firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 10:44:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: erTHcT0-IZCngTmtp3XSBqIgRO0BvfRrjV5FrU-Y8cM28tPEzadb0g==
Age: 3268
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4608
Expires: Mon, 05 Sep 2022 12:56:03 GMT
Date: Mon, 05 Sep 2022 11:39:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6FTcvznnyZoz2_0iUvmYB-Zofp0LFniEoVXWsL-8aBrtjZvmGoal5w==
age: 37438
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 11:39:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/
66.84.30.17302 Found 0 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/
IP 66.84.30.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/ HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 05 Sep 2022 11:39:15 GMT
Server: Apache
location: index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 11:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:18:09 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tYOsSTuW9ceao8t4ZHpL5-YqvcA83K-SRiSnsxduYPWH1sYwdXnAkw==
Age: 60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b57a9dd04797bf34612c80361f1dffb3
56573166d8b9cd9b8dae19fd905e4f3293af306b
b03552109f1e7d1e482aa14614ffb1e38fb53ae4951152aab307b927674dad98
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4397
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:16 GMT
Last-Modified: Mon, 05 Sep 2022 10:25:59 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
66.84.30.17200 OK 17 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1920), with CRLF line terminators
Hash 93725c706eda8c42b41bcca4d3e64969
72011789b5cc39176eebb2fe5eeeefc1fbcf362b
5668f66541c53b709dc5b04fc475dab7bb8251b3ebf7a2274a2eaa0db53992ef
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918 HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 16803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/lodash-slim.js
66.84.30.17200 OK 23 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/lodash-slim.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1486)
Hash 542a4d4d47e89ca290d850a6a0ae09b4
56445e16057d5b725ae11f5e85db661120515299
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/lodash-slim.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 23346
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DiUeHkTzhJMDG+yx0mS4mw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6zu4czm1Hqujn0clwkrSUBYtEKA=
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/jquery-3.js
66.84.30.17200 OK 87 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/jquery-3.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/jquery-3.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/vm-login-form-ad.js
66.84.30.17200 OK 8.8 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/vm-login-form-ad.js
IP 66.84.30.17:0
Hash 0318627f2adf5aafb9520d94f30749a4
643454397eddf53c58e6766f58a519b0b444592c
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/vm-login-form-ad.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 8775
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/data.json
66.84.30.17200 OK 169 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/data.json
IP 66.84.30.17:0
File type ASCII text, with no line terminators
Hash d64e6c5a8ce0f0383b88a1be77b053ee
a316ca3df9822a7e638623d92e5aeacb3f4e3a2e
c3d83128029acb4b1c9ae295ea823c9adb93e1cfa1e81d200e30adba82b3d4d3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/data.json HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 169
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/json
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/1011719316x32.js
66.84.30.17200 OK 1.7 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/1011719316x32.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433)
Hash fa05120ba52f7ee87e3521b726d66fd0
d7ba5ed4796a436e942afac492ec02c4d9796e17
55b2a74a7498140a0e3d2e62e00a967fffac9a908c326d2294a1b37c0fb8b2f3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/1011719316x32.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 1723
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/fonts-remote.css
66.84.30.17200 OK 3.2 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/fonts-remote.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (3243), with no line terminators
Hash 709e5291d3bbec4524a53edf4c343352
de3799da5fc172ae2a76c5b4716b1f621ae3c2c6
25910ca8aaacdd039f7e596b4f446ac4c71f67ff3911d5969dfba9b7f1a6688f
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/fonts-remote.css HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 3243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/ttj
66.84.30.17200 OK 7.4 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/ttj
IP 66.84.30.17:0
File type HTML document, ASCII text, with very long lines (7387), with no line terminators
Hash 89cf9988d16c15d5919e2efdeb341003
6554b529e37e27af64a11b0d3507073ca05fb822
0f108c7122c218a486594e6ddd029c00844979992aa9d7b00ea9d3816a3e5be5
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/ttj HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 7387
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking.js
66.84.30.17200 OK 15 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (14942)
Hash d8c65cf89a55791f45cf6eba34c0a6e9
05bf019faf116dfd1a9811a806e5bd0639d83c45
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 14964
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-aws.js
66.84.30.17200 OK 2.5 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-aws.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (2546), with no line terminators
Hash 576b123770b3c1ada8d4260344726960
c8716f7d0fe73d9edf5ec333e9fc5500f7543fe9
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-aws.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 2546
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-DTM.js
66.84.30.17200 OK 1.6 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-DTM.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1624), with no line terminators
Hash 1fb3947058db50b6b3d0487328e3f86e
471f8733093ede4b0e075751bb89e0678d06a4f1
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/tracking-DTM.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 1624
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/moatad.js
66.84.30.17200 OK 276 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/moatad.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (761)
Size 276 kB (275951 bytes)
Hash 62628dc07dedc3f2a479575c2de3c899
a2e5f0a77a4df50476072170a47af42b28bcba02
2a150284ec831c47369e543eaaf6b57e2cbfc5102ff7d147efd3e12f26d53eaa
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/moatad.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 275951
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/scripts-responsive.js
66.84.30.17200 OK 7.3 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/scripts-responsive.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (7303), with no line terminators
Hash e98c1a1adf5539adda926dc57b56df92
3024e9e83dc44d9d9e6e7b1437110d68ca80e54f
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/scripts-responsive.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 7303
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/styles-light.css
66.84.30.17200 OK 45 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/styles-light.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (45103), with no line terminators
Hash 0a0b49b52b3291d6b49b7713c4a4118d
8e720bff1874620ef556512d3c690c69da3c3255
e9838dd96e607f7db82a919db47ac8ead355133b2a0ac312517d76b1a9b47266
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/styles-light.css HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 45103
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
66.84.30.17200 OK 129 kB URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (32748)
Size 129 kB (129056 bytes)
Hash 01221af4231ddeec15ca85739ffc766c
f61a3d6cf1fc6262b0c1e9b8bad2c9d56dca1702
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:16 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 129056
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/u.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/u.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/u.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/6d6e5a4b50313176614c77414143627a.gif
66.84.30.17200 OK 43 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/6d6e5a4b50313176614c77414143627a.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/6d6e5a4b50313176614c77414143627a.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/event.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/event.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/event.gif HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Last-Modified: Sun, 04 Sep 2022 12:09:59 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 26768, version 0.0\012- data
Hash e3e79cd377b28c1e7ffea64b194136cf
e67fb661f5d630ecc811e93d526065a680bf58d7
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 26768
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "e3e79cd377b28c1e7ffea64b194136cf"
x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XTk1ZXdpqisLN4abManV2eERXXfdVDr6nw7IuuvYX00Zl-QVHJqL0A==
cache-control: max-age=482597
date: Mon, 05 Sep 2022 11:39:17 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1662377953089
52.19.46.209200 OK 1.1 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1662377953089
IP 52.19.46.209:0
File type JSON data\012- , ASCII text, with very long lines (3420), with no line terminators
Hash b33154cd350898f7dad6894f24e11051
7e610d38381d7580fe67a475886d3c02e794021e
a586dfefd6dc4171eb4f6671b3ec86c2074d7aaa4fc739793b528db75fd553eb
GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1662377953089 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v038-0972c09bf.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=82910281194364787003172223972967356906; Max-Age=15552000; Expires=Sat, 04 Mar 2023 11:39:17 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: uAfkI/0RQMs=
Content-Length: 1148
Connection: keep-alive
swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index_files/rta.js HTTP/1.1
Host: swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/8e2027c8e77048cf2d80405ad36ed907/index.htm?cmd=login_submit&id=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&session=9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918
Cookie: AMCV_DA11332E5321D0550A490D45%40AdobeOrg=1406116232%7CMCIDTS%7C19241%7CvVersion%7C2.5.0
HTTP/1.1 404 Not Found
Date: Mon, 05 Sep 2022 11:39:17 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
fast.comcast.demdex.net/dest5.html?d_nsid=0
23.36.76.163200 OK 2.8 kB URL HTTP/1.1 fast.comcast.demdex.net/dest5.html?d_nsid=0
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash b8a1b21bd0651935d53a7bff0c2479d6
31527c952669b6d1d06c537eb50c9043f576e607
80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: fast.comcast.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Mon, 05 Sep 2022 11:39:17 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=83062907370699786993192060008449156429&ts=1662377953212
15.188.95.229200 OK 2 B URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=83062907370699786993192060008449156429&ts=1662377953212
IP 15.188.95.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=83062907370699786993192060008449156429&ts=1662377953212 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: http://swancommunications.com
access-control-allow-credentials: true
date: Mon, 05 Sep 2022 11:39:17 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=61937
date: Mon, 05 Sep 2022 11:39:17 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.172.250307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: 472b1ec7-4d60-4eeb-bf64-4f2472af343c
Set-Cookie: uuid2=7860938035688493442; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 04-Dec-2022 11:39:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:39:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6209
Expires: Mon, 05 Sep 2022 13:22:46 GMT
Date: Mon, 05 Sep 2022 11:39:17 GMT
Connection: keep-alive
ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.172.250200 OK 2.9 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.172.250:0
File type HTML document, ASCII text, with very long lines (7400), with no line terminators
Hash 5b5f745cc7e501f012af7537f8de5f06
3fc57903526a1b936ad22c4099f016bb0afd3dc5
60fbb0a95687c2166de968c5626fc055d55d8e80b964125b6d499a5cabc05022
GET /bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:17 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: b28674ef-dd32-4d86-803e-2be84e63b50e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GuATNx2xnWnEl0cr_2ZWZo_jOWbHlSBYksIeHFDoHAK9o5Tf0PPliQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:03:29 GMT
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
age: 48948
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XY2liZJvZjSSNT0u90GlCn3HGPxVaYO4xztkeALLJOTRRwruDELcvg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:48:06 GMT
age: 49871
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fa914e288ca54908967c65ae6000607
b470ee66546236df6932247b8de7982a081e3170
04dc2796377fdd129e03e1a1902207ba57f23933f4296908794097353f2de13f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9632
x-amzn-requestid: aee8c394-86b7-4b7e-8a1b-134b4de8454f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZF0rIAMFodg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2f2a9e20556d8899447fc662;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77bXbuBtQ1AUHqlplB8HwTfSd83WZTTsmHsN2hZiTk83XvP5Bdpfhg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 19:05:29 GMT
age: 59628
etag: "b470ee66546236df6932247b8de7982a081e3170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 236f57d73839def5d9ddd1b993394bac
a32ddb91fce6c75ee39530117afcf31d6c6eea94
5c4eab322f6c6a7462a4350dde8d32fc321e6d026e72c0bdb282a56da72c9664
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1be72d8-944d-4a7e-9b1e-ad82d49d9cf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11654
x-amzn-requestid: 7dec27e0-0959-435b-b155-6afeb503dac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxJUJGf-oAMFZNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631055b3-15838b603291931a4d236ff2;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 06:48:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wWaGFAA7vsAS2zhpSM0Cy5CueNSI8s-cS8sTOWUZGdy-AW2vhbNrBA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 19:05:28 GMT
age: 59629
etag: "a32ddb91fce6c75ee39530117afcf31d6c6eea94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VgP7BDBmd5A5bAmRgO88geep419uZ0TQop4jEmRkx-q9rX4PUJZOCQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:16:55 GMT
age: 48142
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4d6973685c96423469bad0cdf87aef3
9c00f2f5c3677908c2bdd8c1272d50d113672a88
f0fccb7a9c7bd00777e74b67ef248b1d9596ccaeb40b24c3451f4a65d0079968
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bd909ca-6c46-4b8b-a2f5-4d5470335397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7358
x-amzn-requestid: d925ec69-0baa-4dc0-912c-ab4d0e86ffac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3GRfIAMFmyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-041f82c20184278e2bfaad12;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FjgrWe3PbQeEjqtBdrv4qZYxS-dsxh3ia9K5cxPxLq8pImfznoXFpQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:13:34 GMT
age: 48343
etag: "9c00f2f5c3677908c2bdd8c1272d50d113672a88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ib.adnxs.com/ttj?ttjb=1&bdc=1662377957&bdh=JnEYr171fCXGvzmmHzgV45IlDYQ.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.172.250307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1662377957&bdh=JnEYr171fCXGvzmmHzgV45IlDYQ.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1662377957&bdh=JnEYr171fCXGvzmmHzgV45IlDYQ.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377957%26bdh%3DJnEYr171fCXGvzmmHzgV45IlDYQ.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 3319365c-4e49-45b2-9fe7-17a5a58da474
Set-Cookie: uuid2=9129873212802286763; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 04-Dec-2022 11:39:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377957%26bdh%3DJnEYr171fCXGvzmmHzgV45IlDYQ.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.172.250200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377957%26bdh%3DJnEYr171fCXGvzmmHzgV45IlDYQ.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377957%26bdh%3DJnEYr171fCXGvzmmHzgV45IlDYQ.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: e39eec7e-0d58-4f9d-ab4d-b6b03a69ff17
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.172.250307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: e875b459-f04e-4e4d-ba2d-71f5b6aeff59
Set-Cookie: uuid2=7423725131526467846; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 04-Dec-2022 11:39:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.172.250200 OK 3.1 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.172.250:0
File type HTML document, ASCII text, with very long lines (7760), with no line terminators
Hash 1a964897a87ade0f8ef90534057688ec
a7290ef3efaaf0663af2da7dc022515bf7ac0f99
53e13cec809c2f483c1d71233b46ae32e30f3dec75239156674da918c62a0a6b
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 13ba2031-fd59-4cf4-9111-8e1ec3ac93b2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ib.adnxs.com/ttj?ttjb=1&bdc=1662377958&bdh=FJcMQmltyIevosjHzIMPhgbiXmw.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.172.250307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1662377958&bdh=FJcMQmltyIevosjHzIMPhgbiXmw.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1662377958&bdh=FJcMQmltyIevosjHzIMPhgbiXmw.&bdl=1567582558&&bdref=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&&bstk=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377958%26bdh%3DFJcMQmltyIevosjHzIMPhgbiXmw.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 36012983-988b-480b-9feb-0ad3c827607e
Set-Cookie: uuid2=7926188980841907015; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 04-Dec-2022 11:39:18 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377958%26bdh%3DFJcMQmltyIevosjHzIMPhgbiXmw.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.172.250200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377958%26bdh%3DFJcMQmltyIevosjHzIMPhgbiXmw.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.172.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1662377958%26bdh%3DFJcMQmltyIevosjHzIMPhgbiXmw.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26%26bstk%3Dhttp%253A%252F%252Fswancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F8e2027c8e77048cf2d80405ad36ed907%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%2526session%253D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 258bd541-8390-4f7a-927b-207bf7a516cb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27420, version 0.0\012- data
Hash f05d3ebe80809d82ab14d62a79da544e
bf08410286fbadd57335dc63dbdd8169cd4e6d1e
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27420
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "f05d3ebe80809d82ab14d62a79da544e"
x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _vpkqBlLETw4T6oH2cSnkktI4BxeLxas20IZvW788el8Nomx3bJ5ug==
cache-control: max-age=2430434
date: Mon, 05 Sep 2022 11:39:18 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27152, version 0.0\012- data
Hash 13709eac065721ba8cd0e2d1b6fa8026
2fa86f3c0fbc94711d6c0ed32e3e03add756ba18
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27152
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "13709eac065721ba8cd0e2d1b6fa8026"
x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IzOfbbv8gz8w_604kyRw0cTtS-ry2VNjzzr5bNN0H7WL2BOGYFlCng==
cache-control: max-age=799896
date: Mon, 05 Sep 2022 11:39:18 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
23.38.200.237200 OK 34 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (557)
Hash 953eadbd32b8680b37511cc683781aff
8ea7a5fb3bd5f727f3ec3366bc1d91b3a104043b
14dd417150683ce056827225bbf94a0f26e95a820b604f815021be49eb8c707b
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7c44e613d67e21f6a1c3afd5985988da:1581368005.559228"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:39:18 GMT
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Length: 34525
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
23.38.200.237200 OK 134 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
IP 23.38.200.237:0
Hash 26720501c4260c7cc5833d9e06f0af87
26ce9fe2fa65dcd91b1ff050a238892a70eaad6c
e23487c8456f551b44229fd881dd8c524922e7c4c68682028c245bf706820e62
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "16dfb4bd56a82d8f8018ab2fa164856c:1581368006.307249"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 134
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:39:18 GMT
Date: Mon, 05 Sep 2022 11:39:18 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
23.38.200.237200 OK 187 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
IP 23.38.200.237:0
Hash 100e6bd0333d51a01c9e2bf4130cd5c9
b03e6b94b4c163de582e217f6e148f3b12df8f1f
481a6bc427ce8b7601db07e2387f5265db27e59a9a54abcb88f0e2497387912a
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b5834499509b419a0926487143b3976d:1581368006.388159"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:39:18 GMT
Date: Mon, 05 Sep 2022 11:39:18 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
23.38.200.237200 OK 15 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (563)
Hash 4da5a7f7e67cf8d72d1238efbd4dac31
e8bf676f06b42529aa475c3d292acfa0f5b4a6b7
2c68577dc9e4226daf46cbcf1650a0e91a1841c67ecf5e4ecea749cbea7ed973
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "dbef438e3fcd49bdc0ee4d74b97df080:1581368005.888342"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:39:18 GMT
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Length: 14684
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
23.38.200.237200 OK 681 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
IP 23.38.200.237:0
Hash 238e9ac366afc5ccb8ab193af21a3bdd
ccbe4cf829625b32aa2ecb714bc68c05c53de703
2f27f96e790c01c88b87af6a72d3d635b9bfc630d13bd43bd46a8be4ac5fac9f
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "1cf26e862d696e4a210b77e9f506e652:1581368006.039768"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 12:39:18 GMT
Date: Mon, 05 Sep 2022 11:39:18 GMT
Content-Length: 681
Connection: keep-alive
Access-Control-Allow-Origin: http://swancommunications.com
Timing-Allow-Origin: *
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1662377953995
52.19.46.209200 OK 217 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1662377953995
IP 52.19.46.209:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6a1f0ba8f8eb3327418287a50326997d
9ebab46ab74ec274189344c0ff74be994eb9feaa
d2810c413c6d05fa6c3cc79239c7aef961d6028b4fb5d44176a006cf341a1427
GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1662377953995 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-0b9a00bff.edge-irl1.demdex.com 8 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=51509534996659111991760432254408936895; Max-Age=15552000; Expires=Sat, 04 Mar 2023 11:39:18 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: vGFXj9DuQaE=
Content-Length: 217
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8032fe46b4c6f3e31607b2fae131fa83
d31361cbaae91f93208dcd5d1519393910b9fa64
36f415caa67abbb96eb1fac67f02f98079f0e243a4dc89947c48207ca0145110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5578
Cache-Control: max-age=115215
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:18 GMT
Etag: "6314e92b-1d7"
Expires: Tue, 06 Sep 2022 19:39:33 GMT
Last-Modified: Sun, 04 Sep 2022 18:06:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
comcastathena.demdex.net/event?_ts=1662377954015
18.202.164.188200 OK 119 B URL HTTP/1.1 comcastathena.demdex.net/event?_ts=1662377954015
IP 18.202.164.188:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 12960e24986dfbe524a5475ea5d5f8f0
5a812dae8323fe440d19b346055d5792fb2f1da7
c0e37c09652e8b19d5031bff0a49f03d2ebcf1bfb659c27ba1fc2ec3a53d097c
POST /event?_ts=1662377954015 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 637
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v038-0c1b2a0e8.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=51509534996659111991760432254408936895; Max-Age=15552000; Expires=Sat, 04 Mar 2023 11:39:18 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: GhkpZlklT80=
Content-Length: 119
Connection: keep-alive
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=82679407445&varName=crtg_content
178.250.2.157204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=82679407445&varName=crtg_content
IP 178.250.2.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=82679407445&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Mon, 05 Sep 2022 11:39:18 GMT
strict-transport-security: max-age=31536000; preload;
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s38603537208513?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F8%2F2022%2011%3A39%3A14%201%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=83062907370699786993192060008449156429&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa987&cc=USD&ch=login&events=event125%3D23%2Cevent36%3D23&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=23&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=70fae0003c771e52a918&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
15.188.95.229200 OK 3.9 kB URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s38603537208513?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F8%2F2022%2011%3A39%3A14%201%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=83062907370699786993192060008449156429&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa987&cc=USD&ch=login&events=event125%3D23%2Cevent36%3D23&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=23&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=70fae0003c771e52a918&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
IP 15.188.95.229:0
File type ASCII text, with very long lines (3856)
Hash 3baa997d423d94fdff084d6fe14ec39d
f5467a82f0b671d7216bc6d7abf7faf88897ab81
f07f8f7e077b2b849aa5ec573e5141c1cef7e902ae082282bede5b198e7be47e
GET /b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s38603537208513?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F8%2F2022%2011%3A39%3A14%201%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=83062907370699786993192060008449156429&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fswancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F8e2027c8e77048cf2d80405ad36ed907%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3D9385a1faa98770fae0003c771e52a9189385a1faa98770fae0003c771e52a918%26session%3D9385a1faa98770fae0003c771e52a9189385a1faa987&cc=USD&ch=login&events=event125%3D23%2Cevent36%3D23&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=23&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=70fae0003c771e52a918&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Mon, 05 Sep 2022 11:39:18 GMT
expires: Sun, 04 Sep 2022 11:39:18 GMT
last-modified: Tue, 06 Sep 2022 11:39:18 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3569929483380621312-4619914237745052916
vary: *
dcs: dcs-prod-irl1-2-v038-0ee6e918f.edge-irl1.demdex.com 6 ms
x-aam-tid: FZOa76NfR50=
content-type: application/x-javascript;charset=utf-8
content-length: 3857
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7c5173c3d4d0b5f53b2f6e6c1c09db13
037fbebe05c79a4125c8cd3da3f1a070d1a6b317
9d8f3a94e97187350e5f7bd2c396534ec4630a03143f781ecd32d66825f68880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4396
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:18 GMT
Last-Modified: Mon, 05 Sep 2022 10:26:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7c5173c3d4d0b5f53b2f6e6c1c09db13
037fbebe05c79a4125c8cd3da3f1a070d1a6b317
9d8f3a94e97187350e5f7bd2c396534ec4630a03143f781ecd32d66825f68880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4396
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:18 GMT
Last-Modified: Mon, 05 Sep 2022 10:26:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7c5173c3d4d0b5f53b2f6e6c1c09db13
037fbebe05c79a4125c8cd3da3f1a070d1a6b317
9d8f3a94e97187350e5f7bd2c396534ec4630a03143f781ecd32d66825f68880
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4336
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:18 GMT
Last-Modified: Mon, 05 Sep 2022 10:27:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
login.xfinity.com/static/images/favicon/favicon-16x16.png
23.36.79.11200 OK 184 B URL HTTP/2 login.xfinity.com/static/images/favicon/favicon-16x16.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit grayscale, non-interlaced\012- data
Hash db142cad60d6acbf015835843f35071f
56261a4d35ff1ad9c210376f025f8762e608494f
1a819ccf88edbedbdce80f8f48844260c685edf389ba39ba92e42c7291522801
GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
cache-control: max-age=338
expires: Mon, 05 Sep 2022 11:44:56 GMT
date: Mon, 05 Sep 2022 11:39:18 GMT
X-Firefox-Spdy: h2
dl.cws.xfinity.com/event/
184.86.58.27200 OK 0 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Referer: http://swancommunications.com/
Origin: http://swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
x-amzn-requestid: 15cb6dc8-3020-40b5-a268-d345686e6de6
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: X-_sGHiLIAMF5DQ=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: -DR2M4Q2LQu1ceGj1Le-diVsoVX0lLO4HOO-rw7_ZEHZb-WR3QGXKg==
date: Mon, 05 Sep 2022 11:39:18 GMT
X-Firefox-Spdy: h2
comcastathena.demdex.net/dest5.html?d_nsid=1
18.202.164.188200 OK 2.8 kB URL HTTP/1.1 comcastathena.demdex.net/dest5.html?d_nsid=1
IP 18.202.164.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=1 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Mon, 5 Sep 2022 11:39:18 GMT
DCS: dcs-prod-irl1-1-v038-0358e1334.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 3 Aug 2022 11:53:45 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: dy0oFtR/RdQ=
Content-Length: 2791
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
216.58.207.194302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fast.comcast.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 11:39:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 11:54:18 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
login.xfinity.com/static/images/favicon/android-icon-192x192.png
23.36.79.11200 OK 2.6 kB URL HTTP/2 login.xfinity.com/static/images/favicon/android-icon-192x192.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Hash 4d5a72cfafe8a0e67a3a4e3684ae379f
2140780ff72470e5a9d63fdf950d7b816ce804be
b8bbda2990b5611317f747bf13de3a78e1de77fd7d864a27d845194988490375
GET /static/images/favicon/android-icon-192x192.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 2569
content-type: image/png
cache-control: max-age=1258
expires: Mon, 05 Sep 2022 12:00:16 GMT
date: Mon, 05 Sep 2022 11:39:18 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash a54314d948f1f4d03e8c51c7e5df1d10
f242cf91da24052edc689c0e4256fbfa0c92e0b7
3e19ebb5060dfbb053c96ed42b74f7f3cc5743cbf17ba981dbb9eb9c3a23317d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4489
Cache-Control: max-age=146535
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Etag: "631567c5-139"
Expires: Wed, 07 Sep 2022 04:21:34 GMT
Last-Modified: Mon, 05 Sep 2022 03:06:45 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=uwngmF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZTeDNJVjZKcURkbXclMkYyV2s0U2tGJTJGZg; expires=Sat, 30 Sep 2023 11:39:19 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 284744
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e55281415ad2c89f8e871f59400c8dc1
bc7ca4131f13d89604161eb0641352670c28c033
1e9c57dbee44db8c9aab44449f9f0cb502a6d9f6473de439daf26414d0d2517a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 11:39:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c1f6893f3adb1f0f77a475071d6d476c
8ed3b962515337f0effd2ca19c2366429901df7d
850df3fa6862423be7b2c732769f10d6d7020d3ab7c5b36709163761b5e67e95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Last-Modified: Mon, 05 Sep 2022 10:57:47 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c1f6893f3adb1f0f77a475071d6d476c
8ed3b962515337f0effd2ca19c2366429901df7d
850df3fa6862423be7b2c732769f10d6d7020d3ab7c5b36709163761b5e67e95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2492
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Last-Modified: Mon, 05 Sep 2022 10:57:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eebb383a38a8f985b59a62820595689b
4d7bbcdeaa48e211743257c973ae2559b404d561
c8cf6bfc6865d4b25e7ef0df77478f47c4043b639aed462a2c6a0ba5439c3522
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3730323207&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Sep 2022 11:39:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eebb383a38a8f985b59a62820595689b
4d7bbcdeaa48e211743257c973ae2559b404d561
c8cf6bfc6865d4b25e7ef0df77478f47c4043b639aed462a2c6a0ba5439c3522
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 11:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: http://swancommunications.com/
Origin: http://swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:19 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: http://swancommunications.com
server-processing-duration-in-ticks: 555823
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dl.cws.xfinity.com/event/
184.86.58.27200 OK 110 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e9ad2079391a741ff1e4f79c86bf9ae9
9ec6b14f0fb792b84ac2ec7636a59656aab1d1c3
9b089ffd822952158492197071ee4018fca117377e27beef1bab612f987d6850
PUT /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3878
Origin: http://swancommunications.com
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 110
x-amzn-requestid: 196c6e2d-4533-4448-9cc9-24fe1bfc54bd
x-amz-apigw-id: X-_sJEPnIAMFkUw=
x-amzn-trace-id: Root=1-6315dfe7-593b97ec10e9b7247d6a1da3
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 65NVgLZcJC_N3u-LxWfdP6dzSxGIl7VdJoGuuC9WqBvEadNwtcMx6w==
date: Mon, 05 Sep 2022 11:39:19 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 444 B IP 178.250.2.146:0
Hash 7b1bc8efc327a816f41ecb9582e4c614
ca31915ff2d18e0011dd717884f8d0076d76bd56
7a7cb4c6132e8a38bb0cebe51275eeaebd6ff471b3e60db17171789f0cab96c2
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=C9gkOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZSdHJvTEpTS00ybndMeXFqR3RQUkFn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HhgR6V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZUVTlLdlBsUU12aWhkZHlXZTc3aTVU; expires=Sat, 30 Sep 2023 11:39:19 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 369878
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.203200 OK 402 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.203:0
Hash f96b5bab4964f86a28372addf133369b
011c93c737b286ad657024c1a33909d7294a1411
fadf9d46ed609e23ee40314a4fbb0c09eab51a31d6e42f23f2fdf9099a052bdb
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 129212
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.203200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.203:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 129566
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=swancommunications.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=swancommunications.com
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=swancommunications.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=687e3b1d-4ad4-4680-b12e-3afa642eac13; expires=Sat, 30 Sep 2023 11:39:18 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 750522
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.203200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.203:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95820
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.8200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.8:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97871
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=0&topUrl=swancommunications.com&info=C9gkOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZSdHJvTEpTS00ybndMeXFqR3RQUkFn&idsd=1892626544,-1278343447&cw=1&rtusCallerId=30&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=0&topUrl=swancommunications.com&info=C9gkOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZSdHJvTEpTS00ybndMeXFqR3RQUkFn&idsd=1892626544,-1278343447&cw=1&rtusCallerId=30&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=0&topUrl=swancommunications.com&info=C9gkOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZSdHJvTEpTS00ybndMeXFqR3RQUkFn&idsd=1892626544,-1278343447&cw=1&rtusCallerId=30&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1072268
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=C9gkOF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZSdHJvTEpTS00ybndMeXFqR3RQUkFn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=UGxKYF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3c3JTJGendFQXluYmZuZVFzeG43aHclMkZTeFh1TnlhdDlocVEybXdRcmlGUFBu; expires=Sat, 30 Sep 2023 11:39:19 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 296144
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.8200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.8:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:18 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 75614
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Sep 2022 11:39:17 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 984897
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2