| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash1273d41c84b2b39f78a8033130d00282 556757697b70e019ed502585fcc888e2403f3229 ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Thu, 06 Oct 2022 21:50:44 GMT
Date: Thu, 06 Oct 2022 19:59:36 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 54.230.111.7 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oYwo6QW2H5q9Lj8oq7yRPLb9rehs1n-Mv7jLXNUPufzrNSUD8T_AKw==
Age: 101538
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash94a09d62ab3057cda67a091c8d7478f5 b1c9d223a951d0bc9f17c9f3b84501266a552b58 582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12218
Expires: Thu, 06 Oct 2022 23:23:14 GMT
Date: Thu, 06 Oct 2022 19:59:36 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6sXfMo2DyhfGRozPmqop3wUATgXl0RWEHdgsvDRBQxtzitFYwM6vfRfO7zzHnPqFrOfba5uRB5DC5NY6eAHslw==
x-amz-request-id: 3QTSWJ6V76TY99S9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 19:30:54 GMT
age: 1722
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 19:59:36 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dheadquarters.org/FirstAm/amfrist_2022/ | 104.128.239.170 | 200 OK | 25 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/ IP104.128.239.170:0
File typeHTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1005), with CRLF line terminators Hash0269150cd6930d3ff6db86f922c93acc faf42312c861ae37342fed1755cd4f3532d8ffa8 07045b063e1335a810a1fe023bcbb20ec1cd273622acbbce2e2e7311800bc5ab
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/ HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:36 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 17:12:42 GMT
Accept-Ranges: bytes
Content-Length: 25157
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.7 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 19:29:41 GMT
Expires: Thu, 06 Oct 2022 20:07:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EeC4UaYtuYFG_m6i9IQjiJ-7FxkVc07BTQhsCbSeNlOTUn23HPqkAw==
Age: 1796
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash8be5570b9a5ca76c580da007a824b029 38840f2ac6476bdd5608121c5653e338c7ad9715 0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4187
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:37 GMT
Last-Modified: Thu, 06 Oct 2022 18:49:50 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.js.download | 104.128.239.170 | 200 OK | 414 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Size414 kB (414191 bytes) Hasheac2cb2383cd3f3ad0377f0b32a7cf19 6c35067ec5292640d392a82ef259b7cb02bfa458 54425d0a2d602313ee61a54edb63f7fda5f5ec80d1404c1197e8380ff0405b39
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:36 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 414191
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/global.js.download | 104.128.239.170 | 200 OK | 20 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/global.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Hashb67fcfdc64c7835d333aa584928e73ea 77ec4d52795fb59d95a8b9a58f33f8c08a684454 e38e1ffd0bc302b0db6cbdc3eddfee6213608574ecb799013495413d957c07f8
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/global.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:37 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 20434
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| push.services.mozilla.com/ | 52.42.148.177 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.42.148.177:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xpj+18ZTkrRKhppOQjCeyA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SCBY4QwCN1mhNMe2JavEO2Hhmgg=
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.Counter.js.download | 104.128.239.170 | 200 OK | 8.2 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.Counter.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Hash301d422f9a4912a3873bb0c28a3a63d8 bff5de31df402ca8be3f45fa32c446f3ab9eb260 2c12838e5b8fa4c869a618432ac2aca892eeabbdd8101a44f9bda328f34524a6
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.Counter.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:37 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 8154
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.numeric.js.download | 104.128.239.170 | 200 OK | 3.8 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.numeric.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Hash4b368d6dd27d8460d26f57ba404135f9 b57d1c40e2d9fc785abe910aa1e67f2131b32fe5 cfd33fb7fab2efda3142656fc60e0a9b7b58784b9b2cc17cd4134bb8a0d3b1de
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.numeric.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:37 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 3790
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.validate.pack.js.download | 104.128.239.170 | 200 OK | 14 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.validate.pack.js.download IP104.128.239.170:0
File typeUnicode text, UTF-8 text, with very long lines (13941), with CRLF line terminators Hash2c526d2d308826d59f0204d91771c65b 845688289f4d6cd9bdd2882cdfcd8a19f341f64c 3667a93311db69901a8a8bd03c9a7faa1c5a6091c056517e704344e83373c1b2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery.validate.pack.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:37 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 14381
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/tracking.js.download | 104.128.239.170 | 200 OK | 11 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/tracking.js.download IP104.128.239.170:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (344), with CRLF line terminators Hash47398a18b18ca208ffc36e43e6639c41 d70826ae5c6e4613511e97b0238c5f85b68a524f ada8fcc5671e3ab46f31a7b30f55b73609c4bb3dd932bbc073f46b85af5b2397
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/tracking.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 10998
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Login.js.download | 104.128.239.170 | 200 OK | 4.7 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Login.js.download IP104.128.239.170:0
File typeUnicode text, UTF-8 text, with very long lines (396), with CRLF line terminators Hashbbe3f480f4b1b7783ea31a56e163eae8 850d9e5352cfb4e2c87919a55551c60e369cc2cb 5dba1326abf9b871b92d34d9f7efbfdb8dc035c0e293561c23ce455ab2273733
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Login.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 4725
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/enquire.js.download | 104.128.239.170 | 200 OK | 9.9 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/enquire.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Hash64c3403527b7591ff035cffe59213480 291dc09d55c9352cccc909a8622a9233ba79a5f8 8921d8448afb6e85a129ae8058e949d6f6d6be7a82ae7d1f658e94e1f0dba13e
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/enquire.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 9865
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/main.js.download | 104.128.239.170 | 200 OK | 3.7 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/main.js.download IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Hash5d6406bc6c60e6d5df1764ed63763122 f4e5ce689e09a68c708264e85244e986eead9e3a 033a4970b960d69c71ef501dfa54cd23e10a242611503ceb6e002bcc96f6ebc0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/main.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 3667
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641.js.download | 104.128.239.170 | 200 OK | 24 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641.js.download IP104.128.239.170:0
File typeASCII text, with very long lines (23689) Hashe6e981b085be4eaabe9eecc468b5b2b2 7160aa2d9a3c862ca161e166d9beea6717a135ff 809fdbc7a455e6a2488c3e4198639de9994626a3cc28824a037e06057e55fee2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 24120
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641 | 104.128.239.170 | 200 OK | 24 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641 IP104.128.239.170:0
File typeASCII text, with very long lines (23689) Hash1714bb28421979fa0dbaccd33fa1f5b2 da9b7e2c5bc3263f48e8d359f50094d17360b281 60df656b77365d6167e2e44916fa6791827b625e1a602ab4abbf3e76b9d97c64
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/e8548821-01c7-4e01-7734-8a0780992641 HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:10 GMT
Accept-Ranges: bytes
Content-Length: 24135
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.css | 104.128.239.170 | 200 OK | 30 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.css IP104.128.239.170:0
File typeASCII text, with very long lines (26756) Hash53c571dfdf06bf5d0f112d313169b3c9 16eed657d3a45f10fd621dd650db46bb63be05c5 217d4948c8477cebd1df8458579adc16f191761fc62588ce3ef12cf4c9016741
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.css HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 29695
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Site.js.download | 104.128.239.170 | 200 OK | 50 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Site.js.download IP104.128.239.170:0
File typeUnicode text, UTF-8 (with BOM) text, with very long lines (907), with CRLF line terminators Hash70e2b03f5914c49f0ccf7e3a07e602ec e28e61396b6ad4e527b0d9f42bc86cc623fe3ff6 21008eab16bb86110cf4ada147779ee7fd588bf5b481614b2c07040dcc770807
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Site.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 50023
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20413
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 19:59:38 GMT
Connection: keep-alive
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min-1.js.download | 104.128.239.170 | 200 OK | 254 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min-1.js.download IP104.128.239.170:0
File typeASCII text, with very long lines (32073) Size254 kB (253668 bytes) Hash0a497d4661df7b82feee14332ce0bdaf f77d06b0c5dedef1f1db051a44a2b0d7f233ba3a 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min-1.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 253668
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20413
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 19:59:38 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg | 34.120.237.76 | 200 OK | 7.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe5a5ee14d41747f46e71f04782e1a3d3 b0205176a58913f57056b91674097bfb58046e97 b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7385
x-amzn-requestid: f3b30c95-2f19-4d70-b358-ff7e1e1c56f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHJrIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5211c3087ea4f0023b32b284;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: uka14Zb4NhZEmseL9817VqWrplnl8Yrmnp3oTVs6OeMjdCLI89QoVg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 80577
etag: "b0205176a58913f57056b91674097bfb58046e97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash31e440ccd993c4ee793f50511c2ac7c4 4380327d50b7001d158aee05a57c6078e57c94e4 65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20413
Expires: Fri, 07 Oct 2022 01:39:51 GMT
Date: Thu, 06 Oct 2022 19:59:38 GMT
Connection: keep-alive
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/device.min.js.download | 104.128.239.170 | 200 OK | 3.3 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/device.min.js.download IP104.128.239.170:0
File typeASCII text, with very long lines (3272), with CRLF line terminators Hash7273df397bc9692db7226480ce796641 31174ed8edc00cdf5b8d1862a613e4f51a6ed3cf 38c4d8545f516160836a743e226bdfc17fed5f4629060e113bb5be2b49a53544
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/device.min.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 3298
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2277f8f2d93b4bc3b05d348343177892 531d9e4ec9078cd2d7376a19fcb287084af36c82 62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 80494
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9e520f87cae411cfc2ed1c8a14184385 69ad212cb7ae309d4f02019552887135bfae67da 723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 80577
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash70ea26af79226e9ff06d6198e2c019dc ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57 f9393e7b8cbaedc8e1ef87fd89c617cf102f58813d84d866ff68e3124f94d44c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccecc8c9-b6da-4470-b2be-fa8d46df1cc2.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 127bce04-9f75-4bb1-bbe7-33bf1694d96c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmHG5oAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-3896085b3b73ff5403237206;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E4yZTPRLFdK717YfwjOIFOJDi0wYpyA736dQELeM5iPLvGDXBosEWg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 04:27:43 GMT
age: 55915
etag: "ae2c476667f63c7f642f0d9f4d0bc0d846b0ef57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg | 34.120.237.76 | 200 OK | 3.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash488ec5b4267ccb1cdc4e6e08556f7f3b 42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88 d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3430
x-amzn-requestid: 9b3b52d6-08b4-4893-962b-3dfe67e2f11d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjTijF0vIAMFq3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dffa9-0a128734418b6c4d6375e2ac;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 22:05:29 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: iRuujAZLL_0mf5_-FhMXpuWwHy-jidhBkFuBIZLo0tLlJArZgFEcbA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 16:10:55 GMT
age: 13723
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe238ccaa3b9fa88476a8514855e8232f 447cbf348ef10d0136a1811e843c46937defbba1 43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 79378
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css | 104.128.239.170 | 200 OK | 115 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Size115 kB (114773 bytes) Hashdb516bc8e1ba290617f9d4483b7699f8 f5a6370107f97f4df2f7214ee81eb33f28315be0 98c0553f9b287ab9c524d803fc57cdee2a63b195f7789abd592f349a2f58a049
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 114773
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.js.download | 104.128.239.170 | 200 OK | 254 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.js.download IP104.128.239.170:0
File typeASCII text, with very long lines (32074) Size254 kB (253669 bytes) Hashc15b1008dec3c8967ea657a7bb4baaec 78489e580adaef931e6e5b131dab556c397e4a1a 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/jquery-ui.min.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 253669
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.css | 104.128.239.170 | 200 OK | 760 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.css IP104.128.239.170:0
File typeASCII text, with CRLF line terminators Size760 kB (760459 bytes) Hash1d0b6733e8dd3dae5de286fd2e691bbe 564b6bc732b24895976bbac63f334af6a9139d31 34e203ef3ad6b3f8c0338991374d60dac29331ee56d6fcb0053432653f190e9b
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.css HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 760459
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.js.download | 104.128.239.170 | 200 OK | 753 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.js.download IP104.128.239.170:0
File typeASCII text, with CRLF, CR line terminators Size753 kB (752756 bytes) Hash5982ef747702e7319e8d7a4c9c12d5fe 577bb29a923cf4bf5cbb33a513abe30875b4327f 58927381b5cb8b2c81dfb93dfa7809e4409b60e6e5d2caf2202c65f625f69540
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.js.download HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:38 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:08 GMT
Accept-Ranges: bytes
Content-Length: 752756
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/css.css | 104.128.239.170 | 404 Not Found | 315 B |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/css.css IP104.128.239.170:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/css.css HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/semantic.css
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| cdn.pendo.io/agent/static/e8548821-01c7-4e01-7734-8a0780992641/pendo.js | 54.230.111.15 | 200 OK | 146 kB |
URL HTTP/1.1cdn.pendo.io/agent/static/e8548821-01c7-4e01-7734-8a0780992641/pendo.js IP54.230.111.15:0
File typeJava source, ASCII text, with very long lines (32028) Size146 kB (145692 bytes) Hash88d693dd2a66706cc22d21703fa41157 de6e126af3e9a454066a01ae9a09ec7ea7fe39c1 715c0b019d9ee1c01ae0544776f9bb09f4d0305fa41288d1d69b81028b9b1cf8
GET /agent/static/e8548821-01c7-4e01-7734-8a0780992641/pendo.js HTTP/1.1
Host: cdn.pendo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 145692
Connection: keep-alive
X-GUploader-UploadID: ADPycdvFgPZ8XOEUYs3qpUnr7TE_6lIK0Pbtp4fJ0OhQz-S075rI0bbbTUUXC42xN03RWNC1AyFFHNVbFHBpxV9XBihSKg
Last-Modified: Thu, 06 Oct 2022 18:14:11 GMT
x-goog-generation: 1665080051353154
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 145692
Content-Encoding: gzip
x-goog-hash: crc32c=iH+sOw==, md5=iNaT3SpmcGzCLSFwP6QRVw==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Server: UploadServer
Date: Thu, 06 Oct 2022 19:57:44 GMT
Cache-Control: max-age=450
Expires: Thu, 06 Oct 2022 20:05:14 GMT
ETag: "88d693dd2a66706cc22d21703fa41157"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jXzLw0P8bIkjgZvBofHkk3_qsl_kiQ5F5iQyjtfC_PMVSuFEEWaW2g==
Age: 115
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/mobile-apps.png | 104.128.239.170 | 200 OK | 7.8 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/mobile-apps.png IP104.128.239.170:0
File typePNG image data, 275 x 128, 8-bit/color RGBA, non-interlaced\012- data Hashf83fb08cfbe0cdc20d1f58024e1a0ecb 8aad0d841098f9a6a35a37c97d695753ddd6cff1 62f67e842b741bf04a1e0ebafb7b09615e9f280339c64da61f22cf3d0f0170c6
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/mobile-apps.png HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:10 GMT
Accept-Ranges: bytes
Content-Length: 7758
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Office365-720x360px.png | 104.128.239.170 | 200 OK | 26 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Office365-720x360px.png IP104.128.239.170:0
File typePNG image data, 720 x 360, 8-bit/color RGB, interlaced\012- data Hash2ce3829d0dd9ac4b597f29b5aa557b08 0c15c51bcde6cf03d528d0da8becaac128187e2d 3426b2b1c4b2c759081ad647735eacb21677997e3245726314b3cc7e3381c1e4
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/Office365-720x360px.png HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:10 GMT
Accept-Ranges: bytes
Content-Length: 26464
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-homebuilders.jpg | 104.128.239.170 | 200 OK | 2.9 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-homebuilders.jpg IP104.128.239.170:0
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 67x52, components 3\012- data Hashef8e07dc3adf6fec3e4d89233a2d4ba3 20c40ab65e908b2cd0dd4c16607457c1dfb16525 dc7f88ac6a882dc4a2fc5839a7dd96fa08066f56356fc43d4d349e816e52d1f4
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-homebuilders.jpg HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:10 GMT
Accept-Ranges: bytes
Content-Length: 2879
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/logo-hi-res.png | 104.128.239.170 | 200 OK | 21 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/logo-hi-res.png IP104.128.239.170:0
File typePNG image data, 472 x 110, 8-bit/color RGBA, non-interlaced\012- data Hash7f417bb9143048fe6c289ec840256a90 d85b03ffa00927d444bf557f4f69a371368449f2 eee6a511d13b5de3bedf76346faf5584e83aa9a05f2b58ec77fdd790a46ca878
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/logo-hi-res.png HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:45:16 GMT
Accept-Ranges: bytes
Content-Length: 21107
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/sprite.png | 104.128.239.170 | 200 OK | 14 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/sprite.png IP104.128.239.170:0
File typePNG image data, 263 x 104, 8-bit/color RGBA, non-interlaced\012- data Hash8312bbbb1b7c73f9ec4d9f17d2bb19b5 9c8beade91144852a413b2b81e25537024568c0d 75c23413a829e6171eff350f37d7246adcb0d1c6d2e4882685828495a6fa1361
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/sprite.png HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:38:56 GMT
Accept-Ranges: bytes
Content-Length: 14183
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/bg-login-building2.jpg | 104.128.239.170 | 200 OK | 71 kB |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/bg-login-building2.jpg IP104.128.239.170:0
File typeJPEG image data, baseline, precision 8, 934x315, components 3\012- data Hashcf4d204430eab507475f49ff99575c00 33ca1446ae13ab8348484c3f6815a590dc6f0cbd 8870f9bc5147d580615bc1b81db41c9c40ed50c7d4e65874ef5e5e655a2e9f3e
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/bg-login-building2.jpg HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/styles.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:35:08 GMT
Accept-Ranges: bytes
Content-Length: 70989
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| www.google-analytics.com/analytics.js | 216.239.34.178 | 200 OK | 20 kB |
URL HTTP/1.1www.google-analytics.com/analytics.js IP216.239.34.178:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Thu, 06 Oct 2022 18:10:28 GMT
Expires: Thu, 06 Oct 2022 20:10:28 GMT
Cache-Control: public, max-age=7200
Age: 6551
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
|
|
| dheadquarters.org/Themes/Default/Images/arrow-black.gif | 104.128.239.170 | 404 Not Found | 315 B |
URL HTTP/1.1dheadquarters.org/Themes/Default/Images/arrow-black.gif IP104.128.239.170:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Themes/Default/Images/arrow-black.gif HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| dheadquarters.org/Themes/Default/Images/ico-print-over.gif | 104.128.239.170 | 404 Not Found | 315 B |
URL HTTP/1.1dheadquarters.org/Themes/Default/Images/ico-print-over.gif IP104.128.239.170:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Themes/Default/Images/ico-print-over.gif HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| dheadquarters.org/Themes/Default/Images/ico-email-over.gif | 104.128.239.170 | 404 Not Found | 315 B |
URL HTTP/1.1dheadquarters.org/Themes/Default/Images/ico-email-over.gif IP104.128.239.170:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hasha34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /Themes/Default/Images/ico-email-over.gif HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 404 Not Found
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
|
|
| www.google-analytics.com/collect?v=1&_v=j98&a=484174236&t=pageview&_s=2&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&cd1=Null&cd2=Null&cd3=Null&cd4=Null&cd5=Null&z=789678629 | 216.239.34.178 | 200 OK | 35 B |
URL HTTP/1.1www.google-analytics.com/collect?v=1&_v=j98&a=484174236&t=pageview&_s=2&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&cd1=Null&cd2=Null&cd3=Null&cd4=Null&cd5=Null&z=789678629 IP216.239.34.178:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=484174236&t=pageview&_s=2&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=&gjid=&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&cd1=Null&cd2=Null&cd3=Null&cd4=Null&cd5=Null&z=789678629 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Wed, 05 Oct 2022 21:00:26 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 82753
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
|
|
| cdn.inspectlet.com/inspectlet.js | 172.67.10.172 | 200 OK | 64 kB |
URL HTTP/1.1cdn.inspectlet.com/inspectlet.js IP172.67.10.172:0
File typeASCII text, with very long lines (65471) Hash569b3965262c68b127413dd5861d1275 89e68f712df749fb2523d0941d2396aadad3d35a 0a22d9d9955ac06dfe50dafca2cb7ff4ac1e60fede2d4b7722ae969b914fa21d
GET /inspectlet.js HTTP/1.1
Host: cdn.inspectlet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=60, max-age=14400
Via: 1.1 vegur
CF-Cache-Status: HIT
Age: 60
Last-Modified: Thu, 06 Oct 2022 19:58:39 GMT
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7560fa924cefb515-OSL
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hash5eee2baed68ec922370bd283860860fd 7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4 7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=484174236&t=pageview&_s=1&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=17013346&gjid=426146453&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&_r=1&_slc=1&z=693349122 | 216.239.34.178 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=484174236&t=pageview&_s=1&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=17013346&gjid=426146453&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&_r=1&_slc=1&z=693349122 IP216.239.34.178:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j98&a=484174236&t=pageview&_s=1&dl=http%3A%2F%2Fdheadquarters.org%2FFirstAm%2Famfrist_2022%2F&ul=en-us&de=windows-1252&dt=Login%20-%20myFirstAm&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=17013346&gjid=426146453&cid=428912547.1665086380&tid=UA-10678812-7&_gid=1217389762.1665086380&_r=1&_slc=1&z=693349122 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://dheadquarters.org
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://dheadquarters.org
date: Thu, 06 Oct 2022 19:59:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 | 142.250.74.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 IP142.250.74.3:0
Hasha222cd943b3e512d2229ba04afab3ad5 aeb68b9862548f3820c8fd2a264e7c0f262c998a e33a357f9c54446bbcc3dfd32da92bfe7b96be1aa5482b927b882b59be80af44
POST /s/gts1d4/JzVxcj15eY0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashf763a685d14b05b6ced9792151da30b8 b25be5359245be857ffa1bddcb197cb771a36a45 505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 | 142.250.74.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 IP142.250.74.3:0
Hasha222cd943b3e512d2229ba04afab3ad5 aeb68b9862548f3820c8fd2a264e7c0f262c998a e33a357f9c54446bbcc3dfd32da92bfe7b96be1aa5482b927b882b59be80af44
POST /s/gts1d4/JzVxcj15eY0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 | 142.250.74.3 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1d4/JzVxcj15eY0 IP142.250.74.3:0
Hasha222cd943b3e512d2229ba04afab3ad5 aeb68b9862548f3820c8fd2a264e7c0f262c998a e33a357f9c54446bbcc3dfd32da92bfe7b96be1aa5482b927b882b59be80af44
POST /s/gts1d4/JzVxcj15eY0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| data.pendo.io/data/guide.gif/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1665086379883&v=2.155.1_prod | 34.107.204.85 | 200 OK | 42 B |
URL HTTP/2data.pendo.io/data/guide.gif/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1665086379883&v=2.155.1_prod IP34.107.204.85:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/guide.gif/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1665086379883&v=2.155.1_prod HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 19:59:40 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-real-estate-agents.jpg | 104.128.239.170 | 200 OK | 472 B |
URL HTTP/1.1dheadquarters.org/FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-real-estate-agents.jpg IP104.128.239.170:0
Hasha222cd943b3e512d2229ba04afab3ad5 aeb68b9862548f3820c8fd2a264e7c0f262c998a e33a357f9c54446bbcc3dfd32da92bfe7b96be1aa5482b927b882b59be80af44
GET /FirstAm/amfrist_2022/Login%20-%20myFirstAm_files/thumb-real-estate-agents.jpg HTTP/1.1
Host: dheadquarters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dheadquarters.org/FirstAm/amfrist_2022/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:39 GMT
Server: Apache
Last-Modified: Thu, 26 May 2022 16:05:10 GMT
Accept-Ranges: bytes
Content-Length: 3416
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| data.pendo.io/data/ptm.gif/e8548821-01c7-4e01-7734-8a0780992641?v=2.155.1_prod&ct=1665086379873&jzb=eJy9kU9v4jAQxb-LzxH5R9LADSgVe2jYZSmHVpVlsBOMnDjYDohFfHfGEAGrldBe4GbP-M37-c3XHpldxVAXccpKw7MdctBcya1mChteQMeP48hL4vClk7TbDtpwzY1UmFMQpbUQICCLhaxLc6qVUHJQrQS0l8ZUXdelS0bouibKMKVbUuXuG1fa9AqXFJni2uDACwIXBlVKVhp190gKiv9ywj-H6esYT3FWbgfreBxNBikI7Lt_3f-H8QBuRMGfp2T-46I05wta_dEspbNR0VfvYrO0AzJFCnZq_prOep_D_mg2aE9oOl7ZyHaGAXgYxAfnEmnBDLkbZ_KsOBsXe7w1UlJYzuaWEW0mLOeyvNbm9fUsSJnXJLcKVuKP3wgibFBh8CXP3m2JEmPfe7Hre67FgjkbwD6bBC0_ilo-Bk5qpz1gIUlysxAhCb23kCh81kIsSeMfJgEwPuDvQdg5fB8BpQdFYA | 34.107.204.85 | 200 OK | 42 B |
URL HTTP/2data.pendo.io/data/ptm.gif/e8548821-01c7-4e01-7734-8a0780992641?v=2.155.1_prod&ct=1665086379873&jzb=eJy9kU9v4jAQxb-LzxH5R9LADSgVe2jYZSmHVpVlsBOMnDjYDohFfHfGEAGrldBe4GbP-M37-c3XHpldxVAXccpKw7MdctBcya1mChteQMeP48hL4vClk7TbDtpwzY1UmFMQpbUQICCLhaxLc6qVUHJQrQS0l8ZUXdelS0bouibKMKVbUuXuG1fa9AqXFJni2uDACwIXBlVKVhp190gKiv9ywj-H6esYT3FWbgfreBxNBikI7Lt_3f-H8QBuRMGfp2T-46I05wta_dEspbNR0VfvYrO0AzJFCnZq_prOep_D_mg2aE9oOl7ZyHaGAXgYxAfnEmnBDLkbZ_KsOBsXe7w1UlJYzuaWEW0mLOeyvNbm9fUsSJnXJLcKVuKP3wgibFBh8CXP3m2JEmPfe7Hre67FgjkbwD6bBC0_ilo-Bk5qpz1gIUlysxAhCb23kCh81kIsSeMfJgEwPuDvQdg5fB8BpQdFYA IP34.107.204.85:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/ptm.gif/e8548821-01c7-4e01-7734-8a0780992641?v=2.155.1_prod&ct=1665086379873&jzb=eJy9kU9v4jAQxb-LzxH5R9LADSgVe2jYZSmHVpVlsBOMnDjYDohFfHfGEAGrldBe4GbP-M37-c3XHpldxVAXccpKw7MdctBcya1mChteQMeP48hL4vClk7TbDtpwzY1UmFMQpbUQICCLhaxLc6qVUHJQrQS0l8ZUXdelS0bouibKMKVbUuXuG1fa9AqXFJni2uDACwIXBlVKVhp190gKiv9ywj-H6esYT3FWbgfreBxNBikI7Lt_3f-H8QBuRMGfp2T-46I05wta_dEspbNR0VfvYrO0AzJFCnZq_prOep_D_mg2aE9oOl7ZyHaGAXgYxAfnEmnBDLkbZ_KsOBsXe7w1UlJYzuaWEW0mLOeyvNbm9fUsSJnXJLcKVuKP3wgibFBh8CXP3m2JEmPfe7Hre67FgjkbwD6bBC0_ilo-Bk5qpz1gIUlysxAhCb23kCh81kIsSeMfJgEwPuDvQdg5fB8BpQdFYA HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 19:59:40 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| data.pendo.io/data/guide.js/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJxNjjFvhDAMRv-LZ0QgEh3YbqnUpUNPnZFLcrlIIaGOw1Lx33FU6WCzn5Pve3-w-ew50YeBET5LCNAAznMqkSuKQhooFOT6ZF5HpczTovktSGwpt4mceveU-bYoXB7kM0-601pJzmIZDTLC-Kqpo79UUQr23B6Y-cs6n-LJfso5B4yuoKs_bJy-77C_ZCVYlhXJRr5dkQjU992b6jtVzSRnE_P_Et32w9D200rJwL4fPkVYIg&v=2.155.1_prod&ct=1665086379881 | 34.107.204.85 | 200 OK | 2.5 kB |
URL HTTP/2data.pendo.io/data/guide.js/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJxNjjFvhDAMRv-LZ0QgEh3YbqnUpUNPnZFLcrlIIaGOw1Lx33FU6WCzn5Pve3-w-ew50YeBET5LCNAAznMqkSuKQhooFOT6ZF5HpczTovktSGwpt4mceveU-bYoXB7kM0-601pJzmIZDTLC-Kqpo79UUQr23B6Y-cs6n-LJfso5B4yuoKs_bJy-77C_ZCVYlhXJRr5dkQjU992b6jtVzSRnE_P_Et32w9D200rJwL4fPkVYIg&v=2.155.1_prod&ct=1665086379881 IP34.107.204.85:0
Hashab0a841189a1b2f4b4562d910e4f334a 9eafce74985b34a7d3ef72e7f96557ece5c5ba6d 478cdd38ee10b78733a015e3d6e1e130763a56a4d8413fe434217c13f8d46ace
GET /data/guide.js/e8548821-01c7-4e01-7734-8a0780992641?jzb=eJxNjjFvhDAMRv-LZ0QgEh3YbqnUpUNPnZFLcrlIIaGOw1Lx33FU6WCzn5Pve3-w-ew50YeBET5LCNAAznMqkSuKQhooFOT6ZF5HpczTovktSGwpt4mceveU-bYoXB7kM0-601pJzmIZDTLC-Kqpo79UUQr23B6Y-cs6n-LJfso5B4yuoKs_bJy-77C_ZCVYlhXJRr5dkQjU992b6jtVzSRnE_P_Et32w9D200rJwL4fPkVYIg&v=2.155.1_prod&ct=1665086379881 HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 19:59:40 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&gjid=426146453&_gid=1217389762.1665086380&_u=IEBAAEAAAAAAACAAI~&z=1783446972 | 173.194.73.156 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&gjid=426146453&_gid=1217389762.1665086380&_u=IEBAAEAAAAAAACAAI~&z=1783446972 IP173.194.73.156:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&gjid=426146453&_gid=1217389762.1665086380&_u=IEBAAEAAAAAAACAAI~&z=1783446972 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://dheadquarters.org
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://dheadquarters.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 19:59:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash05cdf02bcbbeed0122679c1118a350ce b5311d6866b69206bec8f67a19cfeeefed233ef1 4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash40a4de06678d96242b71d5318f2fd4ef 546a7d1d92df81916f14155943427b5453ae3924 aed9af25ae57c181702a137d48cb00f5b30297180161451de3b628359dc9ec6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1d4c3917173bd92c4b3208cdf2c7c345 726a9aa16eef5844afde825f9faf1b505d31e69b 572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 | 142.250.74.3 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 IP142.250.74.3:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 19:59:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 | 142.250.74.164 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 IP142.250.74.164:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-10678812-7&cid=428912547.1665086380&jid=17013346&_u=IEBAAEAAAAAAACAAI~&z=360696426 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dheadquarters.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 19:59:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash1d4c3917173bd92c4b3208cdf2c7c345 726a9aa16eef5844afde825f9faf1b505d31e69b 572eebfaf735eb8aa1b3563d0317d52f5d22e9e83e5f5b6723f65da83fb15f22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashf9371f81e2eeeead7fe351a49f3b1c40 ae23d6c6c57dd7cf568c3a74594c377b7bb7df43 03c4ba0faa3199d061d1bb37df5d48ba6d81f77a83e243922075efc4d4acf456
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 19:59:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| hn.inspectlet.com/ginit/undefined | 172.67.10.172 | 200 OK | 25 B |
URL HTTP/1.1hn.inspectlet.com/ginit/undefined IP172.67.10.172:0
File typeJSON data\012- , ASCII text, with no line terminators Hashb641ead913aa71c4578f22a9edc2cd31 cdb9775e9050159fe152e8db125728f00716c64d 66735e6c28d7239fd36d897a7de435a6eb6995fceeb58a9f372287e92fa8f8a2
POST /ginit/undefined HTTP/1.1
Host: hn.inspectlet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 784
Origin: http://dheadquarters.org
Connection: keep-alive
Referer: http://dheadquarters.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 19:59:40 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 25
Connection: keep-alive
X-Powered-By: Express
Cache-Control: no-cache
Access-Control-Allow-Origin: http://dheadquarters.org
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Credentials: true
Etag: W/"19-tkHq2ROqccRXjyKp7cLNMQ"
Via: 1.1 vegur
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7560fa947a36b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
|