a891b8cfd5

HTTP Headers

GET /page-https-www.adp.ca/-/media/adp/redesign2018/images/resource-hub/hero-insight-mobile.jpg?rev=e27d44daec4a47db8629250869dbe7ef&h=384&w=768&la=en&hash=1D0AFF30111949DAD5333C90C6764278 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 288581
cache-control: max-age=604800
content-disposition: inline; filename="hero-insight-mobile.jpg"
content-security-policy: frame-ancestors 'self' https://adp.lookbookhq.com http://adp.lookbookhq.com https://discover.adp.com http://discover.adp.com https://*.adp.com http://*.adp.ca https://*.adp.ca https://*.us.adp;
content-type: image/jpeg
continent: NA
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
expires: Mon, 12 Dec 2022 04:59:11 GMT
last-modified: Thu, 20 Oct 2022 20:20:42 GMT
replit-cluster: global
server: ECD (aga/86B2)
strict-transport-security: max-age=315360000; includeSubDomains; preload
x-cache: HIT
x-country-code: US
x-region-code: SC
x-ua-compatible: IE=Edge
content-length: 7613
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f

34.149.204.188

200 OK

1.2 kB

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1223 bytes)
Hash
465ce141f9303fa29c5f7e122b0bf23c
f61bb3f037ffba6ff97d5b084216caac55f14b1d
17fe1ee2b4edaac0bb45274c914c2853ac08b85492b0fd2fc7567cec372873c8

HTTP Headers

GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-ca.css?rev=96b3778417684f3b9aa71a533029106f HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 04 Oct 2022 22:21:06 GMT
replit-cluster: global
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-208508211-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-208508211-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43632 bytes)
Hash
2cd9ba0c8ec13b2165cf144dc629eac8
ca75cc9405722a684378cb3c41e0cd5ed4ef026b
5075c48fc28068f737bda879f30f88f94ed8056c975dc191718067d096c3ce8a

HTTP Headers

GET /gtag/js?id=UA-208508211-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:59:11 GMT
expires: Mon, 05 Dec 2022 04:59:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43632
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

milsteelonline.com/-/media/adp2022/ui/icn-search.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-search.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-search.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2682bd51329126ab8b7083015c6050d6
703a3fa0d9dc2449cd1e9d80b6c2483dd2abd54e
6b21484244e3fd1d476dd2a5e278a9abd3ebe54abf1e5404152776a04e004bd4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B21484244E3FD1D476DD2A5E278A9ABD3EBE54ABF1E5404152776A04E004BD4"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4421
Expires: Mon, 05 Dec 2022 06:12:53 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2682bd51329126ab8b7083015c6050d6
703a3fa0d9dc2449cd1e9d80b6c2483dd2abd54e
6b21484244e3fd1d476dd2a5e278a9abd3ebe54abf1e5404152776a04e004bd4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B21484244E3FD1D476DD2A5E278A9ABD3EBE54ABF1E5404152776A04E004BD4"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21554
Expires: Mon, 05 Dec 2022 10:58:26 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive

milsteelonline.com/-/media/adp2022/ui/icn-globe-black.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-globe-black.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-globe-black.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js

192.243.59.13

200 OK

9.8 kB

URL HTTP/1.1
becomesnerveshobble.com/8fa04f55aa21f2ced2759b96e2702ac3/invoke.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26982), with no line terminators
Size
9.8 kB (9809 bytes)
Hash
2bf11646cfaba01c6bd7fba1fa9dcf09
545201cb77965529a15fd30476845e877ca7293d
d63c6a0849c50b2b4a883cc7a243d69fb454c2a7225a3835d0af1ef381a20a9f

HTTP Headers

GET /8fa04f55aa21f2ced2759b96e2702ac3/invoke.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c4b3330ec74416cb1fb1c3d06e765e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js

192.243.59.13

200 OK

13 kB

URL HTTP/1.1
becomesnerveshobble.com/5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (37134), with no line terminators
Size
13 kB (13410 bytes)
Hash
9ad524973df94f84871764690a144770
fa2046abea7fadcced97e12761a126d9db2323ed
c3d69187828f00e5cc3251bd7cf47079b01e8da690a7b20377e9c4bcc8b47687

HTTP Headers

GET /5f/1e/ae/5f1eae6e794b6af625f433ebd20149d6.js HTTP/1.1
Host: becomesnerveshobble.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d98dfaec5ab0ac496ffbe0c50999adf1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
206ba62e3ac45d76baa935ea64fa2edd
4b9f2ab2a56aa6896ccb977dde33dadff86356de
6cbb311ca876627609acd3dcba58520b80ccb10d3b3a705bfe9ad02d26329841

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6CBB311CA876627609ACD3DCBA58520B80CCB10D3B3A705BFE9AD02D26329841"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8102
Expires: Mon, 05 Dec 2022 07:14:14 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive

milsteelonline.com/-/media/adp2022/ui/social-media-sprite.png

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/social-media-sprite.png
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

HTTP Headers

GET /-/media/adp2022/ui/social-media-sprite.png HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

HTTP Headers

GET /-/media/adp/reskin2022/images/resource-hub/bkgd-insight-generic.jpg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-white.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-white.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-txtlink-arrow-white.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-ui.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-txtlink-arrow-ui.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-txtlink-arrow-ui.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121579
Date: Mon, 05 Dec 2022 04:59:12 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:45:31 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LcWC5Npd4U_Ut93amH31EIi4lP6P7J_SL3-3M6oxi1H0Nq7yrzD0-w==
Age: 4463

milsteelonline.com/-/media/adp2022/ui/icn-sm-tw.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sm-tw.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-sm-tw.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-carat-down-ui.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-carat-down-ui.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-carat-down-ui.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-sm-yt.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sm-yt.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-sm-yt.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-sprite.png

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sprite.png
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

HTTP Headers

GET /-/media/adp2022/ui/icn-sprite.png HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-sm-fb.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sm-fb.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-sm-fb.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-sm-ig.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sm-ig.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-sm-ig.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9882
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
39813e1be47701d37968a3120c3162e8
2f76b13b766d7127eb446fc41b17c7f5a3a461db
8b6c010271cb1b5b5e87581f94f396922afb3dcf9b935c0896561d63a197fba4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; expires=Thu, 02 Dec 2032 04:59:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

milsteelonline.com/static/project/adp/fonts/TaubSans-RegularItalic.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/static/project/adp/fonts/TaubSans-RegularItalic.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/project/adp/fonts/TaubSans-RegularItalic.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/static/project/adp/fonts/TaubSans-Bold.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/static/project/adp/fonts/TaubSans-Bold.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/project/adp/fonts/TaubSans-Bold.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/static/project/adp/fonts/TaubSans-Regular.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/static/project/adp/fonts/TaubSans-Regular.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/project/adp/fonts/TaubSans-Regular.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/static/project/adp/fonts/TaubSans-Medium.woff2

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/static/project/adp/fonts/TaubSans-Medium.woff2
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/project/adp/fonts/TaubSans-Medium.woff2 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

milsteelonline.com/-/media/adp2022/ui/icn-sm-ln.svg

34.149.204.188

200 OK

3 B

URL HTTP/2
milsteelonline.com/-/media/adp2022/ui/icn-sm-ln.svg
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
3 B (3 bytes)
Hash
4f4adcbf8c6f66dcfc8a3282ac2bf10a
c35a9fc52bb556c79f8fa540df587a2bf465b940
6b3c238ebcf1f3c07cf0e556faa82c6b8fe96840ff4b6b7e9962a2d855843a0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/media/adp2022/ui/icn-sm-ln.svg HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
content-type: text/plain; charset=utf-8
content-length: 3
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=121628
Date: Mon, 05 Dec 2022 04:59:12 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 14:46:20 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GrFYpfCZHOSgZKHyix2OTeVBv410VJsyUcvtit1IuwswiunqfxC6wQ==
Age: 4512

simplewebanalysis.com/stats

18.185.190.54

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
18.185.190.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
81d8ff5e302563978633666f7d600dd1
aa53067302d759001d27cde5e2ba0e530eb97c58
bbf74a3cf2f443925783c8d53fd55be36e2b4e03e57a7099e29f3d2f8fb6572e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://milsteelonline.com
access-control-allow-credentials: true
set-cookie: uid_id2=f06926fb-ddfc-46e9-bb9e-a43292029e27:2:1; expires=Thu, 02 Dec 2032 04:59:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9882
Expires: Mon, 05 Dec 2022 07:43:54 GMT
Date: Mon, 05 Dec 2022 04:59:12 GMT
Connection: keep-alive

kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js

192.243.61.225

200 OK

29 kB

URL HTTP/1.1
kidhumiliateessay.com/2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
29 kB (28764 bytes)
Hash
e81334d6621316b95ca823f060a1cb2c
6fabca1b64e687e97438acbb61d6113dee53f9ab
4d1655d5bbf46c1763a2b94b92022b5c22500f6b5c7cca1424b32d618b2d30b5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /2e/a9/5f/2ea95f29b78595ba77f8467239f9c258.js HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: baf707c72d82e266aa3ea0765a7e5502
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1

192.243.61.225

307 Temporary Redirect

0 B

URL HTTP/1.1
kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1 HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:12 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Location: https://kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t
Set-Cookie: u_pl=16256856; expires=Tue, 06 Dec 2022 04:59:12 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64; expires=Mon, 05 Dec 2022 05:00:12 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22574b5a5cef737674e1c1272b044191
Strict-Transport-Security: max-age=0; includeSubdomains

192.243.61.225

200 OK

641 B

URL HTTP/1.1
kidhumiliateessay.com/watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (601)
Size
641 B (641 bytes)
Hash
5d72dda75b278f10c2786f219dc881c5
d293810f40c7b99f60113d83243f780d7cdd8678
7e3a5979f01563aca97edfb728e65c56ff0b3676d2d3b73e99eca4a7e2bdd318

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.586522886995.js?key=8fa04f55aa21f2ced2759b96e2702ac3&kw=%5B%22adp%E2%80%99s%22%2C%22diversity%22%2C%22and%22%2C%22inclusion%22%2C%22road%22%2C%22map%22%2C%22%E2%80%94%22%2C%22better%22%2C%22to%22%2C%22best%22%2C%22adp%22%2C%22canada%22%5D&refer=https%3A%2F%2Fmilsteelonline.com%2Fpage-https-www.adp.ca%2Fen%2Fresources%2Farticles-and-insights%2Farticles%2Fb%2Fbetter-to-best-adps-diversity-and-inclusion-road-map.aspx&tz=0&dev=e&res=12.1055&uuid=65555d73-603d-4834-90f0-add3ecc88446%3A3%3A1&shu=2a0bbff27bd562bdf017563b7ed114de81849898b1e7e89a3e6b946c93ea644a84d75aff45f68d16ec1c7794f68ddafe94700160597cc41903f139359009cc1593d78391736f7f8ed8a4d2476bcaa05b2b62581f&pst=1670216412&rmtc=t HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://milsteelonline.com
Referer: https://milsteelonline.com/
Connection: keep-alive
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://milsteelonline.com
Access-Control-Allow-Origin: https://milsteelonline.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; expires=Mon, 12 Dec 2022 04:59:13 GMT; secure; SameSite=None
iprc4e30fb799a24f153e220ff6efd7ad081=2717342; expires=Tue, 06 Dec 2022 06:59:13 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 04:59:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47b4fd0757c09356f735a8b192998091
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

kidhumiliateessay.com/pixel/sbe?t=1&error=timeout

192.243.61.225

200 OK

0 B

URL HTTP/1.1
kidhumiliateessay.com/pixel/sbe?t=1&error=timeout
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: kidhumiliateessay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Cookie: u_pl=16256856; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI1Njg1NiwiayI6IjhmYTA0ZjU1YWEyMWYyY2VkMjc1OWI5NmUyNzAyYWMzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ4NDMyLCJwaWQiOjI4NzQ1OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI3LCJwdCI6NCwicGsiOiJ0cTgxcDVhdyIsImNwa3MiOnsgIjI4IjoiMmVhOTVmMjliNzg1OTViYTc3Zjg0NjcyMzlmOWMyNTgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWlsc3RlZWxvbmxpbmUuY29tL3BhZ2UtaHR0cHMtd3d3LmFkcC5jYS9lbi9yZXNvdXJjZXMvYXJ0aWNsZXMtYW5kLWluc2lnaHRzL2FydGljbGVzL2IvYmV0dGVyLXRvLWJlc3QtYWRwcy1kaXZlcnNpdHktYW5kLWluY2x1c2lvbi1yb2FkLW1hcC5hc3B4In19.RfiyKcE-6SU1mBAxQpzjDHUYYwh5PWVod65-P8FfG64; uid_id2=65555d73-603d-4834-90f0-add3ecc88446:3:1; iprc4e30fb799a24f153e220ff6efd7ad081=2717342; pdhtkv=true; uncs=1; pdhtkv27=true; uncs27=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5575d12e87dd96f370a6ef6332c460bf
4fc5e8837b5c0fcfeba488c58afe7915ae94434f
67016264f28c5cfaf12fa4aa15e69af8f2fc249c2c6eb3428f4723abb5541ec6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67016264F28C5CFAF12FA4AA15E69AF8F2FC249C2C6EB3428F4723ABB5541EC6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15515
Expires: Mon, 05 Dec 2022 09:17:48 GMT
Date: Mon, 05 Dec 2022 04:59:13 GMT
Connection: keep-alive

friendshipmale.com/sfp.js

172.64.141.24

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.141.24:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (28383 bytes)
Hash
61aae037b9981144492a2d70ca9847a6
b272670840e17fc40320a24a7fafb1b1a0cbac48
b0d5c0e8c8347a9f5ef18bc3f2ea1148b015c6fcc81738bbd79e6f34fdf1d295

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 17388a7ea8750b045e68e13b803252d2
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 05 Dec 2022 04:59:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0QdgkDEA%2FWSJNX0gqGQnNsbxlDm1URyRkOx2VqjIgMjirQml2tAaF4ZFLSUQmv9J%2Fjs%2BvX3rknCWQkm0l2usmuXw40iplfNdpnnykxOFeefdS0pHOCeQUJ%2FPSJbmdJx2x2dvA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a360bf9757756-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.spikereekvelocity.com/dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856

192.243.61.225

302 Found

0 B

URL HTTP/1.1
www.spikereekvelocity.com/dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /dyfc1k09?shu=dce65c11589731c33a75727605d2e322750b811626b5245353298ca3d06b8f7531152adc024e30251fcec7f17b28ab308725f16b006c49d257b8146892fdaa2850ed8643d49dc04e496c0d470dd1b386d388fc6ff1d445c3fc1ae515a54067&pst=1670216413&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fmilsteelonline.com%2F&psid=16256856 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122935,16122660; pdhtkv=true; uncs=1; pdhtkv28=true; uncs28=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTYyNTY4NTYiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjIsImF1IjoyLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9taWxzdGVlbG9ubGluZS5jb20vIn19.uNNvXDCNSbndzqy4pURZ3cDH74xqokStXEta2nyzaSY; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 04:59:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Set-Cookie: uncs=2; expires=Tue, 06 Dec 2022 04:59:14 GMT
uncs28=2; expires=Tue, 06 Dec 2022 04:59:14 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5095aa2bd502745c70f1871f87174eb
Strict-Transport-Security: max-age=0; includeSubdomains

dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51

3.212.50.125

302

0 B

URL HTTP/1.1
dipaka-ead.com/zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP
3.212.50.125:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zcvisitor/9050f712-7459-11ed-8717-1231d5b799c5/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Date: Mon, 05 Dec 2022 04:59:14 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Server: jFeIVydX

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7927960ce41e3ef457eb817020b34
6f4b4b6b47d045d9948235c5635dc418c74631d6
729caa785d1fa36caca999b56682b9515cf32088c06a70ef4f3f14a93855e90b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "729CAA785D1FA36CACA999B56682B9515CF32088C06A70EF4F3F14A93855E90B"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19802
Expires: Mon, 05 Dec 2022 10:29:16 GMT
Date: Mon, 05 Dec 2022 04:59:14 GMT
Connection: keep-alive

shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777

135.181.6.240

200 OK

569 B

URL HTTP/1.1
shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
IP
135.181.6.240:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Size
569 B (569 bytes)
Hash
de05cd85adadee9aec0e60f0556fb502
26089bd27c386007f95c6f73c5f213c6846b995e
1d09de2b16fbdb486be2ad415577fec4c0405c33dc4bdcfbda95bd39c482ffa0

HTTP Headers

GET /go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:14 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

shopde.pricedeals.shop/favicon.ico

135.181.6.240

404 Not Found

285 B

URL HTTP/1.1
shopde.pricedeals.shop/favicon.ico
IP
135.181.6.240:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
285 B (285 bytes)
Hash
7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 04:59:14 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY

135.181.6.240

200 OK

466 B

URL HTTP/1.1
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY
IP
135.181.6.240:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (362)
Size
466 B (466 bytes)
Hash
44ee2679785ce2bc3e3f1253c2897d74
796897bb128734395c4f8542845bc2e814318f46
2fada1a057ecf34df76dfbd4dce99d048d2c78bf2b1dae3ea5916c07138676a5

HTTP Headers

GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzAyMTQ0MDgyNjUmLnNpZz1SMnhFYVh4Ni5xQ2tmdVZEaEFzY3J2cGZ1QlEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTQ3MDQ5MTMmY291bnRyeT1ubyZvZmZlcklkPTY3NTliZDM2YjZjNTQ0NmJiNTFjZjcyOTc0MTk0NTZjJnNlcnZpY2U9MzcmdG9rZW5JZD0zMmYzNDMxMi1mMjAzLTQwNzAtODY4NS01NDJmYjEyN2IxMTAmd2FpdD10cnVlJmFkZGVkUGFyYW1zPXRydWUmY3VzdG9tMT01MSY HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr9050f712745911ed87171231d5b799c52ef03866fec44fcab361fb5bcac6766806948422583e428777
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:15 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 466
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

status.thawte.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.thawte.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b479c27a6e6909ff43b5650238b5af27
e81427361cd3d797f1d6d047aa5efb768b5f23a7
e477a0350b397c500a6bb6fa46aa3dc4012a1cd0eceff505bc339c177e4562fb

HTTP Headers

POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:16 GMT
Last-Modified: Mon, 05 Dec 2022 03:45:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&

95.211.116.27

200 OK

28 kB

URL HTTP/1.1
no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002)
Size
28 kB (28262 bytes)
Hash
604ea869d9cf3f7c23748080ab5133a4
94cfb690c08476b7a9e89c19b2a2396a20b9fc18
42341d04d4f8e1043deafba858670015625b3653a7a90d300e2418d2a7a6e0e4

HTTP Headers

GET /ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51& HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289
clickId: 107698111_1670216356806_2601794
country: no
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.017294S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/html; charset=UTF-8
Content-Length: 28262
Set-Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:16 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
kelkooID=a4c626f-184e0a713c7-c81fe; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:16 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive

no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794

95.211.116.27

200 OK

68 B

URL HTTP/1.1
no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
91e42db1c66c0b276abf6234dc50b2eb
c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

HTTP Headers

GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
Request-Time: PT0.001345S
X-Robots-Tag: noindex,nofollow
Cache-Control: private, must-revalidate
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: image/png
Content-Length: 68
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=86
Connection: Keep-Alive

no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794

95.211.116.27

200 OK

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794 HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Content-Type: text/plain;charset=utf-8
Content-Length: 548
Origin: https://no-go.kelkoogroup.net
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:59:16 GMT
Request-Time: PT0.0061S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=97
Connection: Keep-Alive

no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout

95.211.116.27

303 See Other

0 B

URL HTTP/1.1
no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout
IP
95.211.116.27:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff4376051d4e1eb650ae25ab13bff73fb1939afe7b8b5125daaad0cf0ef11d3c19c4bfb1e24eaea8f020ae296da3835a498b66b9740cde24fbc91b31936b6b826c06f90c1e0e4b484c4c42055edca67cee27832d474c7d3a51f73f433742499d855a56127a8a0faf58ed819083449d346419bb3455539697a6ea7138ab773bccce8ad3fe38c0e608a686d16e0e8552b74a59507f05c3adde1ecf34d0568c469ab39674a322ca80058483a&leadId=dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289&clickId=107698111_1670216356806_2601794&url=https%3A%2F%2Fjunkyard.com%2Fno%2Fp%2Fobey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre%2F7345437_F710%3Fkk%3Da4c626f-184e0a713c7-c81fe%26utm_source%3Dkelkoono%26utm_medium%3Dcpc%26utm_campaign%3Dkelkooclick%26utm_term%3DObey%2BBukser%2B%25E2%2580%2593%2BBig%2BEasy%2BCanvas%2BSvart%2BMale&initiator=timeout HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/ctl/go/offersearchGo?.ts=1670214408265&.sig=R2xEaXx6.qCkfuVDhAscrvpfuBQ-&affiliationId=96979714&comId=14704913&country=no&offerId=6759bd36b6c5446bb51cf7297419456c&service=37&tokenId=32f34312-f203-4070-8685-542fb127b110&wait=true&addedParams=true&custom1=51&
Connection: keep-alive
Cookie: datadome=5FVF~MLb9bqnaOM4XVJKQ7JY-Yq67jGVxirOqYOTGhjKezohsiFyAGSBcJwxngeqjVYWa0b1DSANrOXncGSYqg7AfWYUFocyOqSnYuLwd~NrpUu9ydOgVfejEwnTADsn; kelkooID=a4c626f-184e0a713c7-c81fe; _ga=GA1.2.29496852.1670216354; _gid=GA1.2.547941090.1670216354
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 303 See Other
Date: Mon, 05 Dec 2022 04:59:17 GMT
leadId: dc1-kls-prod-ls-01.prod.dc1.kelkoo.net_1670216356814_2083289
clickId: 107698111_1670216356806_2601794
country: no
Location: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
X-DataDome: protected
Request-Time: PT0.015433S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Content-Length: 0
Set-Cookie: datadome=6c_YgFfP4thPKu4cnKpeFFY9Fk1jkYmj7RYY_lqdVrjtyzbcClXgCIC8Xt4gRr_mcGUD5~htoz0YzSPv-nN-bH5zbxrLl-VtlrqpjmatZkpOPhho04SFq6lgl6XTemcE; Max-Age=31536000; Expires=Tue, 05 Dec 2023 04:59:17 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
P3P: CP="Anything"
ApacheTracking: localhost
Keep-Alive: timeout=40, max=100
Connection: Keep-Alive
Content-Type: text/plain

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
836cf9e1aa494dca1295e3f832365b4a
d1a4d25a078d34e6d27254c0ec585e888d57aca4
c68aeae387f9a16d3b6975186bb78ade78635832ec1ffcec7178eac1cac02790

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128258
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:17 GMT
Etag: "638ccca7-117"
Expires: Tue, 06 Dec 2022 16:36:55 GMT
Last-Modified: Sun, 04 Dec 2022 16:36:55 GMT
Server: nginx
Content-Length: 279

junkyard.com/static/css/app.acb11126b840f3bca2c6.css

104.18.10.54

200 OK

36 kB

URL HTTP/2
junkyard.com/static/css/app.acb11126b840f3bca2c6.css
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
36 kB (35911 bytes)
Hash
2355eac4898e77774079f2828945ba3d
346ceed48c87f25e0057220355b7f56f333e058d
55b1fee2e57ce1d16c5ac2809bb0f891e8a15de25e6349f01c9fa861468db1fe

HTTP Headers

GET /static/css/app.acb11126b840f3bca2c6.css HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/css
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 14:42:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2849195
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bab529-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
f44f9f9447027e069a0dc67ebaf08a54
335ba0ba0b3fe6b9a9293fd113341b5eacf320ef
447a28fc1d1fccfdc5086dbe3f2e161935b17b39fed7059a82229f2d248a3182

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4293
Cache-Control: max-age=96898
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:59:17 GMT
Etag: "638c4162-117"
Expires: Tue, 06 Dec 2022 07:54:15 GMT
Last-Modified: Sun, 04 Dec 2022 06:42:42 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279

junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js

104.18.10.54

200 OK

18 kB

URL HTTP/2
junkyard.com/no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (58247), with no line terminators
Size
18 kB (17874 bytes)
Hash
238e6d5e95026386af21114d63233f01
cdefb99a6aeb7d15f77ea462714753c6022d27f8
ac472ca16382f4abf860fcaca44a128a57c0e09e449a6cdf5c15f8eee26b31a7

HTTP Headers

GET /no/api/sitesettings/get/4.14.39.17-57-392-19-30-19-22-39-19-9-6-101-152-5-4-11-20-7-9.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/x-javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
servedby: var-p-webp8
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Dec 2022 11:04:10 GMT
cf-cache-status: HIT
age: 237307
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bdb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

junkyard.com/static/build/datalayer.32bda4.bundle.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/static/build/datalayer.32bda4.bundle.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/build/datalayer.32bda4.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
vary: Accept-Encoding
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727224
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948bcb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

junkyard.com/static/build/client.0ddd58.bundle.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/static/build/client.0ddd58.bundle.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/build/client.0ddd58.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
vary: Accept-Encoding
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727224
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c4b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx

34.149.204.188

200 OK

0 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 05 Dec 2022 04:59:10 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2

junkyard.com/Static/generated/logo.svg?4.14.39.17

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/Static/generated/logo.svg?4.14.39.17
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Static/generated/logo.svg?4.14.39.17 HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: image/svg+xml
cache-control: public, max-age=31536000
last-modified: Fri, 11 Nov 2022 12:41:58 GMT
servedby: var-p-web21
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1727223
expires: Tue, 05 Dec 2023 04:59:17 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c6b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

104.18.3.3

200 OK

0 B

URL HTTP/2
cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
IP
104.18.3.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
content-md5: bKkFjZE43AfZo3jm8gqLew==
last-modified: Fri, 02 Dec 2022 02:44:42 GMT
x-ms-request-id: 4c8ab55a-601e-0004-6d9f-06b54a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 13049
expires: Tue, 06 Dec 2022 04:59:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774a36299c7d0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993

104.16.57.101

200 OK

0 B

URL HTTP/2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
104.16.57.101:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://junkyard.com
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 774a3629bea0b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cookie-cdn.cookiepro.com/scripttemplates/202211.1.0/otBannerSdk.js

104.18.3.3

200 OK

0 B

URL HTTP/2
cookie-cdn.cookiepro.com/scripttemplates/202211.1.0/otBannerSdk.js
IP
104.18.3.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /scripttemplates/202211.1.0/otBannerSdk.js HTTP/1.1
Host: cookie-cdn.cookiepro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
content-md5: 9qSRvp3H9roScfT6qXUxeQ==
last-modified: Fri, 11 Nov 2022 02:37:39 GMT
x-ms-request-id: a75738a1-701e-0037-1796-f5eae1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 8846
expires: Tue, 06 Dec 2022 04:59:17 GMT
cache-control: public, max-age=86400
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774a362aacdd0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2

junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-frame-options: SAMEORIGIN
servedby: var-p-web24
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
set-cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; expires=Sun, 12-Feb-2023 15:39:17 GMT; path=/; HttpOnly; SameSite=None; secure
VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; expires=Mon, 12-Dec-2022 04:59:17 GMT; path=/; secure; SameSite=None; secure
ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; path=/; secure; HttpOnly; SameSite=Lax; secure
Varner_MainCategory=Men; path=/; secure; SameSite=None; secure
__cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66; path=/; expires=Mon, 05-Dec-22 05:29:17 GMT; domain=.junkyard.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a36282850b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814

34.149.204.188

200 OK

0 B

URL HTTP/2
milsteelonline.com/page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-https-www.adp.ca/-/media/adp2022/main/css-main-base.css?rev=ea9eff7acca748c68e1ab3fbaaa20814 HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
last-modified: Tue, 01 Nov 2022 15:04:25 GMT
replit-cluster: global
X-Firefox-Spdy: h2

junkyard.com/static/build/apptustracking.1486af.bundle.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/static/build/apptustracking.1486af.bundle.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/build/apptustracking.1486af.bundle.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 14:42:22 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2849195
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362958c5b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

milsteelonline.com/assets/inject.js

34.149.204.188

200 OK

0 B

URL HTTP/2
milsteelonline.com/assets/inject.js
IP
34.149.204.188:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/inject.js HTTP/1.1
Host: milsteelonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://milsteelonline.com/page-https-www.adp.ca/en/resources/articles-and-insights/articles/b/better-to-best-adps-diversity-and-inclusion-road-map.aspx
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 04:59:11 GMT
expect-ct: max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
replit-cluster: global
X-Firefox-Spdy: h2

junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/commonUI/script/js/vendors/jquery-3.5.1.min.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /commonUI/script/js/vendors/jquery-3.5.1.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Mon, 06 Dec 2021 15:48:20 GMT
vary: Accept-Encoding
servedby: var-p-webp1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 31359087
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c0b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/commonUI/script/js/vendors/react-17.0.2.min.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /commonUI/script/js/vendors/react-17.0.2.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 12:29:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 13260306
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c1b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js

104.18.10.54

200 OK

0 B

URL HTTP/2
junkyard.com/commonUI/script/js/vendors/react-dom-17.0.2.min.js
IP
104.18.10.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /commonUI/script/js/vendors/react-dom-17.0.2.min.js HTTP/1.1
Host: junkyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/no/p/obey-bukser--big-easy-canvas-gronn-bukser-diverse-bukser-herre/7345437_F710?kk=a4c626f-184e0a713c7-c81fe&utm_source=kelkoono&utm_medium=cpc&utm_campaign=kelkooclick&utm_term=Obey+Bukser+%E2%80%93+Big+Easy+Canvas+Svart+Male
Cookie: .ASPXANONYMOUS=_S2rvtdMNiuifZcRMKBNerDNV6GMxoUCdezbqZAaUZb6ri0yOEjAAERVCwvBCLZwaAWWGEQeUqp-u2MuJG-pozYTMb1XtvUWBJ70OaofEJlEu0eKfMIcKod2McZfZlklWvEklQ2; VarAptSKey=6f05f9e1-827c-4fdd-ad52-32f1860626da; ASP.NET_SessionId=nbilfr0ezc2v11k1umpyar2s; Varner_MainCategory=Men; __cf_bm=BX6SIc9mV9K2yhLO3f7DYvQl2aLglqBWB08M8Ym101A-1670216357-0-ARNZlcW8NDmW9UXzm4hfcWYicOChbEbgb8aXelrJoISehbFzlZ4iy0lpT1Miu23hRCNho0ryuhxohnKH+s5Nl+Qk3vw70+06c/WOO10Qbn66
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:59:17 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
last-modified: Wed, 19 Jan 2022 12:29:36 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
servedby: var-p-webp2
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 27558753
expires: Tue, 05 Dec 2023 04:59:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 774a362948c2b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

eu-library.klarnaservices.com/lib.js

54.230.111.80

200 OK

0 B

URL HTTP/2
eu-library.klarnaservices.com/lib.js
IP
54.230.111.80:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lib.js HTTP/1.1
Host: eu-library.klarnaservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://junkyard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 13:38:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 05 Dec 2022 04:55:23 GMT
cache-control: max-age=900
etag: W/"50f8de9b09f8d24965d7510eb0aa6df8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qYOlDsYYUa0LqsvAjmNQRvU5kVsHrR-49Z8M7dCaFqgn9qwkSNvd7Q==
age: 244
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations