firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 21:10:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2xS4UH3sGsSncfCoaRSz9loYW7LF-sAg_xmIkLPkdfPpVsnmIbFR1w==
Age: 651
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2275
Expires: Thu, 15 Sep 2022 21:59:20 GMT
Date: Thu, 15 Sep 2022 21:21:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZAXxSsk3ia30PIogb3PUN1wgHFpyhkp27H981B9wuG7n4gre006mHQ==
age: 60370
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 21:21:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
webmail.tscomfortspecialist.com/
192.254.236.139200 OK 12 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10601)
Hash 0cfb1a130df868040092ef737ec74a13
f57aeefdddfb39e5ec9ad883cb5e9ce775c3d2ec
841a20668822243f5dadcc8965b8fe8d344950c526973c13e33f98b013321032
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:25 GMT
Server: Apache
Content-Type: text/html; charset="utf-8"
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate, private, no-cache, no-store, must-revalidate, private
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 12164
Set-Cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; HttpOnly; path=/; port=80
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
roundcube_sessauth=expired; HttpOnly; domain=webmail.tscomfortspecialist.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
Horde=expired; HttpOnly; domain=.webmail.tscomfortspecialist.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
horde_secret_key=expired; HttpOnly; domain=.webmail.tscomfortspecialist.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=80
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
imp_key=expired; HttpOnly; domain=webmail.tscomfortspecialist.com; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=80
roundcube_cookies=enabled; HttpOnly; expires=Fri, 15-Sep-2023 21:21:25 GMT; path=/; port=80
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
cdn.optimizely.com/js/13477600374.js
23.38.200.155200 OK 107 kB URL HTTP/2 cdn.optimizely.com/js/13477600374.js
IP 23.38.200.155:0
File type ASCII text, with very long lines (65468)
Size 107 kB (107115 bytes)
Hash e0e6b4bd99e9d5e75d435e70f6f93ab2
dad5cdf6f4f20623855bf3a8cc35ee34ca3be9dc
dd20930d9200369933ab65b70eca2a1ce38eafa3ff23164eb128e9fe9fc50dd9
GET /js/13477600374.js HTTP/1.1
Host: cdn.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1E757JGwSy765cud3ZGfWRfg9IPNuK97axkoNNhxy8Xib1gs0kwK5KamIHKHjB7Sgbg5PCjZQvs=
x-amz-request-id: 6M01KK4GPR7GM897
x-amz-replication-status: COMPLETED
last-modified: Fri, 09 Sep 2022 19:38:10 GMT
etag: "e0e6b4bd99e9d5e75d435e70f6f93ab2"
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 10507
x-amz-meta-pci_enabled: False
content-encoding: gzip
x-amz-version-id: B77aXARnts.vnMEkKDFc2JcpqUcsTHO.
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
server: AmazonS3
content-length: 107115
vary: Accept-Encoding
cache-control: max-age=120
date: Thu, 15 Sep 2022 21:21:25 GMT
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="2";dur=0,cdnip;desc="23.38.200.155";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
access-control-max-age: 86400
access-control-expose-headers: x-amz-meta-revision
access-control-allow-headers: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/open_sans.min.css
192.254.236.139308 Moved 140 B URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/open_sans.min.css
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document, ASCII text
Hash 12dd16fe00ee41e8fce6ba65f2e54185
5b201c6105293322c0fabe04a08ba25d39f4fc34
45a4114a6028342af2282ed4918d49b37df46a778620fddcc99feb068a3b3927
GET /cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled
HTTP/1.1 308 Moved
Date: Thu, 15 Sep 2022 21:21:25 GMT
Server: Apache
Content-length: 140
Location: /unprotected/hostgator/fonts/open_sans/open_sans.min.css
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 21:03:22 GMT
Expires: Thu, 15 Sep 2022 21:05:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mgjaqaKDy-Kbak39CPftuc5yLzEMXaOLo2dguz87hljAiH9xIr_PgA==
Age: 1083
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
192.254.236.139200 OK 27 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (36306)
Hash cb4c4dccfd537ad9bee3e8e0b1d4e66e
63b0615e9b80b7a31ad1fe1eefe6fef4c0178fc5
8db9e24d5c776f9f40adb4c1a6273f03211d2ab70d560b4bf4ba5242252bef81
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:25 GMT
Server: Apache
Content-Type: text/css
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:25 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 27213
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4248
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:25 GMT
Last-Modified: Thu, 15 Sep 2022 20:10:37 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
webmail.tscomfortspecialist.com/unprotected/hostgator/fonts/open_sans/open_sans.min.css
192.254.236.139200 OK 526 B URL HTTP/1.1 webmail.tscomfortspecialist.com/unprotected/hostgator/fonts/open_sans/open_sans.min.css
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6478), with no line terminators
Hash 46d4762ce5af0cc3d9238a034ec064bf
528237daef4cac8251efb966b06e12b8be4ff339
3b0a9269aa044ca0e7ea507b77b5f1a9f173555906f26dc389f8c0538d502dba
GET /unprotected/hostgator/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://webmail.tscomfortspecialist.com/
Connection: keep-alive
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:25 GMT
Server: Apache
Content-Type: text/css
Last-Modified: Tue, 23 Mar 2021 16:37:21 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:25 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 526
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
www.googletagmanager.com/gtm.js?id=GTM-PPNLL2
142.250.74.72302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-PPNLL2
IP 142.250.74.72:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f7306f9da50817ff4d29cae1cacb7879
1d17822a6d9f3fe9054be84744744364108f754a
c999f86febec3fafac94da0ff4feecc36f415a7641296b5c756d4010ed5674e1
GET /gtm.js?id=GTM-PPNLL2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-PPNLL2
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 15 Sep 2022 21:21:26 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
push.services.mozilla.com/
34.210.107.213101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.107.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bJng1kcE+jUzlt+KI2OxNA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QZZbdsMFrh9pdjSrxesZACDK7RI=
webmail.tscomfortspecialist.com/cPanel_magic_revision_1537980141/unprotected/hostgator/images/webmail-logo.svg
192.254.236.139200 OK 2.4 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1537980141/unprotected/hostgator/images/webmail-logo.svg
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5359)
Hash 7d6ecc48b4bea08435c0ece1be65a3e7
f8318ac4f0cffa68aec0b261f0b5c5550b711075
1e35816d21c56bbc18f78104747ad8577f761e88f13d0ae292ff2df364fdd125
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1537980141/unprotected/hostgator/images/webmail-logo.svg HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/svg+xml
Last-Modified: Wed, 26 Sep 2018 16:42:21 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Content-Length: 2399
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-error.png
192.254.236.139200 OK 1.0 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-error.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash a3265cc598ae28633c060889e790f80c
57530d6996c8f36711ef05681474b8f63d4184b3
bcaf01928e5c7246ab0bb7e83f609b485a67a5e442d3dd94539a883c11fb70cd
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-error.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 1026
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-username.png
192.254.236.139200 OK 320 B URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-username.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 07ff84f8c855e5fe9d510ff5c9a4b1e4
11c262053e2b9be57d1dba7cb3d916ef041a0e50
05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-username.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 320
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
www.googletagmanager.com/gtm.js?id=GTM-PPNLL2
142.250.74.72200 OK 96 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PPNLL2
IP 142.250.74.72:0
File type ASCII text, with very long lines (34794)
Hash b2ef8049835d771a41c5bd24ec6d6fc6
0029b3a0e2af6bf18d1ae8d7b65d03ff21b36463
11d1f354e88d7be90c6f182f0701bd849102668613a480afad64a2f8fb4711c7
GET /gtm.js?id=GTM-PPNLL2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://webmail.tscomfortspecialist.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 15 Sep 2022 21:21:26 GMT
expires: Thu, 15 Sep 2022 21:21:26 GMT
cache-control: private, max-age=900
last-modified: Thu, 15 Sep 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 95670
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3b816941816ca5fed922c0604e9da8dc
94c14ea6c512c6c262479b4299f1cd4dd99ea5cd
a05000788114487ba8b8c661ba1370b29c96a93a16275b3fab497cf75722b51d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-info.png
192.254.236.139200 OK 976 B URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-info.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 14146cf832470d9beca95a708a1d6f8d
d4b506f92876baea69409f3a78c4718757a53b33
95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-info.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782; timezone=Etc/UTC
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 976
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-success.png
192.254.236.139200 OK 962 B URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-success.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a0ec2a6468d4d1aa3fc2baa70271ac8
a31fb01790aca8dc1976450e4234cb6ccc328956
cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/notice-success.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782; timezone=Etc/UTC
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 962
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-password.png
192.254.236.139308 Moved 131 B URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-password.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document, ASCII text
Hash 65da79b6d6d4dc098f73c692c863c791
47c13d6d53b87373f3ebd971ec08187ebdba1feb
f74bf02f5c64b44c1aa827ec8de45b7554ba1e8da83f44dc6ee574ae61e240ec
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/icon-password.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 308 Moved
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-length: 131
Location: /unprotected/hostgator/images/icon-password.png
Content-type: text/html; charset="utf-8"
Cache-Control: no-cache, no-store, must-revalidate, private
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Regular-webfont.woff
192.254.236.139200 OK 23 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Regular-webfont.woff
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 22660, version 1.0\012- data
Hash 79515ad0788973c533405f7012dfeccd
5092881fad2caffdc6bf71bdab1ea547b73d3564
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Regular-webfont.woff HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/unprotected/hostgator/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Tue, 23 Mar 2021 16:37:21 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 22660
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Bold-webfont.woff
192.254.236.139200 OK 22 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Bold-webfont.woff
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 22432, version 1.0\012- data
Hash 2e90d5152ce92858b62ba053c7b9d2cb
8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/unprotected/hostgator/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Tue, 23 Mar 2021 16:37:21 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 22432
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/warning.png
192.254.236.139200 OK 1.1 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/images/warning.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash a64b8c7407bf94cc4448cb210bb882e7
a526cf52b2c5b6c2d0409b886de4aa968000fcd8
7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b
GET /cPanel_magic_revision_1631732355/unprotected/hostgator/images/warning.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782; timezone=Etc/UTC
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 1060
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Semibold-webfont.woff
192.254.236.139200 OK 23 kB URL HTTP/1.1 webmail.tscomfortspecialist.com/cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Semibold-webfont.woff
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 22908, version 1.0\012- data
Hash 697574b47bcfdd2c45e3e63c7380dd67
4590722b795938e0b6ff1b99701d1abe37aeabef
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Analyzer Verdict Alert fortinet Phishing
GET /cPanel_magic_revision_1616517441/unprotected/hostgator/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/unprotected/hostgator/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: application/font-woff
Last-Modified: Tue, 23 Mar 2021 16:37:21 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 22908
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
webmail.tscomfortspecialist.com/unprotected/hostgator/images/icon-password.png
192.254.236.139200 OK 450 B URL HTTP/1.1 webmail.tscomfortspecialist.com/unprotected/hostgator/images/icon-password.png
IP 192.254.236.139:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 7ac1cefcb7eab93c6d6981ecde6c1635
1523f8cb80ab19108549d0b7db31a58b71c05d39
a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053
GET /unprotected/hostgator/images/icon-password.png HTTP/1.1
Host: webmail.tscomfortspecialist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://webmail.tscomfortspecialist.com/cPanel_magic_revision_1631732355/unprotected/hostgator/style_v2_optimized.css
Connection: keep-alive
Cookie: webmailsession=%3a8KJ16sLjPnwMDxj_%2c723ce6c2b91fd0c5eccf447d7abd3cba; roundcube_cookies=enabled; optimizelyEndUserId=oeu1663276870550r0.03635316059652782; timezone=Etc/UTC; _gcl_au=1.1.411100043.1663276871
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 21:21:26 GMT
Server: Apache
Content-Type: image/png
Last-Modified: Wed, 15 Sep 2021 18:59:15 GMT
Cache-Control: max-age=5184000, public
Expires: Mon, 14 Nov 2022 21:21:26 GMT
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Length: 450
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
cdn3.optimizely.com/js/geo4.js
104.110.9.127200 OK 302 B URL HTTP/1.1 cdn3.optimizely.com/js/geo4.js
IP 104.110.9.127:0
Hash 56e10233eaa57653e63ee929e1c619cf
864e4dfc0f6b0a2d73680b80eb476003b303eab7
4515bfcea10a9dfd175ba279138db6023e67d536edb9c9b542b4af85d8fc7146
GET /js/geo4.js HTTP/1.1
Host: cdn3.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
HTTP/1.1 200 OK
Server: AmazonS3
Content-Length: 302
Content-Type: application/javascript
x-amz-id-2: loliDaOn4KUzoN31Z5msbI3R6cAVr5vDXx7Fz1bTz/wg17ywd6/W1z1jFyM7hpvEyXRTQOZfhl8=
Vary: Accept-Encoding
x-amz-version-id: F8W1XaLRNmnJXrMgZ6ZMuxtE6L376GC.
x-amz-server-side-encryption: AES256
ETag: "8777c006589ecabfa3d63a6b5bf24393"
x-amz-replication-status: COMPLETED
x-amz-request-id: 4YSEQAXQGR2X4TNS
Cache-Control: max-age=55074
Date: Thu, 15 Sep 2022 21:21:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3489
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:26 GMT
Last-Modified: Thu, 15 Sep 2022 20:23:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=388E539B81796B4F37A141BB808C6A80; domain=.bing.com; expires=Tue, 10-Oct-2023 21:21:26 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: F77AE4FED467429CB8CE96BEC6E517C0 Ref B: OSL30EDGE0209 Ref C: 2022-09-15T21:21:26Z
Date: Thu, 15 Sep 2022 21:21:25 GMT
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash ecb99528d18dbe7952eac9618eaf2d8e
eb59bf3afc849403fa3dde09b75b5fc51f29e7b5
bcecfe43bf3e0f22ff425fe630e189d28fc3ecdc9764dd1686599e5ce59f40cc
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: V16O7Hv1KApObwf/wjm/PPLfRFfZBJcdmnvcSuMm6Qmt8kYHIyHIgXW7T/NGWsz6TwR5D0CatLZ8Y27irFzU/Q==
content-length: 26872
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 21:21:26 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7dff4bc87dbee6fd33e0d7a3dc5ed3bd
59878d4dd98e60b39dcf7ac288e77bb262afab5d
8c3a027cee1f48144eb0504deff1f2b9aa98c9fc3f4e3057ece6caac9f604315
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3489
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:26 GMT
Last-Modified: Thu, 15 Sep 2022 20:23:17 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
bat.bing.com/action/0?ti=5797759&Ver=2&mid=a9a7878f-0f2e-497d-984e-52acf033be6d&sid=52351d60353c11ed9f1ccd0d1b0d168f&vid=523519f0353c11ed94fd5705435d4960&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Webmail%20Login&p=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&r=<=1306&evt=pageLoad&sv=1&rn=431960
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5797759&Ver=2&mid=a9a7878f-0f2e-497d-984e-52acf033be6d&sid=52351d60353c11ed9f1ccd0d1b0d168f&vid=523519f0353c11ed94fd5705435d4960&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Webmail%20Login&p=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&r=<=1306&evt=pageLoad&sv=1&rn=431960
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5797759&Ver=2&mid=a9a7878f-0f2e-497d-984e-52acf033be6d&sid=52351d60353c11ed9f1ccd0d1b0d168f&vid=523519f0353c11ed94fd5705435d4960&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Webmail%20Login&p=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&r=<=1306&evt=pageLoad&sv=1&rn=431960 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3F75B4404CD16B05367EA6604D246A77; domain=.bing.com; expires=Tue, 10-Oct-2023 21:21:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 497C8280547F4351AAC44E4672AF165F Ref B: OSL30EDGE0112 Ref C: 2022-09-15T21:21:26Z
date: Thu, 15 Sep 2022 21:21:26 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/5797759.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5797759.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5797759.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=2657588A71A165472BC14AAA705464AE; domain=.bing.com; expires=Tue, 10-Oct-2023 21:21:26 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9BC379B21A047A79DB3EFE077FA8DCA Ref B: OSL30EDGE0112 Ref C: 2022-09-15T21:21:26Z
date: Thu, 15 Sep 2022 21:21:26 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bddacd392181526331471421f5bd0ec0
4e52de803321e2420b714a4c5d3404bb4777ad37
4f6be3aadca87289f453cf198a2e173db1bda3f758ae24dfaf8cd68c1a7d5bd3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 15 Sep 2022 21:21:27 GMT
Last-Modified: Thu, 15 Sep 2022 19:43:06 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: QQV-v-537msO8OfBTAcvqhW3hRcbqFpNCN_gtoMuElVPmxX417vgnw==
Age: 5901
connect.facebook.net/signals/config/393095817498804?v=2.9.81&r=stable
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/signals/config/393095817498804?v=2.9.81&r=stable
IP 31.13.72.12:0
Hash 62102e7d1d61ac5d8a714a4049b01c6e
3783a703317e43a3ad2627c3b572b164d0a87358
b4799a6e2e2555434101f16fe28974355badc41fb1df1732c2b132ebc8ce5380
GET /signals/config/393095817498804?v=2.9.81&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: E4yjgWgkxtjVe+oTw2Xuo9vLuy2jsb9gwWugVBEAZfpaOZPZIp1nV9ySmp3MvtuIOATwvrXKGa7HTYU5luENkA==
x-fb-trip-id: 1904183273
date: Thu, 15 Sep 2022 21:21:27 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8506
Expires: Thu, 15 Sep 2022 23:43:13 GMT
Date: Thu, 15 Sep 2022 21:21:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9bfbb189fcbbdc76ff274e424f39053
de008d728f2274f08019c97bc969ddd6fe64a65d
a4f07d30f29e785e2ee605aee590ab928c3e1412f4dc61ff163cf32445cc3af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F07D30F29E785E2EE605AEE590AB928C3E1412F4DC61FF163CF32445CC3AF4"
Last-Modified: Tue, 13 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8506
Expires: Thu, 15 Sep 2022 23:43:13 GMT
Date: Thu, 15 Sep 2022 21:21:27 GMT
Connection: keep-alive
logx.optimizely.com/v1/events
44.197.38.44204 No Content 0 B URL HTTP/1.1 logx.optimizely.com/v1/events
IP 44.197.38.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/events HTTP/1.1
Host: logx.optimizely.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 740
Origin: http://webmail.tscomfortspecialist.com
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://webmail.tscomfortspecialist.com
Access-Control-Expose-Headers: X-Results-Data-Source
Content-Type: text/plain
Date: Thu, 15 Sep 2022 21:21:27 GMT
Server: nginx/1.21.0
Timing-Allow-Origin: *
X-Request-Id: 9e205b27-d762-48a7-b92e-d0c758eab14e
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 84982
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9ybN4lIqGCbpld1PvmjrIpnYNgHGTSgg6Qc0o8xg-ttlTvX1uNa9dQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:21:39 GMT
age: 3588
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 81888
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VZ88wGjWdv9DOhonVamk_UnGmavT535eEa4o2sfgskmE0x3QX5iBIg==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:21:13 GMT
age: 3614
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 82536
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: 6f825856-ec1a-464c-b8ef-f15de0d4017f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeINiGs6IAMFk7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632253f0-647208bf01fe44904b3352f0;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:21:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SJGy4ZhoAlHiv-yUCAnGWG9o2qnl8xhdHhxiwmSvaSP9fdDYOVu_-g==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 20:22:02 GMT
age: 3565
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=393095817498804&ev=PageView&dl=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&rl=&if=false&ts=1663276872079&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663276872079.290134355&it=1663276871211&coo=false&tm=1&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=393095817498804&ev=PageView&dl=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&rl=&if=false&ts=1663276872079&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663276872079.290134355&it=1663276871211&coo=false&tm=1&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=393095817498804&ev=PageView&dl=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&rl=&if=false&ts=1663276872079&sw=1280&sh=1024&v=2.9.81&r=stable&ec=0&o=30&fbp=fb.1.1663276872079.290134355&it=1663276871211&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Thu, 15 Sep 2022 21:21:27 GMT
expires: Thu, 15 Sep 2022 21:21:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 91dad4479f7dcb623266cf0dcfef5875
9fcf1f0e16c17a43021ab8fb01089d2d9c9f1d3a
0dc4f9c3ecdccb7e1b7a651c72ee63acc06482b362f060547534c3196e561412
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 15 Sep 2022 21:21:27 GMT
expires: Thu, 15 Sep 2022 21:21:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8ff1c0d8a380ce4a561609526d995bf5
135ecd7e71ea2823d39f8c1efcb2121618ed8167
f7228281af8d6de222aa47b3a78a627f85315244e65a8956fa2c0c7dff1bb7ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979603/?random=1663276872290&cv=9&fst=1663276872290&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&auid=411100043.1663276871&hn=www.google.com&async=1&rfmt=3&fmt=4
172.217.21.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979603/?random=1663276872290&cv=9&fst=1663276872290&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&auid=411100043.1663276871&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2194), with no line terminators
Hash 516794ccdd33211587d3450a2207e07e
4032a2b3516a7ea1f72fc59527f6e7cd91aa40ad
40dc5330d785584762c6530fa926750a1b5d94d4a62b2a0adedd27583bb6070a
GET /pagead/viewthroughconversion/1071979603/?random=1663276872290&cv=9&fst=1663276872290&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&auid=411100043.1663276871&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 21:21:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1016
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Sep-2022 21:36:27 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 848674a3bc6b0d4d6cba22b140c574bc
ec95f08f3a5b022c3753f78e30f71d03e2895d78
069aaae82ec20e5bbcc694f9603bded464798891e5e2abc27baadeace22f6a05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/1071979603/?random=1663276872290&cv=9&fst=1663275600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&async=1&fmt=3&is_vtc=1&random=793837001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1071979603/?random=1663276872290&cv=9&fst=1663275600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&async=1&fmt=3&is_vtc=1&random=793837001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1071979603/?random=1663276872290&cv=9&fst=1663275600000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&frm=0&url=http%3A%2F%2Fwebmail.tscomfortspecialist.com%2F&tiba=Webmail%20Login&async=1&fmt=3&is_vtc=1&random=793837001&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Sep 2022 21:21:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db503d6c6780cb1b8dfeffa10a50eada
51a459bdc02f20576031f526be6788f653095d94
b7a653d3c381c6cea5b6838aea01a7de8ea5c2d8bdf5ff92c4cd5c22829c8e8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 21:21:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.hotjar.com/c/hotjar-23213.js?sv=7
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-23213.js?sv=7
IP 54.230.111.113:0
GET /c/hotjar-23213.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webmail.tscomfortspecialist.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 15 Sep 2022 21:20:38 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/1a15e61b1fecaeea286b3e7a7449a11a
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1l6S8SyGieAlX6nWuckVTslazayUjFrohelvN0wLQyOUsRZZ28lGYA==
age: 49
X-Firefox-Spdy: h2