firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 02:15:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T6994o_ENeqNntyc6gKTanMEBOYiDYxf5xjLN0_4p_7iQpWnAvoIAg==
Age: 3000
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11931
Expires: Mon, 26 Sep 2022 06:24:07 GMT
Date: Mon, 26 Sep 2022 03:05:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: t_Vo2alvyCz4j7JE0eUsdOaldsUqVaiDUoCKPVFTEc6OIVviN1vy9Q==
age: 81002
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 03:05:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mail.quality-ind.com/
166.62.25.253200 OK 5.2 kB IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (501), with CRLF, LF line terminators
Hash d8cccd24a565a18a273bc212536edfc5
7e5f8ee1bad87ac0b14e3267142d8699811dff31
fafa9ee6f92d22e3ae3338a2f91b7f1fa59bdae9346558c5e2861cd23f7b4e20
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:16 GMT
Server: Apache
X-Powered-By: PHP/5.6.40
Set-Cookie: dir_lang=en; expires=Wed, 26-Oct-2022 03:05:16 GMT; Max-Age=2592000; httponly
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5214
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 03:04:17 GMT
Expires: Mon, 26 Sep 2022 03:22:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OHT5v7axnWeL3PO9ialCYj4N4vCgIfMTRUGFcfsP6ZqHhKKZhdC_0A==
Age: 60
mail.quality-ind.com/font-awesome/font-awesome.css
166.62.25.253200 OK 7.4 kB URL HTTP/1.1 mail.quality-ind.com/font-awesome/font-awesome.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type troff or preprocessor input, ASCII text, with very long lines (327)
Hash 701a37363c22dc7c79cdc9082226633d
ea682a9f6d3da7073f4be364cbb5ff976a6f86b9
5a3ebeef0a8fe3b4bbc77f3e120b76ce5150bb812ba3f66f65f8d3371ed47d00
GET /font-awesome/font-awesome.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 11 May 2017 07:40:12 GMT
ETag: "49000fc-91f0-54f3ab2eb0f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7430
Keep-Alive: timeout=5
Content-Type: text/css
mail.quality-ind.com/font-awesome/font-awesome.min.css
166.62.25.253200 OK 7.1 kB URL HTTP/1.1 mail.quality-ind.com/font-awesome/font-awesome.min.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (33045), with no line terminators
Hash 4ad965cb3bd6f792c8d3372220b08c13
f44544e026c180be0ddcca391c6fca310996b62c
aef1d449077def7db642e21daf321b8bc0f2702e82debb8a18bb1a19d9e27fbc
GET /font-awesome/font-awesome.min.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Thu, 11 May 2017 07:20:48 GMT
ETag: "49000fd-8115-54f3a6d89d400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7085
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5066
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:17 GMT
Last-Modified: Mon, 26 Sep 2022 01:40:52 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
mail.quality-ind.com/plugins/prettyphoto/css/prettyPhoto.css
166.62.25.253200 OK 2.7 kB URL HTTP/1.1 mail.quality-ind.com/plugins/prettyphoto/css/prettyPhoto.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (402)
Hash 443960695a031ab1d3710f19eac24563
fab26bad06eedc46a1dedf5a7ca7eb9c1d9d491b
8fa649b7e7280c85a3383b77e94e39ab0b22b090c66becd75d8689f885a313d1
GET /plugins/prettyphoto/css/prettyPhoto.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:02:08 GMT
ETag: "4900cb0-4900-4f7ba5e7bec00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2734
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
mail.quality-ind.com/css/style_en.css
166.62.25.253200 OK 16 kB URL HTTP/1.1 mail.quality-ind.com/css/style_en.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type assembler source, ASCII text, with very long lines (492)
Hash 198cb2cfa6ec5ee1c0f3027716b358a8
53899c79fd7322808fa4f288a046cb3af498d0a7
b910dc5380d19ddf7066c1e1e59bfe86e4511d6957805b8031af367cdaf04eba
GET /css/style_en.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 06 Nov 2017 22:31:00 GMT
ETag: "49000f6-14062-55d580242f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15650
Keep-Alive: timeout=5
Content-Type: text/css
mail.quality-ind.com/css/bootstrap_en.css
166.62.25.253200 OK 16 kB URL HTTP/1.1 mail.quality-ind.com/css/bootstrap_en.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type assembler source, ASCII text
Hash 8404041c770d2a2a5f0ab5435309adda
bbbbe62e47739a8e41cec77973d7b1fb9875806a
97944a1023da81c95cc7ef0f975d6681b1e05588714cf2fe07d12d4bd3719d2e
GET /css/bootstrap_en.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 31 Oct 2017 05:09:12 GMT
ETag: "49000e8-1ba37-55cd0c1724e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15994
Keep-Alive: timeout=5
Content-Type: text/css
fonts.googleapis.com/css?family=Montserrat:400,700
142.250.74.10200 OK 521 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat:400,700
IP 142.250.74.10:0
Hash b52e405858cd07e929b5387c0ed0d1de
8dc157b5ece5222f0f175eee9379a699dee76cd8
e289bd897465ef8c6c74d81d09ee98cf500d744073df727158f6323caf335547
GET /css?family=Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Sep 2022 03:05:17 GMT
Date: Mon, 26 Sep 2022 03:05:17 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
142.250.74.10200 OK 793 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic
IP 142.250.74.10:0
Hash 2de837eb869ca1ed7cbd5920d1d33d7f
cc1dff9972e1921849c83cfd02a51c1dff56ff04
08a3754c4b9d5329748aa4c9de2bda26dc6655c816d5546b71f70a869c164c26
GET /css?family=Open+Sans:400,400italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Sep 2022 03:05:17 GMT
Date: Mon, 26 Sep 2022 03:05:17 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
mail.quality-ind.com/css-switcher/style-switcher-en.css
166.62.25.253200 OK 886 B URL HTTP/1.1 mail.quality-ind.com/css-switcher/style-switcher-en.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 066ba0fe8dfb835346f287a7c90e5028
ee1d17cfbad0a11a1efe2f156ceb51475fbd0e00
ae33eee63b1ed327918d38be2d5ca88f0858a0018607ff0c630042e910a1d8fe
GET /css-switcher/style-switcher-en.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 01 Nov 2017 11:40:04 GMT
ETag: "49000fa-ac3-55cea5522cd00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 886
Keep-Alive: timeout=5
Content-Type: text/css
mail.quality-ind.com/style-switcher/colors/yellow.css
166.62.25.253200 OK 18 kB URL HTTP/1.1 mail.quality-ind.com/style-switcher/colors/yellow.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (518), with CRLF line terminators
Hash fe0f7b90a8d86fa95fcf822a911a8d87
302d06d8c43d61144c95d7b8d83f2be578edac2b
a19da5bd1ff2410705dd37c0051b8edff545f2afd879f49cda5253cb6cf8b6a2
GET /style-switcher/colors/yellow.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 02 Nov 2017 12:05:40 GMT
ETag: "4900ce0-1b809-55cfece87ad00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17686
Keep-Alive: timeout=5
Content-Type: text/css
mail.quality-ind.com/css-social-side/social-side-icons-en.css
166.62.25.253200 OK 1.7 kB URL HTTP/1.1 mail.quality-ind.com/css-social-side/social-side-icons-en.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (427)
Hash 0d17aa7344623f393c046e168aea1343
bc9700a5fe20009220ca5eaf1968c5b00e29eb9c
9db8a16a9dfbae12a7963c9b0fe0c8fee24b0ddc662464d86bd1e3c84010672f
GET /css-social-side/social-side-icons-en.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 05 Oct 2017 17:59:14 GMT
ETag: "49000f8-3e1a-55ad07b6d2080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1672
Keep-Alive: timeout=5
Content-Type: text/css
push.services.mozilla.com/
52.41.246.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.246.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IU06YSWWLgePA9lvQ5cyFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X/149cHFjR481Rh4im8T43Uxjzo=
mail.quality-ind.com/js/jquery-2.0.0.min.js
166.62.25.253200 OK 29 kB URL HTTP/1.1 mail.quality-ind.com/js/jquery-2.0.0.min.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32110)
Hash e37d33d91d0f38adfc820e2982e57249
f26544191b4a0a597dc100f17e0b895a3d660333
72ac31073bf2fe7a135c4e5ac0acef4e01c5c82d01a3b2d7ba2556d141d47900
Analyzer Verdict Alert fortinet Phishing
GET /js/jquery-2.0.0.min.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:30 GMT
ETag: "4900444-14497-4f7ba5c381680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29100
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/plugins/owl-carousel/js/owl.carousel.min.js
166.62.25.253200 OK 6.7 kB URL HTTP/1.1 mail.quality-ind.com/plugins/owl-carousel/js/owl.carousel.min.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (14906)
Hash 5bbf8ebbbe464209104410532bca8018
2096a77a28acf619c351506c9ebc7703fbba0ed1
208d298181b5224b4a6556041b779f738479183a701f8f4d68847ff1186e5203
Analyzer Verdict Alert fortinet Phishing
GET /plugins/owl-carousel/js/owl.carousel.min.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:02:02 GMT
ETag: "4900caf-3ad4-4f7ba5e205e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6734
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/plugins/prettyphoto/js/prettyphoto.js
166.62.25.253200 OK 6.0 kB URL HTTP/1.1 mail.quality-ind.com/plugins/prettyphoto/js/prettyphoto.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (21798)
Hash 0535bd7b08590c42e9a20db900eb49c1
4f633b424d32cc87a244f8bf2fd81e3f80449b7d
9f424e7e1e83ad191657e1fb903b46d47aedc45d51362c7fe0f3b3bd5befb16e
Analyzer Verdict Alert fortinet Phishing
GET /plugins/prettyphoto/js/prettyphoto.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:02:16 GMT
ETag: "4900cd1-5641-4f7ba5ef5fe00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6007
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/js/bootstrap.js
166.62.25.253200 OK 7.3 kB URL HTTP/1.1 mail.quality-ind.com/js/bootstrap.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27674)
Hash f578f1a7173874834a9cc3c63c4ee31c
63ba3a85738131b749bda191d52e0c64fb0fd867
f3b967de9245f8edd47dc850e817c8331921c22f6a00b8d983f7be44ed8666eb
Analyzer Verdict Alert fortinet Phishing
GET /js/bootstrap.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:24 GMT
ETag: "490043f-6d04-4f7ba5bdc8900-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7266
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/plugins/flexslider/js/jquery.flexslider.js
166.62.25.253200 OK 9.0 kB URL HTTP/1.1 mail.quality-ind.com/plugins/flexslider/js/jquery.flexslider.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 136461f991c4f69f6f35e05e9764809f
a256af4d666545928298998478d3078ff9d3ffca
9db9c158d8643187b77525c95285c6c94884e540411f937cfc55a248c8e574fe
Analyzer Verdict Alert fortinet Phishing
GET /plugins/flexslider/js/jquery.flexslider.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:52 GMT
ETag: "4900ca9-9e27-4f7ba5d87c800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8980
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/js/helper-plugins.js
166.62.25.253200 OK 29 kB URL HTTP/1.1 mail.quality-ind.com/js/helper-plugins.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (15714)
Hash ecb924ea2fdbc8233329c331a0291d82
02f495e68bfd66b2c4a494da92f0308219395fbd
c2b5efb22f47e0a426975db2080b7461028d04537f217bbebde4ce7f13c1590d
Analyzer Verdict Alert fortinet Phishing
GET /js/helper-plugins.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:17 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:26 GMT
ETag: "4900440-15827-4f7ba5bfb0d80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 29338
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/js/waypoints.js
166.62.25.253200 OK 2.6 kB URL HTTP/1.1 mail.quality-ind.com/js/waypoints.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (7808)
Hash c420e1e2834012cb6dab16c6b5cb90c5
a95fb47e45efea7ad2f1ee7fa2a5f1f1ccd135b3
642ee9f7926d67d2c2c8d9b49239346610ac6205a56c25bbec0482d1de489b58
Analyzer Verdict Alert fortinet Phishing
GET /js/waypoints.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:30 GMT
ETag: "4900543-1f6c-4f7ba5c381680-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2615
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/style-switcher/js/jquery_cookie.js
166.62.25.253200 OK 1.4 kB URL HTTP/1.1 mail.quality-ind.com/style-switcher/js/jquery_cookie.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 83cdfd7f0b58f54ec51de87820cddf21
cff9e8d15b9b84c9b73b14ccb3bd6ff2a7cfac66
1ae7e278b0b0a28f76739128e0a61f44e2a13d7660f849ed6dfa8b8e51a9810f
Analyzer Verdict Alert fortinet Phishing
GET /style-switcher/js/jquery_cookie.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:03:06 GMT
ETag: "4900cea-1104-4f7ba61f0ee80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1428
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/js/init_en.js
166.62.25.253200 OK 4.4 kB URL HTTP/1.1 mail.quality-ind.com/js/init_en.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 563bc859df80d70903a4f65ece8fcfae
baffd7f4185f94ad1b115e857d1ed34ba0f50321
0472ef0cd8692144165be9072f81b7616b551966101c3ebfe05e8e6e89c28fc0
Analyzer Verdict Alert fortinet Phishing
GET /js/init_en.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Mon, 25 Jan 2016 20:26:38 GMT
ETag: "4900443-45cc-52a2e62ccbb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4392
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/style-switcher/js/script.js
166.62.25.253200 OK 808 B URL HTTP/1.1 mail.quality-ind.com/style-switcher/js/script.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 41ff363ef327b517bfaf6cc10b4a6f15
cc4a8a82a68c6a64ffdb416dfca72b131307c702
0b39f944fc0d4c85921e3ef855f85be135d8b29c6e1eb1d04d2eda908ca21fec
Analyzer Verdict Alert fortinet Phishing
GET /style-switcher/js/script.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Tue, 31 Oct 2017 05:32:12 GMT
ETag: "4900ceb-d68-55cd113b36f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 808
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/plugins/owl-carousel/css/owl.theme_en.css
166.62.25.253200 OK 966 B URL HTTP/1.1 mail.quality-ind.com/plugins/owl-carousel/css/owl.theme_en.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash e9dcdf02de60d8252d3370fde4580105
e9bdaa5662b7dddd736f8890a271fdef59b4d24f
b3e38305ea6da57b9ee10d9d4f2b3d4483c210f4694f95f8f53c7adcf720cdcc
GET /plugins/owl-carousel/css/owl.theme_en.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:58 GMT
ETag: "4900cad-d55-4f7ba5de35580-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 966
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
mail.quality-ind.com/bar/liMarquee.css
166.62.25.253200 OK 407 B URL HTTP/1.1 mail.quality-ind.com/bar/liMarquee.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 934f27dfdab58551ed41911811217a57
45009499bd4d92a6cc825fcd608a4092b7557471
87714042a827c14566298fd36adafa24eb0a6db3b4c05e1127675e2aeec43ac9
GET /bar/liMarquee.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Tue, 27 Sep 2016 02:52:32 GMT
ETag: "49000e1-40f-53d7456019c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 407
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
mail.quality-ind.com/js/modernizr.js
166.62.25.253200 OK 6.1 kB URL HTTP/1.1 mail.quality-ind.com/js/modernizr.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text, with very long lines (14502)
Hash 101a85c30d606ce4d1491479bdc77ab0
1d98148348aa3e4d0a311e8e8045ed89f3db892e
58bc2b0b5544c161012dd603dae87284f07ac686c8f1ca09ca08ee2746b0e7bc
Analyzer Verdict Alert fortinet Phishing
GET /js/modernizr.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:28 GMT
ETag: "4900445-3b31-4f7ba5c199200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6133
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/plugins/owl-carousel/css/owl.carousel.css
166.62.25.253200 OK 1.1 kB URL HTTP/1.1 mail.quality-ind.com/plugins/owl-carousel/css/owl.carousel.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 7307ed48839c2fe966a7fe1ab7b9e0ac
759b08e01829adee15d7e6c38233cd51bdc73915
66df638cf5dfb93ec88cbbfc5a9001ae5a1494a4999c53f5e1281f4f9c45a12d
GET /plugins/owl-carousel/css/owl.carousel.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:01:56 GMT
ETag: "4900cab-172e-4f7ba5dc4d100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1123
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
mail.quality-ind.com/bar/jquery.liMarquee_en.js
166.62.25.253200 OK 6.2 kB URL HTTP/1.1 mail.quality-ind.com/bar/jquery.liMarquee_en.js
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5845fbf70bddef420a67e6d0bacde313
d1754ea1ffc2e5815e281ba07a0ed74c437ff64e
29050bd3077c8a27afbf6a60b944f9e29912b189f984d60b31235bf9b1bbb349
Analyzer Verdict Alert fortinet Phishing
GET /bar/jquery.liMarquee_en.js HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 03 May 2017 19:23:06 GMT
ETag: "49000e0-6dac-54ea395f43a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6198
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
mail.quality-ind.com/css/animations.css
166.62.25.253200 OK 3.3 kB URL HTTP/1.1 mail.quality-ind.com/css/animations.css
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (460)
Hash dd5d56314339a1c2b629277bf51d1fcd
0dae60c5643f909c146fa81e58f2159aca125420
bd6698546920753afa531821557a1bf79a401125ec90a446ac61d8858202039a
GET /css/animations.css HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/css/style_en.css
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Wed, 23 Apr 2014 19:00:58 GMT
ETag: "49000e6-6e7e-4f7ba5a4fce80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3302
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.quality-ind.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Sep 2022 21:39:32 GMT
Expires: Tue, 19 Sep 2023 21:39:32 GMT
Cache-Control: public, max-age=31536000
Age: 537946
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.quality-ind.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 22 Sep 2022 16:50:23 GMT
Expires: Fri, 22 Sep 2023 16:50:23 GMT
Cache-Control: public, max-age=31536000
Age: 296095
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
142.250.74.163200 OK 48 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.quality-ind.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 47952
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Sep 2022 01:08:42 GMT
Expires: Wed, 20 Sep 2023 01:08:42 GMT
Cache-Control: public, max-age=31536000
Age: 525396
Last-Modified: Mon, 15 Aug 2022 18:22:41 GMT
Content-Type: font/woff2
mail.quality-ind.com/images/services/i558966.jpeg
166.62.25.253200 OK 47 kB URL HTTP/1.1 mail.quality-ind.com/images/services/i558966.jpeg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x530, components 3\012- data
Hash 92000b5cccac96387b951c657ee440d3
a58c9392e74dbc47b40a88ab0c4e8cc52202c988
f20ff5dad4c637fc4e4b6f86a5139f5c12bf5032699751d6cd5ce44a7b75fbe4
Analyzer Verdict Alert fortinet Phishing
GET /images/services/i558966.jpeg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Tue, 16 Jun 2020 09:15:32 GMT
ETag: "49003df-b854-5a82ffc42152b"
Accept-Ranges: bytes
Content-Length: 47188
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/s/player/abfb84fe/www-player.css
142.250.74.110200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/www-player.css
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecb64b067159be151c0c39f352469f8e
4b21a75947495235f6a389dabaec2db5eef0f1be
a5f047981dbccc524d124a02def835945ef10deaa34f47b49f906d3f9dadebbe
GET /s/player/abfb84fe/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7IlCyKyrEFc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49730
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 09:55:57 GMT
expires: Mon, 25 Sep 2023 09:55:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/css
age: 61761
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (570)
Hash faf7cb6fdef7f573ad65139bd560afed
e01ff9c1ab3e3a94d92db4c8580b18558256c5ba
e0912caa0cba25c0e92c231d528c723f7bf7d7479c53a8505858c79284013e9e
GET /s/player/abfb84fe/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7IlCyKyrEFc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 17:06:29 GMT
expires: Mon, 25 Sep 2023 17:06:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/javascript
age: 35929
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4474bfba80fa3257384d1c908e1353bf
9a2869a3888743d575e6f87d2a7479d5d97fa123
63378e949c0ea9564e7660ea0522ce7a59727a0a5232b81b77f8525899f67a2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/base.js
142.250.74.110200 OK 592 kB URL HTTP/2 www.youtube.com/s/player/abfb84fe/player_ias.vflset/en_US/base.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (554)
Size 592 kB (591484 bytes)
Hash f6b28b22a5f2e47964b6b5c32af48276
b6d9d5a49d45411191061e83010d785041092261
17b8660161314c54f5573c141d12d99ffe1e0c1dd139680efe3a464e48621ddc
GET /s/player/abfb84fe/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7IlCyKyrEFc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:22:47 GMT
expires: Mon, 25 Sep 2023 05:22:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 00:22:49 GMT
content-type: text/javascript
age: 78151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.quality-ind.com/images/services/i534762.jpeg
166.62.25.253200 OK 33 kB URL HTTP/1.1 mail.quality-ind.com/images/services/i534762.jpeg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x349, components 3\012- data
Hash 8f4457a98a6ec1f10099fa40f0de209b
0728cea024e54bd3114f26a84d7c70566057ed15
f69f580e2a8f770d37ce8fb5d1a40fc7a2c367f8b1bfb03c4c1ac2eaba77f39b
Analyzer Verdict Alert fortinet Phishing
GET /images/services/i534762.jpeg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Tue, 16 Jun 2020 10:07:20 GMT
ETag: "4901bbc-823b-5a830b57f612e"
Accept-Ranges: bytes
Content-Length: 33339
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15109
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:05:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15109
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:05:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15109
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:05:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15109
Expires: Mon, 26 Sep 2022 07:17:08 GMT
Date: Mon, 26 Sep 2022 03:05:19 GMT
Connection: keep-alive
mail.quality-ind.com/company9/images/top-hd.png
166.62.25.253404 Not Found 315 B URL HTTP/1.1 mail.quality-ind.com/company9/images/top-hd.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /company9/images/top-hd.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/style-switcher/colors/yellow.css
Cookie: dir_lang=en
HTTP/1.1 404 Not Found
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 431ff1171a3d7c60a31cc1c3f62164ee
4b32113aaf50132b38c8034017a6eb5a32d7040b
65d598db252fb3979d3df3cb8d052861bb31d6187552f9c694ec27a322b308c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a7e9af9-ebe4-49ea-9af4-d118f2ef0b43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8851
x-amzn-requestid: dbe6ba4c-3d38-48e8-9d08-088d8e26e7a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUDAE23oAMF_yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd46-4f3b85952fa3109d2921d0e1;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wbbfzE5nQkhK_nsXX8XGJbOl3Yf6NDA1r_AC-0dOzqJDkLQ2BLxK9A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 23:15:06 GMT
age: 13813
etag: "4b32113aaf50132b38c8034017a6eb5a32d7040b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:48:52 GMT
age: 18987
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1823d1bb11ceec44419af17b32275cb5
5df91bc07da358644dc16e12f509ee364ec17bcb
f7aa5f13f0d469d4ffe569b2c21cb599a9c70c490caa31e0e83c36fe2dd49a8b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2719e8b8-4e41-4309-8ca2-8780fbed9e48.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15624
x-amzn-requestid: 966db920-27f5-496f-8aea-4e0628e6dc7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhF3xIAMFzaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-1f62801d573715e14518564c;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LH8Nx22zSbIDy8OoiC6xx7Mxfz6je1pmA2u9tqsLTtCiAyvjyVnq0g==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:07:18 GMT
age: 17881
etag: "5df91bc07da358644dc16e12f509ee364ec17bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 19664
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.quality-ind.com/company9/images/bg-10.png
166.62.25.253404 Not Found 315 B URL HTTP/1.1 mail.quality-ind.com/company9/images/bg-10.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /company9/images/bg-10.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 404 Not Found
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 17703
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a75be68e82e6a0ba74932fbe74c7b30
36310320605833289e78cd248c45915363a0a0c3
56d709b77802037254b7922e3f85d1b1652b70dfc4b6c65b03e4149d3b1f22ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e46522-27ca-4a21-a138-a7bdaf6c55b5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6443
x-amzn-requestid: b6f3be01-6086-4fc1-8bec-c4caa1fe806c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSKMG04IAMFRxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330ca41-5452d1805d3f4d71303142c9;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tx-lL61dT3iakJd8VZw31hzMklubUDBQxE6LBhxsJUqyMM0bqCk73g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:28:23 GMT
age: 16616
etag: "36310320605833289e78cd248c45915363a0a0c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.quality-ind.com/images/loader.gif
166.62.25.253200 OK 604 B URL HTTP/1.1 mail.quality-ind.com/images/loader.gif
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type GIF image data, version 89a, 16 x 16\012- data
Hash 54dafab72c7ad4425d572a3eb4b8a050
4f39e547ca948ed0e515d46f76e3304d42c17846
88295ba8ceae926052e37403b4613b76ce6e5626393937f55ddc63ed015ca46d
GET /images/loader.gif HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/css/style_en.css
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 25 Apr 2014 06:20:22 GMT
ETag: "49002c0-25c-4f7d7f5e07580"
Accept-Ranges: bytes
Content-Length: 604
Keep-Alive: timeout=5
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.quality-ind.com/images/logo_en_466288.png
166.62.25.253200 OK 56 kB URL HTTP/1.1 mail.quality-ind.com/images/logo_en_466288.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 550 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash cdc6a862e2eaf25f79643aa182274189
750152d01e99b1d7e1104bc78206e5ee0b00f492
fa130e1cc1b046fe54b7065f33b4c395d44448237532368fb214a3c72f2998cf
GET /images/logo_en_466288.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Mon, 25 Mar 2019 14:13:14 GMT
ETag: "49002c4-dc76-584ebce22e48f"
Accept-Ranges: bytes
Content-Length: 56438
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
mail.quality-ind.com/images/services/i878424.jpg
166.62.25.253200 OK 68 kB URL HTTP/1.1 mail.quality-ind.com/images/services/i878424.jpg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 689x588, components 3\012- data
Hash 0f3c3f0e66212d2a48b3bb5746eaa577
18969d82e5496999b0265b87954ae3dbc2f09adf
b81fd73b77097cae8368e10bd44cfdca1092e51b665dcb27641701c834d9280b
GET /images/services/i878424.jpg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Mon, 19 Aug 2019 08:47:57 GMT
ETag: "4901bc7-10ad4-590746581424a"
Accept-Ranges: bytes
Content-Length: 68308
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
mail.quality-ind.com/images/home_intro/i103272.jpg
166.62.25.253200 OK 72 kB URL HTTP/1.1 mail.quality-ind.com/images/home_intro/i103272.jpg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1288x726, components 3\012- data
Hash 32cb1c6ef7f822d5a3fa8c3d9ef204b8
56bac3053439208d93d79ce0eb5ddc4e141f367e
09d36ea9ea0335f1dd0f57471434888101d0ebb1a8e482f2dbaeeadd45152ca7
GET /images/home_intro/i103272.jpg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Mon, 14 Jun 2021 08:13:27 GMT
ETag: "490119f-1187a-5c4b56e995703"
Accept-Ranges: bytes
Content-Length: 71802
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
mail.quality-ind.com/fonts-ar/Helvetica.woff
166.62.25.253200 OK 55 kB URL HTTP/1.1 mail.quality-ind.com/fonts-ar/Helvetica.woff
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 54561, version 0.0\012- data
Hash 365f3779e5f8fc2363032a4d9f6d045a
0a01225098e7b32062d567a34d457c10a71fd583
37f7e4ddfa4c6da863e465b5b834d16e7cf1ce40add99575a5e7c04eff299b06
Analyzer Verdict Alert fortinet Phishing
GET /fonts-ar/Helvetica.woff HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.quality-ind.com/css/style_en.css
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Wed, 22 May 2013 08:17:02 GMT
ETag: "490010c-d521-4dd4a30bf3b80"
Accept-Ranges: bytes
Content-Length: 54561
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
mail.quality-ind.com/images/uaepd.png
166.62.25.253200 OK 3.8 kB URL HTTP/1.1 mail.quality-ind.com/images/uaepd.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 105 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ddce8639e19a37c3ef325f162bb3a05
f5e0af792139d31c0b93e1d8498b506b8db8ab63
4be7ab6f49d5702cb62458080a722ceae79724c3e86083750a67f1296e714e5b
GET /images/uaepd.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Sun, 29 Oct 2017 09:45:54 GMT
ETag: "4900425-efe-55cac6351f880"
Accept-Ranges: bytes
Content-Length: 3838
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
mail.quality-ind.com/images/colorscss.png
166.62.25.253200 OK 334 B URL HTTP/1.1 mail.quality-ind.com/images/colorscss.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 106 x 41, 8-bit/color RGB, non-interlaced\012- data
Hash 8aec0800b0e4b08ac2d974f1e5a3630a
37bab2bd91f8855e737afdba9f6f84f31667465d
55b67786e1bc0fbdb77abebbb71253f63e4d5f72ed58d4846a8b9f4bc65838d6
GET /images/colorscss.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Fri, 27 Oct 2017 16:59:50 GMT
ETag: "490016d-14e-55c8a37810d80"
Accept-Ranges: bytes
Content-Length: 334
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a6a622459e93134f2a6fa008e26ceee0
7f797c40d60ce008b1cd5b4fcbe6786537ce2d1a
b289d9acf3ca227dd635803a39c05ee4d8f4ae6f807473e1339f22d12e3bd3c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 03:03:02 GMT
expires: Mon, 26 Sep 2022 03:18:02 GMT
cache-control: public, max-age=900
age: 137
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a6a622459e93134f2a6fa008e26ceee0
7f797c40d60ce008b1cd5b4fcbe6786537ce2d1a
b289d9acf3ca227dd635803a39c05ee4d8f4ae6f807473e1339f22d12e3bd3c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 26 Sep 2022 03:05:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 26 Sep 2022 03:05:19 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1d095ec6a56142cb2084481b06881ef4
82ff236023008fbfb871aaa7c1e976e0cf15e91a
791ac45152415413d4af27f3dde61a021c9c57dcf7ca5b0e65300ebc3cd8815d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (35828)
Hash 1ed889cab64ed21b731024b197a7a51c
ac82dc07537c66a13443af1b52503291de1ade7e
253b4a86a0907fa19514319f0238b813391fde9211a048823cae7220a432442e
GET /js/th/nrTPYF1MeWhW5u-1uricHJVJdskICRuFTkjv60UEiAs.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 14:55:01 GMT
expires: Mon, 25 Sep 2023 14:55:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 15:00:00 GMT
content-type: text/javascript
age: 43818
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 11e861e3f6164dbdcfd0e5dbae6d7aeb
fde19b09d5ad1efb0a67cc9aa328a660f28d5a98
fc72efec27bd991b3a8d360181b60366bb43f6dfe3f32c0986af434c01d05c42
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 26 Sep 2022 03:05:19 GMT
server: ESF
cache-control: private
content-length: 30831
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f09a18ffd47757d6303864753f40a57c
6f056a04785c83dae4a4f40eaac5ac34a5a391f2
9969afe37e2b095cd931423fcc9dbfaa9a751d81a055bcd8f77a1aa7a51bd72e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f864de16e2c738477abbf4addaae65f8
30fff82640e6e005aa148ef47d7de74a741c2467
0882106567d5f02552bcaf89d607f9c2d945191dad38332843dfe355f7d5d6c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/7IlCyKyrEFc/sddefault.webp
216.58.207.246200 OK 10 kB URL HTTP/2 i.ytimg.com/vi_webp/7IlCyKyrEFc/sddefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9f8490d00c9cee16eca826455854042d
8fd2c4094820ff492456f86d86aa77f42d523a23
dcc60399990365671fb69888c075e1796f902ea29b70841b155109652cff0dc8
GET /vi_webp/7IlCyKyrEFc/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 10490
date: Mon, 26 Sep 2022 03:05:19 GMT
expires: Mon, 26 Sep 2022 05:05:19 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f864de16e2c738477abbf4addaae65f8
30fff82640e6e005aa148ef47d7de74a741c2467
0882106567d5f02552bcaf89d607f9c2d945191dad38332843dfe355f7d5d6c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.quality-ind.com/font-awesome/fontawesome-webfont.woff2?v=4.7.0
166.62.25.253200 OK 77 kB URL HTTP/1.1 mail.quality-ind.com/font-awesome/fontawesome-webfont.woff2?v=4.7.0
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.quality-ind.com/font-awesome/font-awesome.css
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Tue, 22 Nov 2016 05:45:14 GMT
ETag: "4900102-12d68-541dd46be2e80"
Accept-Ranges: bytes
Content-Length: 77160
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
yt3.ggpht.com/ytc/AMLnZu_WSI6u3ui0bjkrbx6aNy89bmTeO0lxhYzf3w=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_WSI6u3ui0bjkrbx6aNy89bmTeO0lxhYzf3w=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash d314911c47a83dafffe69dddd5daf02b
c9f8e6ca95d3a96825825659f26db599c8097ae3
bb1392f6eaae39c2d13a8c77b359246b5cc5745ab8418099b37638d7bc46e26e
GET /ytc/AMLnZu_WSI6u3ui0bjkrbx6aNy89bmTeO0lxhYzf3w=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Tue, 27 Sep 2022 03:05:19 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 03:05:19 GMT
server: fife
content-length: 1104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.quality-ind.com/fonts-ar/Helvetica.ttf
166.62.25.253200 OK 96 kB URL HTTP/1.1 mail.quality-ind.com/fonts-ar/Helvetica.ttf
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 33 names, Macintosh, Copyright \251 2012 Monotype Imaging Inc. All rights reserved. This software is the property of \012- data
Hash 7cc662d36ef06f191900a28eae85e3f3
07cc1d42c6eb2bf6548bfa58e409f6fcc17db0cf
9a14ebb1885b508662ebc7ac2cd1b147c104c69602df0d29f2ffa71bd81ea2eb
Analyzer Verdict Alert fortinet Phishing
GET /fonts-ar/Helvetica.ttf HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/css/style_en.css
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Wed, 22 May 2013 08:16:42 GMT
ETag: "490010b-1774c-4dd4a2f8e0e80"
Accept-Ranges: bytes
Content-Length: 96076
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/ttf
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ffb1ee0c677f670f393bc590d5c6bd11
494d666d08ace557a8b22aff6045d24bd68c1844
8d9e49545b65e314e949a0d012c664fbe8d2dae912906d1506c2e1243f154258
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 03:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 26 Sep 2022 03:05:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 35c9cefebed0abf6aec0b51c3b9653e6
f808ea2cb6ce472eacfc0d284285b544aed5c4f8
602516014c9fa7e3900059adf9f387adb05e8a78d613d84b4652a45f258a805d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1066
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 26 Sep 2022 03:05:20 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.quality-ind.com/images/services/i703086.jpg
166.62.25.253200 OK 177 kB URL HTTP/1.1 mail.quality-ind.com/images/services/i703086.jpg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1240x876, components 3\012- data
Size 177 kB (177072 bytes)
Hash ffa6278ae7022d2374d01e2d7af87dcc
ac3dd0a26394af5cfe6bfa3dc0f941f9abdf7141
fc07086fa82fc7554be879e2f85434fde37db8e8ce3282ca3e2b5a531555c92c
GET /images/services/i703086.jpg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Wed, 26 Jun 2019 11:18:51 GMT
ETag: "4901b91-2b3b0-58c3835c94fa0"
Accept-Ranges: bytes
Content-Length: 177072
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
mail.quality-ind.com/images/favicon.png
166.62.25.253200 OK 505 B URL HTTP/1.1 mail.quality-ind.com/images/favicon.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash a4285dd1d95246ec8ecad3f5d25b9ef5
9f8a696a8550800c35a94175ac7268adad03be83
1331647d153daf63fe50fe40b2d31547d9ae4d5182ce2270a9104d93a6d27a93
GET /images/favicon.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:20 GMT
Server: Apache
Last-Modified: Mon, 16 May 2016 05:56:44 GMT
ETag: "4900190-1f9-532ef4a057f00"
Accept-Ranges: bytes
Content-Length: 505
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
mail.quality-ind.com/images/banners/i791896.jpg
166.62.25.253200 OK 367 kB URL HTTP/1.1 mail.quality-ind.com/images/banners/i791896.jpg
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2019:03:25 18:01:49], baseline, precision 8, 1728x900, components 3\012- data
Size 367 kB (366961 bytes)
Hash 79ac516aaff4745646426579a6d3c368
5b0fe186259b226fa3ce8564343d08b0dc8bb867
3098a79b152ba13fa11461fd05288c9128a9fa25cd5e74c42f65cfcf53e04bff
GET /images/banners/i791896.jpg HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:19 GMT
Server: Apache
Last-Modified: Mon, 25 Mar 2019 14:02:03 GMT
ETag: "490013e-59971-584eba6277332"
Accept-Ranges: bytes
Content-Length: 366961
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
www.youtube.com/embed/7IlCyKyrEFc
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/7IlCyKyrEFc
IP 142.250.74.110:0
GET /embed/7IlCyKyrEFc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 26 Sep 2022 03:05:18 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ne2PmKbJS6Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=TmimlpRgVsI; Domain=.youtube.com; Expires=Sat, 25-Mar-2023 03:05:18 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+507; expires=Wed, 25-Sep-2024 03:05:18 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.quality-ind.com/images/banners/i414171.png
166.62.25.253200 OK 0 B URL HTTP/1.1 mail.quality-ind.com/images/banners/i414171.png
IP 166.62.25.253:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
GET /images/banners/i414171.png HTTP/1.1
Host: mail.quality-ind.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.quality-ind.com/
Cookie: dir_lang=en
HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 03:05:18 GMT
Server: Apache
Last-Modified: Sat, 17 Aug 2019 11:25:49 GMT
ETag: "4900ef9-5cf10-5904e5e6dffdc"
Accept-Ranges: bytes
Content-Length: 380688
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png