r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2476
Expires: Tue, 27 Dec 2022 00:36:38 GMT
Date: Mon, 26 Dec 2022 23:55:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 67f508aae634a023b587a7129a5b8039
2ff7e1d29b497147941d0abf581411cbd2722d7b
eee5fda5214bd4f75b0934bb1f14429fe01251628026fd0f18f117b38848601c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE5FDA5214BD4F75B0934BB1F14429FE01251628026FD0F18F117B38848601C"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6992
Expires: Tue, 27 Dec 2022 01:51:54 GMT
Date: Mon, 26 Dec 2022 23:55:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 23:46:36 GMT
content-type: application/json
age: 526
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c298d0b2a05562a7ece94adf3589dacd
266befe104baa47e94fe0b9d00d10f96518b6525
a00a7433c6ee020d40e43fb5c821b8f2b835107852be361317fd2dfdcc4f0a15
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A00A7433C6EE020D40E43FB5C821B8F2B835107852BE361317FD2DFDCC4F0A15"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4662
Expires: Tue, 27 Dec 2022 01:13:04 GMT
Date: Mon, 26 Dec 2022 23:55:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qZBuiYBboymVcta9QCM1DfqSrgELob2rfBE7NRCQPwHjHYyhMNCfcvxDHKJI7RR7duEcoIqy+us=
x-amz-request-id: FX4HSXMRTCGR2M8B
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 22:57:37 GMT
age: 3465
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 23:55:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
commedia.com/http:/commedia.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNzs_NTU3JTNQDMkA6kpNTC0qA4lr6Wkq1AGhXFuc:1p9LEu:0jMYd65dd8A11p6kQZRStbTy-mg
45.33.30.197200 OK 5.4 kB URL HTTP/1.1 commedia.com/http:/commedia.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNzs_NTU3JTNQDMkA6kpNTC0qA4lr6Wkq1AGhXFuc:1p9LEu:0jMYd65dd8A11p6kQZRStbTy-mg
IP 45.33.30.197:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (478)
Hash a5118c3c786b40d92452c6028f57cef9
f147e18c5951a85c34ac606db6ee840290a70959
e64a2f26a62d376393cd1ff16bee8f8f648d1108f7c12c433cf9ae8591a1c035
Analyzer Verdict Alert fortinet Phishing
GET /http:/commedia.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNzs_NTU3JTNQDMkA6kpNTC0qA4lr6Wkq1AGhXFuc:1p9LEu:0jMYd65dd8A11p6kQZRStbTy-mg HTTP/1.1
Host: commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Mon, 26 Dec 2022 23:55:22 GMT
content-type: text/html; charset=utf-8
content-length: 5364
vary: Accept-Language
content-language: en
connection: close
commedia.com/mtm/async/.eJxdj8FOg0AURf-FZaUdSJW0GBcUwRQopgJa3ZDpMIUpTBmmjwo1_rtUXRh3556bl7z7obSSKaaCCgBhIlJzTjOGJwMgDhxlTFICaEK9Xj6zGvoq6hPwNlrl-oFTnxZ7fyH9IIEwYrq9XHr9Y9ra63FwdqYuKcLzMQ3jZOrF4fp-VVpGKcLY1hrrupLGS9no1kOxcVti6mIeOK2p7VevmXGTZTNL14VRrt-eItjG_ZjniqpgmR-HXweSdEcllT-hqI-QHjCnQ_w74HJBCBUweKAdDBt5pWIhKkYwsPqAuou56v5bXt02d9pkrjKOc4rwie1-8Z1uhTpCo-9-pnx-AUZdazs:1p9xJS:_fF7l8k78PBWqV-h3vXVrz91J4Y/1/
45.33.30.197200 OK 426 B URL HTTP/1.1 commedia.com/mtm/async/.eJxdj8FOg0AURf-FZaUdSJW0GBcUwRQopgJa3ZDpMIUpTBmmjwo1_rtUXRh3556bl7z7obSSKaaCCgBhIlJzTjOGJwMgDhxlTFICaEK9Xj6zGvoq6hPwNlrl-oFTnxZ7fyH9IIEwYrq9XHr9Y9ra63FwdqYuKcLzMQ3jZOrF4fp-VVpGKcLY1hrrupLGS9no1kOxcVti6mIeOK2p7VevmXGTZTNL14VRrt-eItjG_ZjniqpgmR-HXweSdEcllT-hqI-QHjCnQ_w74HJBCBUweKAdDBt5pWIhKkYwsPqAuou56v5bXt02d9pkrjKOc4rwie1-8Z1uhTpCo-9-pnx-AUZdazs:1p9xJS:_fF7l8k78PBWqV-h3vXVrz91J4Y/1/
IP 45.33.30.197:0
File type ASCII text, with very long lines (426), with no line terminators
Hash 844623a4d7df13c3f4d20b5433b15cdf
0033addfa4b8220efbd2f1e132800eaf3a267f16
0d5b2d208542366cab6be8d3d96a270f0c03cc3ca699761da425c23a15cc7643
Analyzer Verdict Alert fortinet Phishing
GET /mtm/async/.eJxdj8FOg0AURf-FZaUdSJW0GBcUwRQopgJa3ZDpMIUpTBmmjwo1_rtUXRh3556bl7z7obSSKaaCCgBhIlJzTjOGJwMgDhxlTFICaEK9Xj6zGvoq6hPwNlrl-oFTnxZ7fyH9IIEwYrq9XHr9Y9ra63FwdqYuKcLzMQ3jZOrF4fp-VVpGKcLY1hrrupLGS9no1kOxcVti6mIeOK2p7VevmXGTZTNL14VRrt-eItjG_ZjniqpgmR-HXweSdEcllT-hqI-QHjCnQ_w74HJBCBUweKAdDBt5pWIhKkYwsPqAuou56v5bXt02d9pkrjKOc4rwie1-8Z1uhTpCo-9-pnx-AUZdazs:1p9xJS:_fF7l8k78PBWqV-h3vXVrz91J4Y/1/ HTTP/1.1
Host: commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://commedia.com/http:/commedia.com/mtm/direct/.eJyrViotylSyUtJX0lFKLEovBjKBrKLUtNSi1CIIJyO_uCQ-LzE3FchNzs_NTU3JTNQDMkA6kpNTC0qA4lr6Wkq1AGhXFuc:1p9LEu:0jMYd65dd8A11p6kQZRStbTy-mg
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Mon, 26 Dec 2022 23:55:22 GMT
content-type: text/html; charset=utf-8
content-length: 426
x-mtm-path: 7
x-mtm-prov: 300:0.00;308:0.00
x-mtm-rd: 0.00
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJjb21tZWRpYS5jb20iLCJodHRwOi8vd3d3MS5jb21tZWRpYS5jb20vP3RtPTEmc3ViaWQ0PTE2NzIwOTg5MjIuMDIyMjUzMDAwMCZLVzE9U29jaWFsJTIwTWVkaWElMjBBdXRvbWF0aW9uJTIwTWFya2V0aW5nJTIwU29mdHdhcmUmS1cyPUxvd2VzdCUyMENhciUyMEluc3VyYW5jZSUyMFJhdGVzJktXMz1FbGl0ZSUyMERhdGluZyUyMFNlcnZpY2VzJktXND1EZWRpY2F0ZWQlMjBHYW1pbmclMjBTZXJ2ZXImS1c1PUxvd2VzdCUyMENhciUyMEluc3VyYW5jZSUyMFJhdGVzJktXNj1Tb2NpYWwlMjBNZWRpYSUyMEF1dG9tYXRpb24lMjBNYXJrZXRpbmclMjBTb2Z0d2FyZSZLVzc9QjJCJTIwVHJhdmVsJTIwQm9va2luZyUyMFN5c3RlbSZLVzg9TWFrZSUyME1vbmV5JTIwRnJvbSUyMEhvbWUmS1c5PU1ha2UlMjBNb25leSUyMEZyb20lMjBIb21lJnNlYXJjaGJveD0wJmJhY2tmaWxsPTAiLDEsIjIwMjItMTItMjYgMjM6NTU6MjIiLDEsIjE2NzIwOTg5MjIuMDIyMjUzMDAwMCIsMzA4LG51bGwsbnVsbF0:1p9xJS:E36mx7GmcgrM6cS2jorNHZKBZcY; expires=Tue, 27-Dec-2022 00:55:22 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 23:08:06 GMT
age: 2837
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 126
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:23 GMT
Last-Modified: Mon, 26 Dec 2022 23:53:17 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
76.223.26.96200 OK 6.5 kB URL HTTP/1.1 www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3130)
Hash 4de7373addd9266007d591aa4cbfdda9
5f0dee84e800affe43db053f1fbda964bb75dd13
f270eaf609c4480cebd9c8fd26df58134fae617f58cd133d9b43fffd86a8f0f4
GET /?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0 HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://commedia.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 23:55:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket103
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IBE8MNz7mKh8TRTD8SsHVR39DjSWr1ruBYyHFVF/GPuSeVkuiyDHl/pyLD2wyfaLty8wy1nzjKSpqL9PnZ5NTg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.130200 OK 7.0 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.130:0
File type ASCII text, with very long lines (316)
Hash 3c7567521347bf95b105ffa7fdc7da86
08739adacbf1300c74d8ae1cf100d00d9fbd0e5f
0e32bca6b67dfdeed3f9b988ddcec1adf0502549a130a78c4ace64c318a7ea29
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7006
Connection: keep-alive
Server: nginx
Date: Mon, 26 Dec 2022 02:42:00 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
Accept-Ranges: bytes
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: GpwwggbZTxx22fTGtFugkUaH87CjecAIsrHPuv6u4isnCeX5kwHuHA==
Age: 76403
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash 3caf7ec4dc4407dd26c23c27e2ee8441
b78a33cd365345328c1e85616ef3d86f9e52604b
243f55134830ee5256888d500b0f764452eef944911c7fb0a64a9ded6605e8d3
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Mon, 26 Dec 2022 23:55:23 GMT
Expires: Mon, 26 Dec 2022 23:55:23 GMT
Cache-Control: private, max-age=3600
ETag: "14181701328128387770"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30200 OK 761 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash 64f809e06446647e192fce8d1ec34e09
5b7ced07da42e205067afa88615317a277a4a82c
f52cbd664986ad7ed6e71c448e2d31d1a16463e4d9b7bca0c6be278649ccc4f3
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 26 Dec 2022 23:55:23 GMT
Content-Type: application/javascript
Content-Length: 761
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
Accept-Ranges: bytes
push.services.mozilla.com/
54.187.187.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.187.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0/iseQW0LMl0OfwkTzVNwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CkQf9eqIgsqPxB5uysUuFQNxikk=
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.130200 OK 11 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.130:0
File type PNG image data, 1500 x 600, 8-bit colormap, non-interlaced\012- data
Hash 0cb2e5165dc9324eb462199f04e1ffa9
9e0f89847ec8a98d98a6020bc5c4ed32b7a48bf8
67dff0aad873050f12609885f2264417ccdd0d438311000a704c89f0865f7865
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 11375
Connection: keep-alive
Server: nginx
Date: Mon, 26 Dec 2022 02:14:46 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
Accept-Ranges: bytes
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: C28KVIszDgshRt1KvHylJ2ZW17VdnBfNMqB8HqbpoK95zGRbDb4qtQ==
Age: 78038
www1.commedia.com/track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyMy4zMzM2OmMwMWQ1OGY0YjUyNGJmMDg2NGVlNWI5NGU1ZGZjNzlkYTQ3YWRkYTVlNTdlMDU3ZTU1MmNjODhkODAzMzQzMmU6NjNhYTM0NmI1MTcwZA%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 www1.commedia.com/track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyMy4zMzM2OmMwMWQ1OGY0YjUyNGJmMDg2NGVlNWI5NGU1ZGZjNzlkYTQ3YWRkYTVlNTdlMDU3ZTU1MmNjODhkODAzMzQzMmU6NjNhYTM0NmI1MTcwZA%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyMy4zMzM2OmMwMWQ1OGY0YjUyNGJmMDg2NGVlNWI5NGU1ZGZjNzlkYTQ3YWRkYTVlNTdlMDU3ZTU1MmNjODhkODAzMzQzMmU6NjNhYTM0NmI1MTcwZA%3D%3D HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 23:55:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef35a967130819482bf79983026b3a9b
0845387b4c8cb449bb49c3043a1f08ed5e56c591
7a5ad67169f590576e243582e867b3d16848c17e3ad05ef6d406d0750fc37eaf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www1.commedia.com/ls.php
76.223.26.96201 Created 0 B IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /ls.php HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 3082
Origin: http://www1.commedia.com
Connection: keep-alive
Referer: http://www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
HTTP/1.1 201 Created
Date: Mon, 26 Dec 2022 23:55:24 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63aa346c13bfbb00751bc104
Charset: utf-8
Access-Control-Allow-Origin: http://www1.commedia.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_h1vOasgjJNAr2wJKJyrVudQkbPe6VFVYqA0b+xNgy+96THWuJou3KL7SRLUFhW6M+M8q/XuiOohFU93hEn9nYg==
www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000972%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Social%20Media%20Automation%20Marketing%20Software%2CLowest%20Car%20Insurance%20Rates%2CElite%20Dating%20Services%2CDedicated%20Gaming%20Server%2CLowest%20Car%20Insurance%20Rates%2CSocial%20Media%20Automation%20Marketing%20Software%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CMake%20Money%20From%20Home&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404&format=r9%7Cs&nocache=8071672098920764&num=0&output=afd_ads&domain_name=www1.commedia.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672098920766&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.commedia.com%2F%3Ftm%3D1%26subid4%3D1672098922.0222530000%26KW1%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW2%3DLowest%2520Car%2520Insurance%2520Rates%26KW3%3DElite%2520Dating%2520Services%26KW4%3DDedicated%2520Gaming%2520Server%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW7%3DB2B%2520Travel%2520Booking%2520System%26KW8%3DMake%2520Money%2520From%2520Home%26KW9%3DMake%2520Money%2520From%2520Home%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fcommedia.com%2F&adbw=master-1%3A530
142.250.74.132200 OK 2.4 kB URL HTTP/2 www.google.com/afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000972%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Social%20Media%20Automation%20Marketing%20Software%2CLowest%20Car%20Insurance%20Rates%2CElite%20Dating%20Services%2CDedicated%20Gaming%20Server%2CLowest%20Car%20Insurance%20Rates%2CSocial%20Media%20Automation%20Marketing%20Software%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CMake%20Money%20From%20Home&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404&format=r9%7Cs&nocache=8071672098920764&num=0&output=afd_ads&domain_name=www1.commedia.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672098920766&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.commedia.com%2F%3Ftm%3D1%26subid4%3D1672098922.0222530000%26KW1%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW2%3DLowest%2520Car%2520Insurance%2520Rates%26KW3%3DElite%2520Dating%2520Services%26KW4%3DDedicated%2520Gaming%2520Server%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW7%3DB2B%2520Travel%2520Booking%2520System%26KW8%3DMake%2520Money%2520From%2520Home%26KW9%3DMake%2520Money%2520From%2520Home%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fcommedia.com%2F&adbw=master-1%3A530
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8181)
Hash d0374c317b0ac57914b700e5aeefe840
a645f35dc77a6693b08cf022918c7c39f063ca4b
7a9790ce145a66e2788b25179ff3e5d7903be70ee71b49fe82136b654dec6ecf
GET /afs/ads?adtest=off&psid=6016880802&pcsa=false&channel=000001%2C000003%2C000972%2Cbucket103&client=dp-teaminternet12_3ph&r=m&hl=en&terms=Social%20Media%20Automation%20Marketing%20Software%2CLowest%20Car%20Insurance%20Rates%2CElite%20Dating%20Services%2CDedicated%20Gaming%20Server%2CLowest%20Car%20Insurance%20Rates%2CSocial%20Media%20Automation%20Marketing%20Software%2CB2B%20Travel%20Booking%20System%2CMake%20Money%20From%20Home%2CMake%20Money%20From%20Home&max_radlink_len=40&type=3&uiopt=true&swp=as-drid-2514429714757505&oe=UTF-8&ie=UTF-8&fexp=21404&format=r9%7Cs&nocache=8071672098920764&num=0&output=afd_ads&domain_name=www1.commedia.com&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1672098920766&u_w=1280&u_h=1024&biw=1280&bih=939&psw=1280&psh=797&frm=0&cl=493016327&uio=--&cont=tc&jsid=caf&jsv=493016327&rurl=http%3A%2F%2Fwww1.commedia.com%2F%3Ftm%3D1%26subid4%3D1672098922.0222530000%26KW1%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW2%3DLowest%2520Car%2520Insurance%2520Rates%26KW3%3DElite%2520Dating%2520Services%26KW4%3DDedicated%2520Gaming%2520Server%26KW5%3DLowest%2520Car%2520Insurance%2520Rates%26KW6%3DSocial%2520Media%2520Automation%2520Marketing%2520Software%26KW7%3DB2B%2520Travel%2520Booking%2520System%26KW8%3DMake%2520Money%2520From%2520Home%26KW9%3DMake%2520Money%2520From%2520Home%26searchbox%3D0%26backfill%3D0&referer=http%3A%2F%2Fcommedia.com%2F&adbw=master-1%3A530 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.commedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Mon, 26 Dec 2022 23:55:24 GMT
expires: Mon, 26 Dec 2022 23:55:24 GMT
cache-control: private, max-age=3600
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2434
x-xss-protection: 0
set-cookie: CONSENT=PENDING+994; expires=Wed, 25-Dec-2024 23:55:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6135af2cb977c4cd5e766661c342b1ed
3028d4d41ff23b1a5ea77cdda9d15ec464209b78
e3da506f5ccdc2e06917a281147454c1861b6bb6008473b8ddeda67932f0c7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www1.commedia.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
216.58.207.226200 OK 239 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www1.commedia.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.226:0
File type ASCII text, with very long lines (364), with no line terminators
Hash 2f4a10c3aa8eb776e246baec58c610d6
3c4f38eb0f42e20af743f0b0ab43dedd4765ca6f
29af8a941352633a9571a89076bec50eba678878bbe1821ade9f8c6045975c65
GET /gampad/cookie.js?domain=www1.commedia.com&client=dp-teaminternet12_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www1.commedia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 26 Dec 2022 23:55:24 GMT
server: cafe
cache-control: private
content-length: 239
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c77f7447ba7820276d1ac891e88fee86
fd8aaa5cea881578d44ea5dd7a203c1d81ca1908
06655edfa86ea943cc8e188d953b4dc230b18a98c7268177edb9c728ceeacb33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/2 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
Hash 462733c6e540764f5028c538e0897768
b0b96dea310b53f114f7e3087d6ffde1a843f370
e32c9ddad9bfea05026775fd1f68e2adb68d3f479e6c1f4722a8c5463ea88415
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Mon, 26 Dec 2022 23:55:24 GMT
expires: Mon, 26 Dec 2022 23:55:24 GMT
cache-control: private, max-age=3600
etag: "93330671341707853"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 88b57c84c9aa566d2d06db9ace8d092d
a3a6a3360294388854e57291ef5460111a336be5
85a238153ff4cc24d07c3e526735ab57cc0bfe3c893304c8f75271d3dd17b1cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 88b57c84c9aa566d2d06db9ace8d092d
a3a6a3360294388854e57291ef5460111a336be5
85a238153ff4cc24d07c3e526735ab57cc0bfe3c893304c8f75271d3dd17b1cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
142.250.74.97200 OK 270 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Hash 5100391430a00e10ce60aa159f525b5c
231a4492d73b225f441b1e9028dc33c89862e498
52b1432a6e3002e41ed1d8f4c84b258fdc4c6dac863e3c0e5c06360c81be6067
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 270
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 13:52:32 GMT
expires: Tue, 27 Dec 2022 12:52:32 GMT
cache-control: public, max-age=82800
age: 36172
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
142.250.74.97200 OK 174 B URL HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 142.250.74.97:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 13:08:40 GMT
expires: Tue, 27 Dec 2022 12:08:40 GMT
cache-control: public, max-age=82800
age: 38804
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 88b57c84c9aa566d2d06db9ace8d092d
a3a6a3360294388854e57291ef5460111a336be5
85a238153ff4cc24d07c3e526735ab57cc0bfe3c893304c8f75271d3dd17b1cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19525
Expires: Tue, 27 Dec 2022 05:20:49 GMT
Date: Mon, 26 Dec 2022 23:55:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19525
Expires: Tue, 27 Dec 2022 05:20:49 GMT
Date: Mon, 26 Dec 2022 23:55:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4a7ec0fdc177ed09c8949dcd68efb35
8ad28905291f4a184c0f32292415d1af0db3cead
7862e695c7eea224263bccaabcc54fc337ea533d6f1fafe0426b8699f3880922
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69c55865-95c6-4d05-a856-6d61c10bd012.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7924
x-amzn-requestid: 30d67a34-fa95-4aa8-84d7-7c769a9e7fc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYgEnNoAMF7ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129c-743b9f4845f2c6f312463662;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: --tvJ59lJcMFjW2SkTNbxSZTHTdd45Iz5yqGRY9LpOC8Oy0TAhUmqQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 22:02:23 GMT
age: 6781
etag: "8ad28905291f4a184c0f32292415d1af0db3cead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4b903e264b412e69e5f22091bf423ea
92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f
8d5d90968489731604a2286d9e2b9a307147a3cc0b1ffd32f1186ceea9b8fcff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9fad15f-1e28-43a3-83d8-06aeab608d9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15371
x-amzn-requestid: 63d10011-ae3d-48fb-b892-26d94dc6ef83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs8EVDIAMFTOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-3da712a621773d56567c014f;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UeMu2JuyiBhp1D-T8We8YZFCLFeqnJ0EeAVrLZN047WMREZyCzOOVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 07:27:20 GMT
age: 59284
etag: "92d157f8b56dd0af2ce0f1f5c11b5c90969cf36f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973fc216-fba1-40f7-8d35-778b3fc0ee1c.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973fc216-fba1-40f7-8d35-778b3fc0ee1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e712da258f280eeb9ce0a7fa97aff63b
fa3147a3111bc132ce389a780504e3626b4be0f0
cd7ff9d40428664eaded34390a3f17d13230f683c6cec5b0604d62b3461aa47c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973fc216-fba1-40f7-8d35-778b3fc0ee1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6318
x-amzn-requestid: 7e5aae2f-c5fd-4a8f-b9a6-557a68e36b68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drEBqFL9oAMFhhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a78070-1aac4a0d0b4042c22d24baa4;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 22:42:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xpcD8K0u1A6kpsPguyFZuEZh7Bu8rgyO4PQUAXtlW7VFZDxZrPhiJg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 09:34:11 GMT
age: 51673
etag: "fa3147a3111bc132ce389a780504e3626b4be0f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6fae1d3c96b2fb2de464bfa2ecac255e
24fd29d292ea53fb909dfa1829a0010b75de2f01
b4a82374d8ab68ae01bc170f8cd3159d0c23ee62c516c317a889ed0c0e575638
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9658bc08-5e7a-4e2a-84f5-0d9e42e3b77c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7289
x-amzn-requestid: c374bc19-82dd-4692-aaf8-613fb4ba62e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do608EYMoAMF1qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a4ec-23632b8f1341ef9f2d82f5e4;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 07:06:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4vPGiDwu3oN4X9vaUd8DsEa_yn_zwyJTX-Q9B7S5HNMzFx4vhfJUPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 01:26:49 GMT
age: 80915
etag: "24fd29d292ea53fb909dfa1829a0010b75de2f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SgjNBdI4lkk3DIdROxkZ8sdadoe-pewXA9Q5M55pGe-LNk012lLFmQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:22:23 GMT
age: 73981
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b7f0c866bf3ac4531371ad2060951b5
48251361ab12813116d9aba69bb646bf11e54b76
33eacdc9a4c0f1c0494c153e6c8bf8dcebb5d1447aeb22fb2a799f2b631f4da7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1983375a-46e7-4d3c-b100-9baafabc9959.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5961
x-amzn-requestid: be6c3f09-60b7-42e3-bea3-2addcac0faca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFcHhQIAMFzBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-457bd6e7433432ff095b93a4;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: BJb0nCtDDQtEEzAwajKlIqIVkFLkbMiMu8MNA6iwdTrsa81RTsIcEA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 03:34:07 GMT
age: 73277
etag: "48251361ab12813116d9aba69bb646bf11e54b76"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
76.223.26.96200 OK 6.5 kB URL HTTP/1.1 www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
IP 76.223.26.96:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3102)
Hash c5d255686219ef20960b7ad3d8fbd91d
bfaae3fde481acb26640aa414ff1e28fbf626375
2a11b00a50b9cfaf04334961e5f8f603c32dc85b1c01d4767247afb6cf2de793
GET /?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0 HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __gsas=ID=3d0a110dfa81d10c:T=1672098924:S=ALNI_MZR3TkA79g4pVozhqnOydCP-mN5hg
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 23:55:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Buckets: bucket102
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_IBE8MNz7mKh8TRTD8SsHVR39DjSWr1ruBYyHFVF/GPuSeVkuiyDHl/pyLD2wyfaLty8wy1nzjKSpqL9PnZ5NTg==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
54.230.245.130304 Not Modified 0 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/maincaf.js
IP 54.230.245.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/maincaf.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
If-Modified-Since: Tue, 15 Nov 2022 15:10:24 GMT
If-None-Match: "6373abe0-1b5e"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Mon, 26 Dec 2022 02:42:00 GMT
Last-Modified: Tue, 15 Nov 2022 15:10:24 GMT
ETag: "6373abe0-1b5e"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MoP4lpA3Jud1x_AhFIttGXyIaCUtHAFSSxGMkLomIGcryWHEu4h1Ww==
Age: 76404
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL HTTP/1.1 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (1885)
Hash d61d5848e781103065d5bca54bb2f5d3
0c1410cc40187c59ff57497a601bc5a0914b94ba
f07be716e8073ec4f47c14978e5bb3d2ab7905d9f012131dd848e158fb41df78
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
If-None-Match: "14181701328128387770"
Cache-Control: max-age=0
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Mon, 26 Dec 2022 23:55:24 GMT
Expires: Mon, 26 Dec 2022 23:55:24 GMT
Cache-Control: private, max-age=3600
ETag: "9096543464630205400"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
c.parkingcrew.net/scripts/sale_form.js
185.53.178.30304 Not Modified 0 B URL HTTP/1.1 c.parkingcrew.net/scripts/sale_form.js
IP 185.53.178.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/sale_form.js HTTP/1.1
Host: c.parkingcrew.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
If-Modified-Since: Tue, 12 May 2020 14:25:52 GMT
If-None-Match: "5ebab1f0-2f9"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 26 Dec 2022 23:55:25 GMT
Connection: keep-alive
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-2f9"
d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
54.230.245.130304 Not Modified 0 B URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/themes/cleanPeppermintBlack_657d9013/img/arrows.png
IP 54.230.245.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themes/cleanPeppermintBlack_657d9013/img/arrows.png HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/
If-Modified-Since: Thu, 23 Jun 2022 10:44:43 GMT
If-None-Match: "62b4441b-2c6f"
Cache-Control: max-age=0
HTTP/1.1 304 Not Modified
Connection: keep-alive
Server: nginx
Date: Mon, 26 Dec 2022 02:14:46 GMT
Last-Modified: Thu, 23 Jun 2022 10:44:43 GMT
ETag: "62b4441b-2c6f"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hfsMmStFvYa6v-2wYijuCYY-wOyRgiWCQyLiQLOjiMK3Wx7II2stSQ==
Age: 78039
www1.commedia.com/track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyNC44ODQ2OjMwZmRhODI2NTg1MmZiODA4ZDcxM2VhMWMzOGQ5Y2E2ZjU1YTc3YjhhNmFmMGQ3NzNmYjI5ODMwNzI4YTQ4NTU6NjNhYTM0NmNkN2Y2Zg%3D%3D
76.223.26.96200 OK 20 B URL HTTP/1.1 www1.commedia.com/track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyNC44ODQ2OjMwZmRhODI2NTg1MmZiODA4ZDcxM2VhMWMzOGQ5Y2E2ZjU1YTc3YjhhNmFmMGQ3NzNmYjI5ODMwNzI4YTQ4NTU6NjNhYTM0NmNkN2Y2Zg%3D%3D
IP 76.223.26.96:0
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=commedia.com&toggle=browserjs&uid=MTY3MjA5ODkyNC44ODQ2OjMwZmRhODI2NTg1MmZiODA4ZDcxM2VhMWMzOGQ5Y2E2ZjU1YTc3YjhhNmFmMGQ3NzNmYjI5ODMwNzI4YTQ4NTU6NjNhYTM0NmNkN2Y2Zg%3D%3D HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
Cookie: __gsas=ID=3d0a110dfa81d10c:T=1672098924:S=ALNI_MZR3TkA79g4pVozhqnOydCP-mN5hg
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 23:55:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.commedia.com/favicon.ico
76.223.26.96200 OK 0 B URL HTTP/1.1 www1.commedia.com/favicon.ico
IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
Cookie: __gsas=ID=3d0a110dfa81d10c:T=1672098924:S=ALNI_MZR3TkA79g4pVozhqnOydCP-mN5hg
HTTP/1.1 200 OK
Date: Mon, 26 Dec 2022 23:55:25 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www1.commedia.com/ls.php
76.223.26.96201 Created 0 B IP 76.223.26.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
POST /ls.php HTTP/1.1
Host: www1.commedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 3054
Origin: http://www1.commedia.com
Connection: keep-alive
Referer: http://www1.commedia.com/?tm=1&subid4=1672098922.0222530000&KW1=Social%20Media%20Automation%20Marketing%20Software&KW2=Lowest%20Car%20Insurance%20Rates&KW3=Elite%20Dating%20Services&KW4=Dedicated%20Gaming%20Server&KW5=Lowest%20Car%20Insurance%20Rates&KW6=Social%20Media%20Automation%20Marketing%20Software&KW7=B2B%20Travel%20Booking%20System&KW8=Make%20Money%20From%20Home&KW9=Make%20Money%20From%20Home&searchbox=0&backfill=0
Cookie: __gsas=ID=3d0a110dfa81d10c:T=1672098924:S=ALNI_MZR3TkA79g4pVozhqnOydCP-mN5hg
Cache-Control: max-age=0
HTTP/1.1 201 Created
Date: Mon, 26 Dec 2022 23:55:25 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 63aa346d3deb084d3b6c3a11
Charset: utf-8
Access-Control-Allow-Origin: http://www1.commedia.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_h1vOasgjJNAr2wJKJyrVudQkbPe6VFVYqA0b+xNgy+96THWuJou3KL7SRLUFhW6M+M8q/XuiOohFU93hEn9nYg==