firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 19:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U40df4kie_8jAox-ytSiAGVXEjB53ek-BbfpfG5AnC3RttzFS-_Jcw==
Age: 1181
www.blwengineers.com/
301 Moved Permanently 175 B IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 27d3037d4815f88b7bb724cb258524e1
092678ca1f61e13d97f37f7be9438e7b32b722e9
0c0a343c76a265d5b6b5b3708383afaf77f187eaa7f3fa8f1fec18cdf4ebe198
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: openresty/1.19.9.1
Date: Tue, 06 Sep 2022 19:24:03 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://www.blwengineers.com/
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9534
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 19:24:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gDedXFjtcHbnxoM-PQVh3qJThHV_HSM_k6hTlWy0s-SHWELr5fxMeQ==
age: 65326
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:24:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 18:43:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SkKwIHd0kJS9CMz5GJaOGAYmQlkp_sMr9DDraLx4SGz-YSq9tg9Xsw==
Age: 2745
ocsp.netsolssl.com/
200 OK 472 B IP
Hash 9fb8efb2d4ba4490fe8d2b9e596dac9c
f396fc72b45c2662e1eb579ffcab5b0ca3917756
6a7cfbfd236650e9541d219790d1d2ce79ebf841490a831547db5bd027acb3af
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:03 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 02:46:54 GMT
Expires: Mon, 12 Sep 2022 02:46:53 GMT
Etag: "f396fc72b45c2662e1eb579ffcab5b0ca3917756"
Cache-Control: max-age=457969,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469952989a8b503-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5117
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:03 GMT
Last-Modified: Tue, 06 Sep 2022 17:58:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C5byo61ZGpgLSe0HxkSqPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l160ORiP06WHGf7KMFSm1ArbkYo=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10817
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:24:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10817
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:24:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10817
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:24:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10817
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:24:05 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10817
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:24:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 77903
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 77759
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 53233
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 75974
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 42160
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a87857b93f99eab3118aae97a1c9d22
3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80
97ce11c0e0efe83d6568f173f9235160157c52b4ab4299823d508c072f113ddc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa58df54c-7833-44ce-9519-a44b50319614.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5775
x-amzn-requestid: dc0a6d9c-5aec-44a3-be54-69cec17f9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYfxE0noAMFz0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166dfe-6c8ec4b03fc761d81c988132;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z3WamVQsZqAoYnfPZ0rgyYXGzs1jsv56D1oF4Wzva-H-T8a-xPU8mg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:00:00 GMT
age: 77045
etag: "3aea6a5aaf5ccda356d7e0941b33a7c2e2b13e80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blwengineers.com/wp-content/plugins/sidebar-manager-light/css/otw_sbm.css?ver=5.8.5
200 OK 118 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/sidebar-manager-light/css/otw_sbm.css?ver=5.8.5
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with CRLF line terminators
Hash 306f09773d3b98a289e658f9d189473e
94662da1f36c6ffe828bdda4adc8cc413b29655c
ffb5d3bd0f9c52acce273351ef900acc9c5669c84b48c78646485cd0ab47c583
GET /wp-content/plugins/sidebar-manager-light/css/otw_sbm.css?ver=5.8.5 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
content-length: 118
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Apr 2022 20:43:06 GMT
etag: "76-5dd07ec863bef"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2022/01/367593-linkedin-iconfinder-free.png
200 OK 1.0 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2022/01/367593-linkedin-iconfinder-free.png
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 38 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 13e67e635064be71eedd220f1d14a811
f8e02a02f1c791de186476f6eece484def091823
7ab7af7e8dcbf6ec0be79a6e2c76008672b0eacae0ed29b8f8fbe66dbf57dc25
GET /wp-content/uploads/2022/01/367593-linkedin-iconfinder-free.png HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/png
content-length: 1010
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jan 2022 16:39:28 GMT
etag: "3f2-5d6569cbf26d8"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
200 OK 7.2 kB URL HTTP/2 www.blwengineers.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash b5ab2feb7ccbfa9c7457f3281fe58c9b
6e8b5e1b2bf4b5b4f86edc6c25c20184bae3ecce
24d3aafb261f6fabf8e2c48c4634b00f1990108041a3568ec6263dfec42c6d4a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:42 GMT
etag: W/"4056-5c79be06354e9"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/css/meanmenu.css
200 OK 15 kB URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/css/meanmenu.css
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash 6545e501bd34017530d6169401799bd2
7d7d8b0468e5366fc49c9a93dec0f08f070ea06c
cbd8a023bd9536e5051f041963db585960a9bdc324cd73a76f764b535a30ad3c
GET /wp-content/themes/BLWEngineers/css/meanmenu.css HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Jun 2014 06:06:11 GMT
etag: W/"1200-4fc8ec1acb590"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blwengineers.com/wp-content/plugins/widgetkit/cache/widgetkit-22733e6a.js
200 OK 20 kB URL HTTP/2 www.blwengineers.com/wp-content/plugins/widgetkit/cache/widgetkit-22733e6a.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash ec9fc1840cb25ece397b2443ec8f169c
58f670d8a955e2ddb7c821f6f7b79cadf351ac1e
21445f6a574500cca5c58efe956d86c5b106750911f0b78b59d050ecec5be165
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/widgetkit/cache/widgetkit-22733e6a.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 27 Feb 2016 22:07:21 GMT
etag: W/"5290-52cc7a3c37a6d"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2014/05/Plumbing2-cropped-1200x363.jpg
200 OK 133 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2014/05/Plumbing2-cropped-1200x363.jpg
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 480x480, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 1200x363, components 3\012- data
Size 133 kB (133010 bytes)
Hash f1204173315607f5bd822095640efb3a
c04ef6c3f2a74b64480d29d7ae30af9776f53b00
751bb6d341b32ed9845b61415f6946f67118a0a6deeb361e119898044cb58778
GET /wp-content/uploads/2014/05/Plumbing2-cropped-1200x363.jpg HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/jpeg
content-length: 133010
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 11:40:27 GMT
etag: "20792-4fc069c345b5a"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2017/10/netsol-site-seal1.png
200 OK 5.9 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2017/10/netsol-site-seal1.png
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 99 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f6ca1ed2448c45f82d0b76897de51d8
37b93b8de82b3375bbce7d4e607a4d0124e18e8e
5549db7fd21cbb0c4b430e012d15e7e28a3a7067958041fd16ec690125a1c2e4
GET /wp-content/uploads/2017/10/netsol-site-seal1.png HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/png
content-length: 5882
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Oct 2017 13:22:24 GMT
etag: "16fa-55c4ad4668995"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a1218af6fd7da8fb60506d76410b98e
249c5e9ceb01e601d19f672972b23cefe60e1685
dc78421a03a527bb516f7af4a56618230ecb043a6939d0fbf84384e3f75c41d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC78421A03A527BB516F7AF4A56618230ECB043A6939D0FBF84384E3F75C41D1"
Last-Modified: Tue, 06 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10173
Expires: Tue, 06 Sep 2022 22:13:40 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
www.blwengineers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
200 OK 21 kB URL HTTP/2 www.blwengineers.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash d7e518c9c2df8fbe9430e8f7c2aba5f6
9167c4fcda00104e9d20a868cd869c62a5444947
52fd69fc20c6c207c74850664e02b8c8bebe91083c5e9e4461832ea186981516
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:38 GMT
etag: W/"13abe-5c79be02aef6e"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/images/logo.gif
200 OK 6.0 kB URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/images/logo.gif
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type GIF image data, version 89a, 290 x 58\012- data
Hash 9868b30dba662080879491593aa40421
9e4cbfbad7d8722a2e48c8310529b6701fc7cefc
5831abbdd7b1666b7b2fd6d262293e00876a8dd0be1c521b1e2b965b9c816a1a
GET /wp-content/themes/BLWEngineers/images/logo.gif HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/gif
content-length: 6045
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:57:22 GMT
etag: "179d-4fc06021ad0fd"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10
302 Found 154 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /mc/?dp=10 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: text/html
content-length: 154
location: /mc/?dp=10&tc=1
set-cookie: test_cookie=CheckForPermission; path=/; Secure; SameSite=None; domain=.acint.net; expires=Tue, 06-Sep-22 19:34:07 GMT
aid=sAkJCmMXnlc/4QBwUvn8Aumg2im7CrngdMIrSf9qu7MCaBSt; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
www.acint.net/hit/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=75128280&u=https%3A%2F%2Fwww.blwengineers.com%2F&r=&rs=1280x1024&t=BLW%20Engineers&oE=1&oP=1&dT=2022-09-06T19%3A24%3A01.609&fu=6ce9ad0f-7661-45f6-b28b-c8d5d1ce23e1
200 OK 43 B URL HTTP/2 www.acint.net/hit/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=75128280&u=https%3A%2F%2Fwww.blwengineers.com%2F&r=&rs=1280x1024&t=BLW%20Engineers&oE=1&oP=1&dT=2022-09-06T19%3A24%3A01.609&fu=6ce9ad0f-7661-45f6-b28b-c8d5d1ce23e1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hit/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=75128280&u=https%3A%2F%2Fwww.blwengineers.com%2F&r=&rs=1280x1024&t=BLW%20Engineers&oE=1&oP=1&dT=2022-09-06T19%3A24%3A01.609&fu=6ce9ad0f-7661-45f6-b28b-c8d5d1ce23e1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
set-cookie: aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.acint.net; path=/; Secure; SameSite=None
X-Firefox-Spdy: h2
a.utraff.com/sync?ssp=sape
204 No Content 0 B URL HTTP/2 a.utraff.com/sync?ssp=sape
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=sape HTTP/1.1
Host: a.utraff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: text/plain
set-cookie: preutid=1; Expires=Thu, 06 Oct 2022 22:24:07 GMT; Domain=.itraff.net; SameSite=None; Secure; Path=/
preutid=1; Expires=Thu, 06 Oct 2022 22:24:07 GMT; Domain=.utraff.com; SameSite=None; Secure; Path=/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-expose-headers: Content-Length,Content-Range
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95YDGSTDkWWSTos%2BiPmJ5Mkz6EyTsa0x1pYUMNC50nrWpZ9wR0nu1D2e4ZL8BIxbU8v58KNiINnzEye5LjPZNhvJ7ClfGV%2F%2FxfLo7VjwEyE5yPXzJhSXeC%2F9OiUGAbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746995436dbbb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2014/05/Fire-Protection-cropped-1142x346.jpg
200 OK 148 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2014/05/Fire-Protection-cropped-1142x346.jpg
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 480x480, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 1142x346, components 3\012- data
Size 148 kB (147716 bytes)
Hash 3d09dd79b29c906ae6dcae94eff674d3
f76aad6e970fa7a833099b022d2902374abd9c96
b7f9212ed6f3ce90ea3c7bb8e0173b7ee310fa5ee06a6cc5dde3dbec14e75f71
GET /wp-content/uploads/2014/05/Fire-Protection-cropped-1142x346.jpg HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/jpeg
content-length: 147716
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 11:17:00 GMT
etag: "24104-4fc06485512cf"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
200 OK 3.6 kB URL HTTP/2 www.blwengineers.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash 266885c0fdc278dc8f2b57ffe0cdd3a0
b2f9a01e82643cd24eac136daaeea0aa50e8f4b8
343b23510c3687eefb044a03504640f940d08cdd5571ee9a461a4664240c6e4f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6.1 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 May 2022 19:13:00 GMT
etag: W/"25f8-5df4e0bb5e5f7"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83bd024cc02b3299917f70916d4f0282
80acdfa7ef806862834efe053ed0d2bc1b0b0a6f
c1fc9234937fa16ba9be560a4313321f12f3d244a01a40b1d5c97265b04aa499
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1FC9234937FA16BA9BE560A4313321F12F3D244A01A40B1D5C97265B04AA499"
Last-Modified: Sun, 04 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13609
Expires: Tue, 06 Sep 2022 23:10:56 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6189b9d9b5bdbba86eed57258bb2fdcc
639a6cf1fa77c07b7bcbb5913fbe07ae1e29a798
c07a394db8c5da0e058d28ade4d775a1ceecd0984a5d63a83faff3595bc378cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C07A394DB8C5DA0E058D28ADE4D775A1CEECD0984A5D63A83FAFF3595BC378CF"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6017
Expires: Tue, 06 Sep 2022 21:04:24 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2fbd67356cbea8ab34b4734c3e38bcb5
0ff9d499bf343eb4ef5b76a33dbe75d866a3a7b9
0d74d94af247e62a0c94f0971dd1b1f8b81a221a59cfa3c7d15af8c94ce57db4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D74D94AF247E62A0C94F0971DD1B1F8B81A221A59CFA3C7D15AF8C94CE57DB4"
Last-Modified: Sun, 04 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10959
Expires: Tue, 06 Sep 2022 22:26:46 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fab2a3b54efd251657ecfd1b99e0d3cc
53fbbbe7a82364bcd724f206f205cc8b5351f3ad
9d119cf1a65ce9075ee0347a139dc4dedc5c526b6130d984cc9889c80be511f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D119CF1A65CE9075EE0347A139DC4DEDC5C526B6130D984CC9889C80BE511F3"
Last-Modified: Sun, 04 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14038
Expires: Tue, 06 Sep 2022 23:18:05 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0257bf71f232921a64ef745e483249bf
d1c9e7485cbc2ca37dc49866422a73c33b868233
fc307f8316fddd387b7fb6c8baea148255d13f55388ac5eff5cbae4ccc83746f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC307F8316FDDD387B7FB6C8BAEA148255D13F55388AC5EFF5CBAE4CCC83746F"
Last-Modified: Tue, 06 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1489
Expires: Tue, 06 Sep 2022 19:48:56 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
s.uuidksinc.net/match/396/?remote_uid=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 s.uuidksinc.net/match/396/?remote_uid=0A0909B0579E17636F00C23F02593A04
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/396/?remote_uid=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.19.0
date: Tue, 06 Sep 2022 19:24:07 GMT
content-length: 0
location: https://www.acint.net/match?dp=127&euid=K6AOl2GV71Rnsa80aZVA
set-cookie: jcsuuid=K6AOl2GV71Rnsa80aZVA; expires=Wed, 06 Sep 2023 19:24:07 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29729acfa236c331b4ebc7b649777960
2d86bc95cee594b0136846a51d82fbb55a30701b
9446008904633e16be28cb5483c8a1d4bd1eda923d64ffe2212c7e5033aadc11
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9446008904633E16BE28CB5483C8A1D4BD1EDA923D64FFE2212C7E5033AADC11"
Last-Modified: Tue, 06 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6125
Expires: Tue, 06 Sep 2022 21:06:12 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash fe01b0ef8886df8c7217a782b2a7c1c8
d5c54bf2b0a59fa84a6b27a10c7d8a99edb6c347
2a191151dfbd3dca2fe5361d9de9602ab77438002acb4327fe410f8076146caf
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sat, 10 Sep 2022 18:06:37 GMT
ETag: "d5c54bf2b0a59fa84a6b27a10c7d8a99edb6c347"
Last-Modified: Tue, 06 Sep 2022 18:06:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2656
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469954499920b45-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2bdc064b70da139fb798bc69eb382a3a
c84f90207288145f5b14b82e7e022dd607c7a277
cc41a8aeff25560aa90dc1a754afbcc58829839da7b90d988cbbb9d6a47e313d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC41A8AEFF25560AA90DC1A754AFBCC58829839DA7B90D988CBBB9D6A47E313D"
Last-Modified: Tue, 06 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5603
Expires: Tue, 06 Sep 2022 20:57:30 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
302 Found 0 B URL HTTP/1.1 ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP/1.1
Host: ssp.bestssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.16.1
Date: Tue, 06 Sep 2022 19:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.acint.net/match?dp=95&euid=GVBOEUOU
Set-Cookie: uid=GVBOEUOU; Expires=Tue, 06 Sep 2032 00:00:00 GMT; mf2=1; Expires=Thu, 06 Oct 2022 00:00:00 GMT;
sync.bumlam.com/?src=sap1&uid=0A0909B0579E17636F00C23F02593A04
302 Moved Temporarily 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&uid=0A0909B0579E17636F00C23F02593A04
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&uid=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3YTM3YWRiYS0yZTE5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 01 Sep 2042 19:24:07 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjXvN6YBmIgMEEwOTA5QjA1NzlFMTc2MzZGMDBDMjNGMDI1OTNBMDSiARB6N626LhkR7YbgACWQwGR8
ETag: 7a37adba-2e19-11ed-86e0-002590c0647c
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
sync.upravel.com/sape/sync
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/png
content-length: 0
location: https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
set-cookie: session_tptc=1662492247782;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
session_tptc-legacy=1662492247782;Version=1;Domain=.upravel.com;Path=/;Max-Age=180
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
sync.republer.com/match?dsp=sape
204 No Content 0 B URL HTTP/2 sync.republer.com/match?dsp=sape
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?dsp=sape HTTP/1.1
Host: sync.republer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 19:24:07 GMT
strict-transport-security: max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=127&euid=K6AOl2GV71Rnsa80aZVA
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=127&euid=K6AOl2GV71Rnsa80aZVA
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=127&euid=K6AOl2GV71Rnsa80aZVA HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
cs.agency2.ru/p?ssp=sp&uid=0A0909B0579E17636F00C23F02593A04
301 Moved Permanently 0 B URL HTTP/1.1 cs.agency2.ru/p?ssp=sp&uid=0A0909B0579E17636F00C23F02593A04
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sp&uid=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: cs.agency2.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Length: 0
Connection: keep-alive
Server: fasthttp
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://www.acint.net/match?dp=186&euid=2605ef54-62fc-4ede-8672-a019e0014275
Set-Cookie: uuid=2605ef54-62fc-4ede-8672-a019e0014275; expires=Mon, 28 Aug 2023 19:24:07 GMT; domain=agency2.ru; path=/; secure; SameSite=None
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
X-Host: 23.111.107.44
mediatoday.ru/core/match.gif?s=32&id=0A0909B0579E17636F00C23F02593A04
200 OK 43 B URL HTTP/2 mediatoday.ru/core/match.gif?s=32&id=0A0909B0579E17636F00C23F02593A04
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /core/match.gif?s=32&id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: mediatoday.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.2
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 43
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
cache-control: no-cache, max-age=0, must-revalidate, no-store
pragma: no-cache
expires: Thursday, 01-Jan-1970 00:00:00 GMT
set-cookie: idntfy=VUbrxDD5iBzJTu9; expires=Fri, 03-Sep-2032 19:24:07 GMT; domain=mediatoday.ru; path=/core; SameSite=None; Secure
X-Firefox-Spdy: h2
sync.dmp.otm-r.com/match/sape?id=0A0909B0579E17636F00C23F02593A04
204 No Content 0 B URL HTTP/2 sync.dmp.otm-r.com/match/sape?id=0A0909B0579E17636F00C23F02593A04
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/sape?id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: sync.dmp.otm-r.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.17.0
date: Tue, 06 Sep 2022 19:24:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.bumlam.com/?src=sap1&s_data=CAIQARjXvN6YBmIgMEEwOTA5QjA1NzlFMTc2MzZGMDBDMjNGMDI1OTNBMDSiARB6N626LhkR7YbgACWQwGR8
200 OK 0 B URL HTTP/1.1 sync.bumlam.com/?src=sap1&s_data=CAIQARjXvN6YBmIgMEEwOTA5QjA1NzlFMTc2MzZGMDBDMjNGMDI1OTNBMDSiARB6N626LhkR7YbgACWQwGR8
IP
ASN #44066 diva-e Datacenters GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?src=sap1&s_data=CAIQARjXvN6YBmIgMEEwOTA5QjA1NzlFMTc2MzZGMDBDMjNGMDI1OTNBMDSiARB6N626LhkR7YbgACWQwGR8 HTTP/1.1
Host: sync.bumlam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: suuid3=IiQ3YTM3YWRiYS0yZTE5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: suuid3=IiQ3YTM3YWRiYS0yZTE5LTExZWQtODZlMC0wMDI1OTBjMDY0N2M*; Path=/; Expires=Mon, 01 Sep 2042 19:24:07 GMT; Domain=bumlam.com; SameSite=None; Secure
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
www.acint.net/match?dp=95&euid=GVBOEUOU
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=95&euid=GVBOEUOU
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=95&euid=GVBOEUOU HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:07 GMT
content-length: 0
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=7a3e8090-2e19-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 06 Sep 2023 19:24:07 GMT; SameSite=None; Secure
uid-legacy=7a3e8090-2e19-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 06 Sep 2023 19:24:07 GMT
location: /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04&cs=1
X-Firefox-Spdy: h2
ssp.bidvol.com/usersync?dspcsid=8&redirect=1
302 Found 43 B URL HTTP/2 ssp.bidvol.com/usersync?dspcsid=8&redirect=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usersync?dspcsid=8&redirect=1 HTTP/1.1
Host: ssp.bidvol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.23.0
date: Tue, 06 Sep 2022 19:24:07 GMT
x-request-id: d43ca85e-3ec5-4bbf-97d7-00073ecef085
set-cookie: bvuid=7mc7i9tw5u; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT; Secure; SameSite=None
bvuid2=7mc7i9tw5u; Max-Age=2147483647; Path=/; Expires=Tue, 19 Jan 2038 03:14:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
surrogate-control: no-store
location: https://www.acint.net/match?dp=129&euid=7mc7i9tw5u
X-Firefox-Spdy: h2
ut.rktch.com/matchspm?pi=1000005&pui=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/1.1 ut.rktch.com/matchspm?pi=1000005&pui=0A0909B0579E17636F00C23F02593A04
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /matchspm?pi=1000005&pui=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: ut.rktch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Length: 0
Connection: keep-alive
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
Set-Cookie: b_uid=3236c6b02b82d24eac660097bded35fd45fd; Max-Age=2592000; Expires=Thu, 06 Oct 2022 19:24:07 GMT; Domain=rktch.com; Secure; SameSite=None
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Content-Type, Accept, Authorization
Access-Control-Allow-Credentials: true
sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
302 Found 0 B URL HTTP/2 sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP/1.1
Host: sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1662492247782
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/png
content-length: 0
location: https://09c7097d-ab61-49de-9105-89e5378538ef.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
set-cookie: user_id=09c7097d-ab61-49de-9105-89e5378538ef;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=09c7097d-ab61-49de-9105-89e5378538ef;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=186&euid=2605ef54-62fc-4ede-8672-a019e0014275
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=186&euid=2605ef54-62fc-4ede-8672-a019e0014275
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=186&euid=2605ef54-62fc-4ede-8672-a019e0014275 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2014/04/slide03-1349x409.jpg
200 OK 113 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2014/04/slide03-1349x409.jpg
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1349x409, components 3\012- data
Size 113 kB (112884 bytes)
Hash 2686e7eb90785e0a8312197fff4aec59
8f050d71a008600a11ef366b5158737dfdbcfd52
074ab5d6efc5d17bb3fdd82ff53f5ca8b8d111ef04edcd59bdc6c0ece8576837
GET /wp-content/uploads/2014/04/slide03-1349x409.jpg HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/jpeg
content-length: 112884
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 11:07:14 GMT
etag: "1b8f4-4fc06257091ff"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2022/01/1159683-instagram-iconfinder-free.png
200 OK 1.6 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2022/01/1159683-instagram-iconfinder-free.png
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 38 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 75625887091f0288c06717815fbd80ca
e6571261acea1cca26fc7f072ba97d9f3eccad56
b1d05de0cc0018497a4da49c9ba01c56f86bfcf66125e83734dcf55ca8879186
GET /wp-content/uploads/2022/01/1159683-instagram-iconfinder-free.png HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/png
content-length: 1608
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Jan 2022 16:39:30 GMT
etag: "648-5d6569cdd97c4"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/2 www.blwengineers.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (11126)
Hash 413654fdfa9b24fbd3d747482e3971c9
c23c501d5f668cd83443a4847197717536d55ab8
48470f972b6a6afef4cdb0177dae59d5c891353d995e76c47c9cb142fe45766e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:43 GMT
etag: W/"2bd8-5c79be07f1a20"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04&cs=1
200 OK 35 B URL HTTP/2 sync.1dmp.io/pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04&cs=1
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /pixel.gif?cid=4c144084-0ce0-4f71-a147-2abe600b8908&brid=ba2b253b-6888-4e47-a573-9ffc06d95cd1&pid=w&uid=0A0909B0579E17636F00C23F02593A04&cs=1 HTTP/1.1
Host: sync.1dmp.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: uid=7a3e8090-2e19-11ed-8677-901b0e934d81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
content-length: 35
expires: 0
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
set-cookie: uid=7a3e8090-2e19-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 06 Sep 2023 19:24:07 GMT; SameSite=None; Secure
uid-legacy=7a3e8090-2e19-11ed-8677-901b0e934d81; Version=1; Path=/; Domain=.1dmp.io; Expires=Wed, 06 Sep 2023 19:24:07 GMT
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 2ec169407ed5d628b665f0b4555eb11b
2e8d3d23a745f3dfe2eee5227f19b892996b6a73
94bcf642cf2e1ccc484bffae9a3f5a9ce32cfb314f3962a34d84a90c42822591
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 16:03:35 GMT
ETag: "2e8d3d23a745f3dfe2eee5227f19b892996b6a73"
Last-Modified: Tue, 06 Sep 2022 16:03:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746995458cd70b59-OSL
ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
503 Service Unavailable 27 B URL HTTP/2 ads.adlook.me/csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
IP
ASN #48096 Enterprise Cloud Ltd.
File type ASCII text, with no line terminators
Hash 435b48c70aca2dc80f8b34b5fdeb2789
ffe2c8567607568f939fa1a6f9888639b98b400c
6468ac9f9bca964f3910fc967b80781c1c8634300e36f95ae49056d91a2734bf
GET /csync?url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP/1.1
Host: ads.adlook.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
content-type: text/html
server: Microsoft-IIS/10.0
date: Tue, 06 Sep 2022 19:24:07 GMT
content-length: 27
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ca2f987e176300de91c28f24c4b1b39
02cd65a9595c4679d09f1126bd25d00a638ade11
76d7fbb15dbdeb1ac908ac565f9c1a7b7bc253aa984c56605edfcde2759985f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76D7FBB15DBDEB1AC908AC565F9C1A7B7BC253AA984C56605EDFCDE2759985F7"
Last-Modified: Sun, 04 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15241
Expires: Tue, 06 Sep 2022 23:38:08 GMT
Date: Tue, 06 Sep 2022 19:24:07 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash a16a4e2f91cae5ae08ce280758e69f6b
3e34616a0d831ff945fb1cf1b17a94a44639b2c1
68775af4972f41e8b4689186ff180743d7759cddf55758509e25048953758733
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 00:21:02 GMT
Expires: Sun, 11 Sep 2022 00:21:01 GMT
Etag: "3e34616a0d831ff945fb1cf1b17a94a44639b2c1"
Cache-Control: max-age=362813,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74699544ace00b61-OSL
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.easing.1.3.js
200 OK 26 kB URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.easing.1.3.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash da5c96e526bad11feaca5118bd362b9e
a5c278805fa7adebbf17bcf15b8fc60f08743bef
a15bb5efc378788ffd634a77e9ec0b96c9be5480575dcf9d96fd57abb4ea14c2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jquery.easing.1.3.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:03 GMT
etag: W/"1fa1-4fc06048df320"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
301 Moved Permanently 115 B URL HTTP/2 exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text
Hash 6f1b5231652445a5255ebd28c4d0c410
48984aeebf7c0503e4912ebf02afd42fa9dd9d72
44c1b9ff0eb9f8a0b6f6fa67cae4ab9658b4cf8a710835de3ba6cd19ab9b2ab6
GET /cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP/1.1
Host: exchange.buzzoola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: text/html; charset=utf-8
content-length: 115
location: https://www.acint.net/match?dp=126&euid=dc429470-bae4-4eb9-7d0b-6ee54c05f3d8
serverid: TODO
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.min.js
200 OK 38 kB URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.min.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type ASCII text, with very long lines (32089)
Hash 5d7092c6b4fd6253612b22bcbc78ef5e
8cefea6657ea875082c0c2919d6bddfedc01d6fb
4fb9296b2a10df045ae4666f28f64fefa0fd6b22c664995b17c119f4b1f74e34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jquery.min.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:16 GMT
etag: W/"169d5-4fc0605523656"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
09c7097d-ab61-49de-9105-89e5378538ef.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
302 Found 0 B URL HTTP/2 09c7097d-ab61-49de-9105-89e5378538ef.sync.upravel.com/sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sape/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyIsImh0dHBzOi8vd3d3LmFjaW50Lm5ldC8iXX19 HTTP/1.1
Host: 09c7097d-ab61-49de-9105-89e5378538ef.sync.upravel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: session_tptc=1662492247782; user_id=09c7097d-ab61-49de-9105-89e5378538ef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/png
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: user_id=09c7097d-ab61-49de-9105-89e5378538ef;SameSite=None;Secure;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
user_id-legacy=09c7097d-ab61-49de-9105-89e5378538ef;Version=1;Domain=.upravel.com;Path=/;Max-Age=315360000
location: https://www.acint.net/match?dp=71&euid=09c7097d-ab61-49de-9105-89e5378538ef
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
X-Firefox-Spdy: h2
www.acint.net/match?dp=126&euid=dc429470-bae4-4eb9-7d0b-6ee54c05f3d8
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=126&euid=dc429470-bae4-4eb9-7d0b-6ee54c05f3d8
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=126&euid=dc429470-bae4-4eb9-7d0b-6ee54c05f3d8 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=111&euid=94cf2df6-f1c1-4d69-88eb-8f8971a8a6bc
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=111&euid=94cf2df6-f1c1-4d69-88eb-8f8971a8a6bc
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=111&euid=94cf2df6-f1c1-4d69-88eb-8f8971a8a6bc HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/match?dp=71&euid=09c7097d-ab61-49de-9105-89e5378538ef
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=71&euid=09c7097d-ab61-49de-9105-89e5378538ef
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=71&euid=09c7097d-ab61-49de-9105-89e5378538ef HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2014/04/slide02-1349x409.jpg
200 OK 143 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2014/04/slide02-1349x409.jpg
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1349x409, components 3\012- data
Size 143 kB (143435 bytes)
Hash af0bab0b148cb96ae9cc4491546181f7
18c1b6529d1ea17e8ee03fb90a678ced20ae5dd1
c4a96e92607c63ff143a36c9bde7eef4bd4c51c001ae06018f121598ef7bd315
GET /wp-content/uploads/2014/04/slide02-1349x409.jpg HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/jpeg
content-length: 143435
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 11:06:47 GMT
etag: "2304b-4fc0623d12388"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png
200 OK 824 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 60 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 09b24f1a73b9eeb5cc62db7ec0b60bca
43e3f77646ac42cdcb449dc9cc53c3a4dff63d19
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
GET /wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/arrows.png HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.27.9
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/png
content-length: 824
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Sep 2022 19:12:43 GMT
etag: "338-5e806fb17da05"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b2ebf64b97f4b91370c8d6c45c115f2
a08431f7c39438a88ec8422c9cbd0eee6a1a94d1
5da4d9ce80ecdd69067c772f862a7081d5727ca33a4d173594771785738cfdcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DA4D9CE80ECDD69067C772F862A7081D5727CA33A4D173594771785738CFDCF"
Last-Modified: Tue, 06 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4013
Expires: Tue, 06 Sep 2022 20:31:01 GMT
Date: Tue, 06 Sep 2022 19:24:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 18:41:12 GMT
expires: Tue, 06 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 2576
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform-api.sharethis.com/js/sharethis.js
200 OK 44 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP
Hash 3efb3102dd654eb1f1f7eecd4ccae288
9f85c6c34f00ded347e99f505f3ae98343c952a3
05478c6bfc250ea70b9dc95a7937289498caa058c6dc8b62f2aae12748b53604
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Tue, 06 Sep 2022 19:17:08 GMT
cache-control: max-age=600, public
etag: W/"2f749-jZtDoLQECLv0cAmOiJJ6B61Kdic"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0yshg42Reua1ZiH0dC9QVNHvuqg-aS-cD4hlJF2WZX8MRf-3BqdpIA==
age: 420
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/uploads/2014/04/slide01-1349x409.jpg
200 OK 140 kB URL HTTP/2 www.blwengineers.com/wp-content/uploads/2014/04/slide01-1349x409.jpg
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1349x409, components 3\012- data
Size 140 kB (140425 bytes)
Hash 435ee8c059aa5fac7765a685cf57e228
f7634251bdf5ce6d8261ff542d0c3bc3d9bd951a
4105fc49cb7b2e2ee76f9fadbe919fb384377cef04d5f857d0b3eb41ce489ee9
GET /wp-content/uploads/2014/04/slide01-1349x409.jpg HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: image/jpeg
content-length: 140425
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 11:06:10 GMT
etag: "22489-4fc06219bc5c0"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 4498c4715884d229af3a6d9ffaf7469f
65b0bd2f43ad388e1223b8eb2782f953e6713ee7
e8ee5b759771c6d089c2ba9aa9d752d2ab704606e58a1d695aaf950a5bd35bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 15:22:01 GMT
ETag: "65b0bd2f43ad388e1223b8eb2782f953e6713ee7"
Last-Modified: Tue, 06 Sep 2022 15:22:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3453
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746995497a000b59-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 4498c4715884d229af3a6d9ffaf7469f
65b0bd2f43ad388e1223b8eb2782f953e6713ee7
e8ee5b759771c6d089c2ba9aa9d752d2ab704606e58a1d695aaf950a5bd35bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 10 Sep 2022 15:22:01 GMT
ETag: "65b0bd2f43ad388e1223b8eb2782f953e6713ee7"
Last-Modified: Tue, 06 Sep 2022 15:22:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3453
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746995498a260b59-OSL
cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsFeeF2NvAMI_Alk6BA
200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsFeeF2NvAMI_Alk6BA
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=agentstvo_sape_limited&google_hm=CgkJsFeeF2NvAMI_Alk6BA HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
date: Tue, 06 Sep 2022 19:24:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0A0909B0579E17636F00C23F02593A04
204 No Content 0 B URL HTTP/2 fcgi4.gnezdo.ru/cookie_matching_ssp/Sape-dsp/0A0909B0579E17636F00C23F02593A04
IP
ASN #48347 JSC Mediasoft ekspert
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie_matching_ssp/Sape-dsp/0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: fcgi4.gnezdo.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
set-cookie: uid=XV9maWMXnlhSpl/nIj63Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=gnezdo.ru; path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 280 B IP
Hash c52ef440f9573af7836a301d02b5c2d6
b57de66e0c8d4a084eade6efbf8c7cced17c77ca
9fa8a00ef68e90732594e0ea8bbb9b1af17967cf947d9f8fa49f51d1a758c33a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3615
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:08 GMT
Last-Modified: Tue, 06 Sep 2022 18:23:53 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
302 Moved Temporarily 0 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Set-Cookie: cid=-6303652956; expires=Thu, 05 Sep 2024 19:24:08 GMT; path=/; domain=.adriver.ru; SameSite=None; Secure
Location: /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6303652956
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0579E17636F00C23F02593A04
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0579E17636F00C23F02593A04
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?dsp_id=153&external_id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 339352e2311a1950abf70b0aa1b7be8a
712e5a7f9bdd29683950008fcb2706089b3a5bb9
2ab6b959a63727a6596c9df7289a0f6a053e28fae078e53ef929a8f493a7bd09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AB6B959A63727A6596C9DF7289A0F6A053E28FAE078E53EF929A8F493A7BD09"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6043
Expires: Tue, 06 Sep 2022 21:04:51 GMT
Date: Tue, 06 Sep 2022 19:24:08 GMT
Connection: keep-alive
ocsp.usertrust.com/
200 OK 472 B IP
Hash 287e9159d269073f63c1d06f50f5ed89
421a39f9b80af60ff29b245ea2ca973652dfe011
734920e0de4408babde1eba9efb3c5286d70d49997e451369b2016924b7f3b1c
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 04:18:19 GMT
Expires: Mon, 12 Sep 2022 04:18:18 GMT
Etag: "421a39f9b80af60ff29b245ea2ca973652dfe011"
Cache-Control: max-age=603954,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1044
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469954a0e17b500-OSL
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b9ef6f4d2c0f3d987b478b6e302da283
598920365f4ed4e9b59c0527abd4dd109f792307
0b6e9c52812791eafe97a37666428e40d2296c8ada10733497fc76e70ae9cd1f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 03:20:25 GMT
Expires: Wed, 07 Sep 2022 03:20:25 GMT
ETag: "598920365f4ed4e9b59c0527abd4dd109f792307"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.mail.ru/cm.gif?p=48&id=0A0909B0579E17636F00C23F02593A04
200 OK 43 B URL HTTP/2 ad.mail.ru/cm.gif?p=48&id=0A0909B0579E17636F00C23F02593A04
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /cm.gif?p=48&id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: ad.mail.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/gif
content-length: 43
set-cookie: VID=2EIwDU2sesYC0022Gi1Q40oC:::0-0-0-831f718:CAASEDgPqi6Sfz8OZB_wY_xrCQYaYB0Lg_eSPuij881b8wQ1hkocPGDbeoIf3V51NVMepavSeL3IaSLIhsFvlY-YKoRug_QTF081WpbE7RqIfqa3Erib6uv_cvmr4qd1BLc7-2YF_wrLIYLS_8-Jmvqvs1uzGw; path=/; expires=Thu, 07-Sep-23 19:24:08 GMT; domain=.mail.ru; HttpOnly; SameSite=None; Secure
expires: Wed, 07 Sep 2022 01:24:08 GMT
cache-control: max-age=21600
last-modified: Tue, 06 Sep 2022 19:24:08 GMT
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
cross-origin-embedder-policy: require-corp
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 197ee7210b2ee63bb13efc3839600bc5
78d08bdddb2080ce3f7ec3eff24312299077d8d2
d0366b532d81e60a49d437ee2bbfc3d54d2492f5b6163da0b1de2e7ec125b9fb
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2934
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:08 GMT
Last-Modified: Tue, 06 Sep 2022 18:35:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 92dc2f055cca8445cb00b8c5f12b5d27
04368d9cc40860c0c5a094152426bb9d81636c67
b80eb24aeb25e8170e991328696e7e5247a8727fe9830b0f6cda40a835779b32
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Sep 2022 19:24:08 GMT
Last-Modified: Tue, 06 Sep 2022 17:53:13 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6CMSFA3Y0IdtQVA6ty5QGzOg42INE-ffuIRd5EkCj_w3XKBXuPjhjA==
Age: 5455
tag.digitaltarget.ru/adcm.js
200 OK 3.1 kB URL HTTP/1.1 tag.digitaltarget.ru/adcm.js
IP
File type ASCII text, with very long lines (3051), with no line terminators
Hash e7097284185069f52fc736bcd50cda13
1cdfdf2d869841202079ddf91e0a00a8610812e6
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
GET /adcm.js HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/javascript
Content-Length: 3051
Last-Modified: Tue, 06 Sep 2022 19:04:40 GMT
Connection: keep-alive
ETag: "631799c8-beb"
Accept-Ranges: bytes
redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
302 Found 0 B URL HTTP/2 redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D{WEBO_CID}%26noredirect HTTP/1.1
Host: redirect.frontend.weborama.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Weborama Collect Frontend
date: Tue, 06 Sep 2022 19:24:07 GMT
content-length: 0
location: https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fut.rktch.com%2Fmatchspm%3Fpi%3D1000006%26pui%3D%7BWEBO_CID%7D%26noredirect&bounce=1&random=2316165097
access-control-allow-origin: *
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Tue, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 06 Sep 2022 19:24:08 GMT
set-cookie: AFFICHE_W=4i962NRIqBzi53; expires=Wed, 04 Oct 2023 19:24:08 GMT; domain=.weborama.fr; path=/; secure; SameSite=None
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:24:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sape-sync.rutarget.ru/sync
302 Moved Temporarily 0 B URL HTTP/1.1 sape-sync.rutarget.ru/sync
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync HTTP/1.1
Host: sape-sync.rutarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Length: 0
Connection: close
Location: https://www.acint.net/match?dp=104&euid=upFjLmCtYtzV
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Set-Cookie: userId=upFjLmCtYtzV; Path=/; Domain=.rutarget.ru; Expires=Sun, 05 Mar 2023 19:24:08 GMT; SameSite=None; Secure
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 620e2eba9461a19811c0f8b85e8a691f
ae1d357abc475e369bdcb4927d9a3906ff92c2d5
6fd395f1d9510e558b05c834750f055cb00c7db0a36f7435da262f8b678a7b2d
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 10 Sep 2022 15:53:19 GMT
ETag: "ae1d357abc475e369bdcb4927d9a3906ff92c2d5"
Last-Modified: Tue, 06 Sep 2022 15:53:20 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 550
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469954a6b340b59-OSL
l.sharethis.com/pview?event=pview&hostname=www.blwengineers.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fwww.blwengineers.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=BLW%20Engineers&cms=unknown&publisher=60f2f06b76fa40001968a1df&embeds_csv=%2F%2Fwww.acint.net%2Fmc%2F%3Fdp%3D10&sop=true&version=st_sop.js&lang=en&description=We%20Specialize%20in%20Consulting%20Engineering%20for%20HVAC%2C%20Plumbing%2C%20Fire%20Protection%20and%20Electrical%20Systems.%20We%E2%80%99re%20committed%20to%20providing%20an%20array%20of%20high%20quality%20services%2C%20professionally%20coordinated%20designs%2C%20innovative%20solutions%20to%20the%20most%20intricate%20challenges%2C%20and%20a%20stellar%20client%20experience%20on%20each%20and%20every%20project.%20We%E2%80%99ve%20been%20delivering%20our%20high%20level%20of%20service%20to%20a%20variety%20of
204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=www.blwengineers.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fwww.blwengineers.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=BLW%20Engineers&cms=unknown&publisher=60f2f06b76fa40001968a1df&embeds_csv=%2F%2Fwww.acint.net%2Fmc%2F%3Fdp%3D10&sop=true&version=st_sop.js&lang=en&description=We%20Specialize%20in%20Consulting%20Engineering%20for%20HVAC%2C%20Plumbing%2C%20Fire%20Protection%20and%20Electrical%20Systems.%20We%E2%80%99re%20committed%20to%20providing%20an%20array%20of%20high%20quality%20services%2C%20professionally%20coordinated%20designs%2C%20innovative%20solutions%20to%20the%20most%20intricate%20challenges%2C%20and%20a%20stellar%20client%20experience%20on%20each%20and%20every%20project.%20We%E2%80%99ve%20been%20delivering%20our%20high%20level%20of%20service%20to%20a%20variety%20of
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=www.blwengineers.com&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2Fwww.blwengineers.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=BLW%20Engineers&cms=unknown&publisher=60f2f06b76fa40001968a1df&embeds_csv=%2F%2Fwww.acint.net%2Fmc%2F%3Fdp%3D10&sop=true&version=st_sop.js&lang=en&description=We%20Specialize%20in%20Consulting%20Engineering%20for%20HVAC%2C%20Plumbing%2C%20Fire%20Protection%20and%20Electrical%20Systems.%20We%E2%80%99re%20committed%20to%20providing%20an%20array%20of%20high%20quality%20services%2C%20professionally%20coordinated%20designs%2C%20innovative%20solutions%20to%20the%20most%20intricate%20challenges%2C%20and%20a%20stellar%20client%20experience%20on%20each%20and%20every%20project.%20We%E2%80%99ve%20been%20delivering%20our%20high%20level%20of%20service%20to%20a%20variety%20of HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.blwengineers.com
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://www.blwengineers.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 06 Sep 2022 19:24:08 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4b5cc7826455202a28c1d96455fd043c
11db9914596c1cb39926785010aa271b6a57e0ac
a34bb23885bc0a257df78926385de07131dcd027b04d386bc40035790aa88319
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A34BB23885BC0A257DF78926385DE07131DCD027B04D386BC40035790AA88319"
Last-Modified: Mon, 05 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15062
Expires: Tue, 06 Sep 2022 23:35:10 GMT
Date: Tue, 06 Sep 2022 19:24:08 GMT
Connection: keep-alive
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash f8c6feb2f801590e1e4683b951471d14
191ca6f3f1dd1244dcae2194c54e73cd4e09e3d4
cc957adcb6fb51582e19fdc2bef92c01a33eb3ad6f837f8eb8f76649ec9d567b
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Sat, 10 Sep 2022 18:32:06 GMT
ETag: "191ca6f3f1dd1244dcae2194c54e73cd4e09e3d4"
Last-Modified: Tue, 06 Sep 2022 18:32:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1828
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7469954a9b8c0b59-OSL
sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0579E17636F00C23F02593A04
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/p?ssp=sape&id=0A0909B0579E17636F00C23F02593A04
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p?ssp=sape&id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0579E17636F00C23F02593A04
Set-Cookie: dspid=cc37d687-7b29-4e06-8ed4-1c433683d115; expires=Mon, 28 Aug 2023 19:24:08 GMT; domain=.mts.ru; path=/; secure; SameSite=None
ocsp.sectigo.com/
200 OK 472 B IP
Hash eb06856d8626b77967ed070bc7d1ffce
8b064471057dedcaab5b3c488ac444aa77612a62
a328ae2472dd94315bf6b27e28895f2d1c61cf13272d2230cdfb8d27c50cac94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:09:17 GMT
Expires: Tue, 13 Sep 2022 04:09:16 GMT
Etag: "8b064471057dedcaab5b3c488ac444aa77612a62"
Cache-Control: max-age=549307,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746995496aab0b61-OSL
ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
302 Moved Temporarily 142 B URL HTTP/1.1 ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ssp-rtb.sape.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: openresty
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: text/html
Content-Length: 142
Connection: keep-alive
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Location: https://acint.net/match?dp=14&euid=A5B803C1589E17633B014B09028A1C67
Expires: Wed, 19 Apr 2000 11:43:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Set-Cookie: sspuid=wQO4pWMXnlgJSwE7ZxyKAoFwRSAfxh7xaZwf7nLk/qyd23Pe; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=.ssp-rtb.sape.ru; path=/; Secure; SameSite=None
www.blwengineers.com/wp-content/themes/BLWEngineers/font/font.css
200 OK 26 kB URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/font/font.css
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type Unicode text, UTF-8 text, with very long lines (32051)
Hash 0f472700ba0f2385c3d4d4984e8bd836
ada76c7bca57049112f8be1bbde725906ce5d9a8
be138a97f6266add690413e2226c644cbc6d21524d648936fd84a18fc648be6f
GET /wp-content/themes/BLWEngineers/font/font.css HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:56:46 GMT
etag: W/"118e-4fc05fff4e7f5"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
px.adhigh.net/p/cm/sape?u=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0A0909B0579E17636F00C23F02593A04
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/cm/sape?u=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
content-length: 0
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
set-cookie: gi_u=u0Z4OHssqIXX.AikABlGDFEKKsA;Path=/;Domain=.adhigh.net;Expires=Wed, 06-Sep-2023 19:24:08 GMT;Secure;SameSite=None
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
location: https://px.adhigh.net/p/cm/sape?u=0A0909B0579E17636F00C23F02593A04&bounced=1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash eb06856d8626b77967ed070bc7d1ffce
8b064471057dedcaab5b3c488ac444aa77612a62
a328ae2472dd94315bf6b27e28895f2d1c61cf13272d2230cdfb8d27c50cac94
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 04:09:17 GMT
Expires: Tue, 13 Sep 2022 04:09:16 GMT
Etag: "8b064471057dedcaab5b3c488ac444aa77612a62"
Cache-Control: max-age=549307,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74699549af70b505-OSL
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash b9ef6f4d2c0f3d987b478b6e302da283
598920365f4ed4e9b59c0527abd4dd109f792307
0b6e9c52812791eafe97a37666428e40d2296c8ada10733497fc76e70ae9cd1f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Sep 2022 03:20:25 GMT
Expires: Wed, 07 Sep 2022 03:20:25 GMT
ETag: "598920365f4ed4e9b59c0527abd4dd109f792307"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6303652956
302 Moved Temporarily 40 B URL HTTP/1.1 ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6303652956
IP
File type ASCII text, with CRLF line terminators
Hash 251630b588179b239e8fab1ac9ef6d3a
91b91a97bc481dd2bbd5e0f3fea6ba1c4e843882
c95661e0ef6975b1df5361695a439f71a021d72c345023c3e668e84f35b3c38b
GET /cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-6303652956 HTTP/1.1
Host: ad.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Set-Cookie: cid=0; expires=Thu, 05 Sep 2024 19:24:08 GMT; path=/; domain=.adriver.ru;
uid=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; path=/; domain=.adriver.ru
Location: https://www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:08 GMT; Path=/; Domain=.betweendigital.com
tuuid=42cd41e4-4f7b-52f9-8213-5de7e104c3bf; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:08 GMT; Path=/; Domain=.betweendigital.com
ut=YxeeWAAMRKAH8jwCOxLXtU0l-SfhX_ojU5hOvw==; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:08 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
acint.net/match?dp=14&euid=A5B803C1589E17633B014B09028A1C67
200 OK 43 B URL HTTP/2 acint.net/match?dp=14&euid=A5B803C1589E17633B014B09028A1C67
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=14&euid=A5B803C1589E17633B014B09028A1C67 HTTP/1.1
Host: acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:08 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 4b04cfcaba58cfb0135f44aaea918eec
cc9b8020d2aa3e41518c82621cc7d68d41bf0afc
5e37153c28ddba3f445a51ecf22128d61926bb5b9e7c4f824af324ce4d7e1096
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 19:24:08 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 14:18:47 GMT
Expires: Tue, 13 Sep 2022 14:18:46 GMT
Etag: "cc9b8020d2aa3e41518c82621cc7d68d41bf0afc"
Cache-Control: max-age=585877,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7469954a3d46fac4-OSL
buttons-config.sharethis.com/js/60f2f06b76fa40001968a1df.js
200 OK 559 B URL HTTP/2 buttons-config.sharethis.com/js/60f2f06b76fa40001968a1df.js
IP
File type ASCII text, with very long lines (559), with no line terminators
Hash 23c189530ccf9a1002df9fe476c2cfde
6301577c3361e7b78e206d83fbe3128d1a6bd40c
2b571a39041dba835a4ef6c02874fdf336450aba8dade3dea6405662a90846ff
GET /js/60f2f06b76fa40001968a1df.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 559
date: Tue, 06 Sep 2022 19:24:09 GMT
last-modified: Sat, 17 Jul 2021 15:12:02 GMT
etag: "23c189530ccf9a1002df9fe476c2cfde"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=60
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rW52326-coitvF4IeVic0wbbUuOJWZbadHRCgitckye_yk-Q1kZnzQ==
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 19:24:08 GMT
content-length: 0
location: https://x01.aidata.io/0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04&bounce=1
expires: Tue, 06 Sep 2022 19:24:07 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 06 Sep 2022 19:24:07 GMT
set-cookie: __upin=X93xF2JEPJIvXJuAFiMrNg;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1662492248;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/linkedin.svg
200 OK 456 B URL HTTP/2 platform-cdn.sharethis.com/img/linkedin.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash fa43b4ede18498b114fc7185993f6da7
53c9d2acffab46dd9da8872ee6d8c0d7cab42fd8
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
GET /img/linkedin.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 456
date: Mon, 29 Aug 2022 03:10:45 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _TwfiwdbJZtAvr9Drd-QKg3CZYf-NZe46FndA1Sv7Hv_RemMTNrtpQ==
age: 749605
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/arrow_left.svg
200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_left.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash b55d8d2b9321e381a3c38a4bddb74037
000c29635758e608bbe15d191e953adb27627c2e
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
GET /img/arrow_left.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
date: Mon, 08 Aug 2022 05:01:46 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Iue1nfW49XqQjJ4VOxuv9IopV0bO4OHBFo75XPCPNDEdq5I4xrhGIA==
age: 2557343
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/arrow_right.svg
200 OK 565 B URL HTTP/2 platform-cdn.sharethis.com/img/arrow_right.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Hash 9928d025bd5792b718ee0a185f62e67c
16406d7b5b6d383b12859b853cf6cb7e3733e33d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
GET /img/arrow_right.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 13 Aug 2022 23:55:51 GMT
cache-control: public, max-age=2592000
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IuwRZU7V8nwSJO1v-nUKmvayUVr1SL-q7NdxVQQUP5MnhDfCn9SsNQ==
age: 2057305
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/twitter.svg
200 OK 731 B URL HTTP/2 platform-cdn.sharethis.com/img/twitter.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Hash 0af2fb38987598376c99e21af17ade45
bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 13 Aug 2022 02:42:10 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BauUvJ37lJtcSMYjC6uWA3alFpSNXvVXYpQsOhgw8HhdEQCsewWQng==
age: 2133720
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/facebook.svg
200 OK 301 B URL HTTP/2 platform-cdn.sharethis.com/img/facebook.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c6e9be45643e197ce1db1d7e24a99adc
d7338e398bb0f7a9082d24f121140d2cf9e88859
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 11 Aug 2022 23:48:37 GMT
cache-control: public, max-age=2592000
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0rnnWOgqVzLMs1gsxunQ1UY7hHuxfiAcR1PrB4RgwH3kCH4M-9WwWw==
age: 2230534
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/email.svg
200 OK 343 B URL HTTP/2 platform-cdn.sharethis.com/img/email.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5977437466e857c7ddcadda6f6d88c2a
19c6378daa1f946ca225fb8d9e039e1f7762fb0d
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
GET /img/email.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 343
date: Mon, 22 Aug 2022 04:56:04 GMT
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o9qYcGUQesHQiiLk3FyA1TMzARQGxwp0hEEL9VWWheKYqfNrmSMCqA==
age: 1348086
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/sharethis.svg
200 OK 514 B URL HTTP/2 platform-cdn.sharethis.com/img/sharethis.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (358)
Hash deecdaa377907db5cc1722fc831670a1
4e39e0fd5742cc1460e24620df4a360abb71290e
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
GET /img/sharethis.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 514
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 10 Aug 2022 06:56:38 GMT
cache-control: public, max-age=2592000
etag: "deecdaa377907db5cc1722fc831670a1"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wuI61-5TafFgG12hylw1WxcoUTrB7n6aDGEcJfuaRILnAUwK0KFWGg==
age: 2377651
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=35313&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
tuuid=dbb710be-16fc-52f9-9724-2704f433b95d; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
ut=YxeeWQABKOBWt82OeIDey3tPO2rDO08N6mXIrQ==; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04&crf=1
200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04&crf=1
IP
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=73&external_user_id=0A0909B0579E17636F00C23F02593A04&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
tuuid=2fb2c9d1-912d-52f9-8eb9-4e03edaed05a; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
ut=YxeeWQABNJjh1NcvXKcG89hKQSTEregs2KgUBg==; Max-Age=31536000; Expires=Wed, 06 Sep 2023 19:24:09 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
www.acint.net/match?dp=104&euid=upFjLmCtYtzV
200 OK 43 B URL HTTP/2 www.acint.net/match?dp=104&euid=upFjLmCtYtzV
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /match?dp=104&euid=upFjLmCtYtzV HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:09 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
302 Found 154 B URL HTTP/2 www.acint.net/rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /rmatch?dp=45&euid=0&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Tue, 06 Sep 2022 19:24:09 GMT
content-type: text/html
content-length: 154
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0579E17636F00C23F02593A04
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
x01.aidata.io/0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04&bounce=1
204 No Content 0 B URL HTTP/2 x01.aidata.io/0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04&bounce=1
IP
ASN #197695 Domain names registrar REG.RU, Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /0.gif?pid=9401454&id=0A0909B0579E17636F00C23F02593A04&bounce=1 HTTP/1.1
Host: x01.aidata.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 19:24:09 GMT
expires: Tue, 06 Sep 2022 19:24:08 GMT
access-control-allow-methods: GET, POST
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
last-modified: Tue, 06 Sep 2022 19:24:08 GMT
set-cookie: __upin=cub2/CZBY8fhSU2U2aWu7g;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
__upints=1662492249;domain=.aidata.io;path=/;max-age=63072000;SameSite=None;Secure
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
X-Firefox-Spdy: h2
sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0579E17636F00C23F02593A04
301 Moved Permanently 0 B URL HTTP/1.1 sm.rtb.mts.ru/match/second?ssp=30&exu=0A0909B0579E17636F00C23F02593A04
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/second?ssp=30&exu=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: sm.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Vary: Origin
Cache-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://tech.rtb.mts.ru/
px.adhigh.net/p/cm/sape?u=0A0909B0579E17636F00C23F02593A04&bounced=1
200 OK 49 B URL HTTP/2 px.adhigh.net/p/cm/sape?u=0A0909B0579E17636F00C23F02593A04&bounced=1
IP
ASN #48061 Limited Liability Company GPM Digital Technologies
File type GIF image data, version 89a, 1 x 1\012- data
Hash 889bc1fffc025af4685839fb516a0b8b
7f105137a4eafe93213ecd8cc34dd907c340467c
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
GET /p/cm/sape?u=0A0909B0579E17636F00C23F02593A04&bounced=1 HTTP/1.1
Host: px.adhigh.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:24:09 GMT
content-type: image/gif
content-length: 49
x-backend-id: f20-ru
access-control-allow-origin: *
access-control-allow-credentials: true
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store
X-Firefox-Spdy: h2
ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0579E17636F00C23F02593A04
200 OK 42 B URL HTTP/1.1 ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0579E17636F00C23F02593A04
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cgi-bin/sync.cgi?ssp_id=43&external_id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: ssp.adriver.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
tag.digitaltarget.ru/processor.js?i=226305418745708
200 OK 16 kB URL HTTP/1.1 tag.digitaltarget.ru/processor.js?i=226305418745708
IP
File type ASCII text, with very long lines (15878), with no line terminators
Hash 5fb72141505b525aa1ac96bf2f2fdd8b
5e463c12f0e56864739dbe44e419d01cd9ebd84d
3329813e0c2788f727bbb57c75a5751c683649372d99dd1a3627f2f7d95e2e58
GET /processor.js?i=226305418745708 HTTP/1.1
Host: tag.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Type: application/javascript
Content-Length: 15878
Last-Modified: Tue, 06 Sep 2022 19:04:41 GMT
Connection: keep-alive
ETag: "631799c9-3e06"
Accept-Ranges: bytes
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.blwengineers.com%2F
200 OK 244 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.blwengineers.com%2F
IP
File type ASCII text, with no line terminators
Hash 0fe62e7cd83fd9f90ca9c47c587f9dc2
ba63dd2f489dd8cfa671c85ec9fef21297e07364
41c9b08963d2208270afc56beb25eb42b84cfe622503668af27116315640d86c
GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fwww.blwengineers.com%2F HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 244
date: Tue, 06 Sep 2022 19:24:09 GMT
cache-control: public, max-age=900
apigw-requestid: YDWt8gtCoAMEPUA=
etag: 0fe62e7cd83fd9f90ca9c47c587f9dc2
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: RefreshHit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4WKs2hQRzJOZN5SGs38czQ6CZYkquLGtSa6G9wans5vye6ltd5_maA==
X-Firefox-Spdy: h2
tech.rtb.mts.ru/
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: tech.rtb.mts.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.2
Date: Tue, 06 Sep 2022 19:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 52235329397af274fe1489836ce5523a
cdb7071e8529fcb584c2103f8cdb95fb1934713a
7b61731d53c12884c26d27614f6ca741a31008b652f92051924e6b988440741e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B61731D53C12884C26D27614F6CA741A31008B652F92051924E6B988440741E"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4126
Expires: Tue, 06 Sep 2022 20:32:55 GMT
Date: Tue, 06 Sep 2022 19:24:09 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 52235329397af274fe1489836ce5523a
cdb7071e8529fcb584c2103f8cdb95fb1934713a
7b61731d53c12884c26d27614f6ca741a31008b652f92051924e6b988440741e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B61731D53C12884C26D27614F6CA741A31008B652F92051924E6B988440741E"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4126
Expires: Tue, 06 Sep 2022 20:32:55 GMT
Date: Tue, 06 Sep 2022 19:24:09 GMT
Connection: keep-alive
dmg.digitaltarget.ru/1/1093/i/i?i=542507292280197.117147890172280&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=542507292280197.117147890172280&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=542507292280197.117147890172280&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=542507292280197.117147890172280&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_noorient
Set-Cookie: viuserid=dMuykE81rsq0kwK75lkX; Max-Age=93312000; Expires=Thu, 21 Aug 2025 19:24:09 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
dmg.digitaltarget.ru/1/1093/i/i?i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
307 Temporary Redirect 0 B URL HTTP/1.1 dmg.digitaltarget.ru/1/1093/i/i?i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1/1093/i/i?i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Length: 0
Connection: keep-alive
Location: https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
Set-Cookie: viuserid=oIpKUC5PFoIwjPr7KVHU; Max-Age=93312000; Expires=Thu, 21 Aug 2025 19:24:09 GMT; SameSite=None; Path=/; Domain=dmg.digitaltarget.ru; Secure; HTTPOnly
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
an.yandex.ru/mapuid/sapeis/0A0909B0579E17636F00C23F02593A04?redir-setuniq=1
200 OK 114 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0A0909B0579E17636F00C23F02593A04?redir-setuniq=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 87ab759c629a0958d59a02c5ee31a764
53a2a7af60dac632d54b144faaa7968908cc18ed
5c28cf37909547c8b0c601f2d92ae5c94ffc856729f6d9183c417b47887975fb
GET /mapuid/sapeis/0A0909B0579E17636F00C23F02593A04?redir-setuniq=1 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
date: Tue, 06 Sep 2022 19:24:09 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06 Sep 2022 19:24:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 06 Sep 2022 19:24:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=utf-8
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
200 OK 64 B URL HTTP/1.1 dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ffd585dfb1ac6320633a0be46d579437
5a6033d23bc9cd5d1de9ee61de69a44428086dcb
df18d81deb0cc1c48ae87e6481bb4ee375b40cce0fec3d226e002704d49f6cc8
GET /awg/custom/1093/i/i?call_source=awg&i=542507292280197.573096475056806&a=77&e=0A0909B0579E17636F00C23F02593A04&pref=https%3A%2F%2Fwww.blwengineers.com%2F&c=ss:77.up:0A0909B0579E17636F00C23F02593A04.sync:up.xdua:duNR7Feg3lR5AvasNkeJxYpk.xps:xpsf7VfcxezaAvd8UfQEgerbj.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP/1.1
Host: dmg.digitaltarget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 19:24:09 GMT
Content-Type: image/gif
Content-Length: 64
Connection: keep-alive
Vary: Accept-Encoding
Request-Time: 0
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Access-Control-Max-Age: 86400
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true
X-Permitted-Cross-Domain-Policies: master-only
www.acint.net/ping/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=45884607&dT=2022-09-06T19%3A24%3A04.611
200 OK 43 B URL HTTP/2 www.acint.net/ping/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=45884607&dT=2022-09-06T19%3A24%3A04.611
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /ping/?v=0.4.0&uid=bef54db9-fa6e-44ef-825b-a4c18a010750&dp=10&tz=%2B00%3A00&nc=45884607&dT=2022-09-06T19%3A24%3A04.611 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm; cSyncDp7v2=1662492247; cSyncDp14v3=1662492247; cSyncDp17=1662492247; cSyncDp32=1662492247; cSyncDp45v3=1662492247; cSyncDp53=1662492247; cSyncDp54v2=1662492247; cSyncDp62=1662492247; cSyncDp67v2=1662492247; cSyncDp68=1662492247; cSyncDp71=1662492247; cSyncDp77=1662492247; cSyncDp84=1662492247; cSyncDp85=1662492247; cSyncDp95v3=1662492247; cSyncDp101=1662492247; cSyncDp104v2=1662492247; cSyncDp107=1662492247; cSyncDp110=1662492247; cSyncDp111v2=1662492247; cSyncDp112v2=1662492247; cSyncDp125v2=1662492247; cSyncDp126=1662492247; cSyncDp127=1662492247; cSyncDp129=1662492247; cSyncDp136v2=1662492247; cSyncDp138=1662492247; cSyncDp144=1662492247; cSyncDp146=1662492247; cSyncDp148=1662492247; cSyncDp149=1662492247; cSyncDp151=1662492247; cSyncDp179=1662492247; cSyncDp186=1662492247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:10 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Wed, 19 Apr 2000 11:43:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
www.blwengineers.com/favicon.ico
302 Found 0 B URL HTTP/2 www.blwengineers.com/favicon.ico
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Cookie: fid=6ce9ad0f-7661-45f6-b28b-c8d5d1ce23e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:11 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.blwengineers.com/wp-includes/images/w-logo-blue-white-bg.png
x-powered-by: PHP/7.4.23
link: <https://www.blwengineers.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
set-cookie: VOOKED=1; expires=Sun, 02-Oct-2022 19:24:08 GMT; Max-Age=2246400
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/images/w-logo-blue-white-bg.png
200 OK 4.1 kB URL HTTP/2 www.blwengineers.com/wp-includes/images/w-logo-blue-white-bg.png
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Cookie: fid=6ce9ad0f-7661-45f6-b28b-c8d5d1ce23e1; _ga=GA1.2.2064690959.1662492243; _gid=GA1.2.1999981220.1662492243; _gat=1; VOOKED=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:11 GMT
content-type: image/png
content-length: 4119
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:40 GMT
etag: "1017-5c79be04f20c8"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XjbO8y9D7PhQcN0XaBkmhcjzWCMRczO80wxAJa4gUFQZPrS6eb3Z3A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:59 GMT
age: 77713
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jQuery.min.js
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jQuery.min.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jQuery.min.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jun 2014 13:13:45 GMT
etag: W/"74798-4fc1c07baefff"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/widgetkit/widgets/lightbox/js/lightbox.js?wkv=1.4.6
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/widgetkit/widgets/lightbox/js/lightbox.js?wkv=1.4.6
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/widgetkit/widgets/lightbox/js/lightbox.js?wkv=1.4.6 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 14:32:28 GMT
etag: W/"601d-4fc090360f06c"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jQuery.1.11.0.js
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jQuery.1.11.0.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jQuery.1.11.0.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:01 GMT
etag: W/"2119b-4fc060470651f"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
an.yandex.ru/mapuid/sapeis/0A0909B0579E17636F00C23F02593A04
302 Found 0 B URL HTTP/2 an.yandex.ru/mapuid/sapeis/0A0909B0579E17636F00C23F02593A04
IP
GET /mapuid/sapeis/0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: an.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.acint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
location: https://an.yandex.ru/mapuid/sapeis/0A0909B0579E17636F00C23F02593A04?redir-setuniq=1
date: Tue, 06 Sep 2022 19:24:08 GMT
set-cookie: yandexuid=8122876271662492248; domain=.yandex.ru; path=/; expires=Fri, 03-Sep-2032 19:24:08 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06 Sep 2022 19:24:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
last-modified: Tue, 06 Sep 2022 19:24:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-encoding: gzip
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/style.css?1403603446
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/style.css?1403603446
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/style.css?1403603446 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 24 Jun 2014 09:50:46 GMT
etag: W/"3760-4fc91e4d3ab5c"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.liquid-slider.min.js
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.liquid-slider.min.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jquery.liquid-slider.min.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:09 GMT
etag: W/"52d2-4fc0604ee4477"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/css/liquid-slider.css
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/css/liquid-slider.css
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-content/themes/BLWEngineers/css/liquid-slider.css HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:56:36 GMT
etag: W/"c0a-4fc05ff5c8f71"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.9
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.9
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/metaslider/public.css?ver=3.27.9 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Sep 2022 19:12:43 GMT
etag: W/"1a3e-5e806fb141d42"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.27.9
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.27.9
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/sliders/nivoslider/themes/default/default.css?ver=3.27.9 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Sep 2022 19:12:43 GMT
etag: W/"7ba-5e806fb17f97d"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/js/wp-embed.min.js?ver=5.8.5
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:45 GMT
etag: W/"592-5c79be0966ad8"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/sms.svg
200 OK 0 B URL HTTP/2 platform-cdn.sharethis.com/img/sms.svg
IP
GET /img/sms.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Fri, 26 Aug 2022 03:57:06 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: W/"e7eca7e85a8b3599935b0649debb23f2"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: twwkwdGru5xRDJN1TLHYcCv8mdYGGOtZbYju7sp9dD0i8DC_Cpjddg==
age: 1006024
X-Firefox-Spdy: h2
www.acint.net/mc/?dp=10&tc=1
200 OK 0 B URL HTTP/2 www.acint.net/mc/?dp=10&tc=1
IP
ASN #24940 Hetzner Online GmbH
GET /mc/?dp=10&tc=1 HTTP/1.1
Host: www.acint.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Cookie: test_cookie=CheckForPermission; aid=sAkJCmMXnlc/wgBvBDpZAgF5+Bzm1zNMP/aqt9b8LOc+7Cdm
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: text/html
set-cookie: cSyncDp7v2=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp14v3=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp17=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp32=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp45v3=1662492247; expires=Wed, 07-Sep-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp53=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp54v2=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp62=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp67v2=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp68=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp71=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp77=1662492247; expires=Tue, 20-Sep-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp84=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp85=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp95v3=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp101=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp104v2=1662492247; expires=Tue, 20-Sep-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp107=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp110=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp111v2=1662492247; expires=Tue, 20-Sep-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp112v2=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp125v2=1662492247; expires=Wed, 21-Sep-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp126=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp127=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp129=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp136v2=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp138=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp144=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp146=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp148=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp149=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp151=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp179=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
cSyncDp186=1662492247; expires=Thu, 06-Oct-22 19:24:07 GMT; path=/; Secure; SameSite=None; domain=.acint.net
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:41 GMT
etag: W/"1906-5c79be05ee815"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=3.27.9
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=3.27.9
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/sliders/nivoslider/jquery.nivo.slider.pack.js?ver=3.27.9 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Sep 2022 19:12:43 GMT
etag: W/"2e88-5e806fb18a51e"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Gilda+Display|News+Cycle:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Gilda+Display|News+Cycle:400,700
IP
GET /css?family=Gilda+Display|News+Cycle:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blwengineers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 19:24:06 GMT
date: Tue, 06 Sep 2022 19:24:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.touchSwipe.min.js
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.touchSwipe.min.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jquery.touchSwipe.min.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:17 GMT
etag: W/"29d4-4fc06056e6986"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0579E17636F00C23F02593A04
200 OK 0 B URL HTTP/2 adlmerge.com/merge_gpsid/?sid=50&id=0A0909B0579E17636F00C23F02593A04
IP
ASN #60781 LeaseWeb Netherlands B.V.
GET /merge_gpsid/?sid=50&id=0A0909B0579E17636F00C23F02593A04 HTTP/1.1
Host: adlmerge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.acint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.0
date: Tue, 06 Sep 2022 19:24:07 GMT
content-type: image/gif
iseu: eu
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6.1 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 May 2022 19:13:00 GMT
etag: W/"aab-5df4e0bb38c5f"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.meanmenu.js
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/themes/BLWEngineers/js/jquery.meanmenu.js
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/BLWEngineers/js/jquery.meanmenu.js HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Jun 2014 10:58:11 GMT
etag: W/"30f2-4fc06050f0ab7"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: application/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Jul 2021 05:59:43 GMT
etag: W/"15db1-5c79be07fb275"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/
200 OK 0 B IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.23
x-pingback: https://www.blwengineers.com/xmlrpc.php
link: <https://www.blwengineers.com/wp-json/>; rel="https://api.w.org/", <https://www.blwengineers.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://www.blwengineers.com/>; rel=shortlink
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=3.27.9
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=3.27.9
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ml-slider/assets/sliders/nivoslider/nivo-slider.css?ver=3.27.9 HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Sep 2022 19:12:43 GMT
etag: W/"80a-5e806fb18c07c"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
www.blwengineers.com/wp-content/plugins/widgetkit/cache/widgetkit-9aa58fd1.css
200 OK 0 B URL HTTP/2 www.blwengineers.com/wp-content/plugins/widgetkit/cache/widgetkit-9aa58fd1.css
IP
ASN #19871 NETWORK-SOLUTIONS-HOSTING
GET /wp-content/plugins/widgetkit/cache/widgetkit-9aa58fd1.css HTTP/1.1
Host: www.blwengineers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blwengineers.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty/1.19.9.1
date: Tue, 06 Sep 2022 19:24:06 GMT
content-type: text/css
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
expect-ct: max-age=7776000, enforce
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Jun 2014 05:58:57 GMT
etag: W/"6a69-4fc15f4be7d48"
x-frame-options: SAMEORIGIN
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2
209.17.116.160
31.172.81.159
94.100.180.197
104.18.21.226
139.45.228.100
23.36.76.226
65.108.236.88
95.211.66.35
188.42.191.196