www.navysign.sa.com/Kexkfc/rhlmg873555pqvh/PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
104.21.44.239200 OK 539 B URL HTTP/1.1 www.navysign.sa.com/Kexkfc/rhlmg873555pqvh/PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
IP 104.21.44.239:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3423d48d2abf7f54e241b2c88e5cc4d4
3dcb082665122419521489b21983ae421a6a72c8
e06be52b45a31f5e2bcccbac3c1d6278f26a25c586948fa534ce1723f5efc8c4
Analyzer Verdict Alert quad9 Sinkholed
GET /Kexkfc/rhlmg873555pqvh/PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25 HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaWuLE2woNHi41xXyaV2DCuWqjxtPQexL5Qnf2b18fdWluTrJngm%2FEWXzO4iCDpBJvM00KWNFkrPMYe3bw34e2xWNLc5S1HYVv1NTxIfBEYgJ74xw2yyKp5%2B%2B5AwChUUtYU747eK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74976b421f821c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Mon, 12 Sep 2022 10:25:22 GMT
Date: Mon, 12 Sep 2022 08:54:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 08:08:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Oc6Iqkc31k_WZ9lJIWNg_48s8PEODXWjmaD48Sz6dQUkzSSSVUFtHg==
Age: 2782
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WY7pgbKYI4YmWKXdcoKSxWGSBJ03qFmfENLTpUxdKNl_jbVKv2Igjg==
age: 5840
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 08:54:32 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-22484186-3
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 1be49437b2ec63b24a285ae7fe01a0ac
99ab539da474c94f8adfbfafbe4fdec13fe1c546
7b5fb3c6e0b20520894aa70446b49e03aaec9284061b87bf2f2d5129cf2f3bdb
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 08:54:32 GMT
expires: Mon, 12 Sep 2022 08:54:32 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41961
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c3d8032059a24d14d00c2ee5d8840c01
62efae1ea6aaea612a12d42b6e5b65d24be11437
2319fe90c8b4d3cc41ec9cce275c82d19fb764015196bd1c52dfb9c5d85b9b0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.navysign.sa.com/jquery-1.11.0.min.js
104.21.44.239200 OK 33 kB URL HTTP/1.1 www.navysign.sa.com/jquery-1.11.0.min.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
Analyzer Verdict Alert quad9 Sinkholed
GET /jquery-1.11.0.min.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/Kexkfc/rhlmg873555pqvh/PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:03:39 GMT
ETag: W/"62e8238b-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFB%2FhE%2F%2BFjupBG4N3MrJjAnlylDztI4TY6qLCp%2F4OtMAY3L2brR1GL7yhcmFgGLK49uFoXrYZ%2FEj634%2BkYEqxfvYBFhtq0JMWKZV6DT71SaVpeAugGMszzDGSb0yprKrMe2DqvqG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b445afb1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 07:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 08:43:47 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qXnfL0Pb_-xmVeGsAvc-apuroxcavh6qkemL0NcTgOf_-8zMA6a4og==
Age: 3505
www.navysign.sa.com/offer.php?id=373&sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
104.21.44.239200 OK 330 B URL HTTP/1.1 www.navysign.sa.com/offer.php?id=373&sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
IP 104.21.44.239:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f44a3a42633b36ef75bbaf324741c5c9
c068378e704238308c6bd3426caaa479efdf08e3
1a051e78ecf5b06bf488b498b4ad0243565caca715859876792d722b5e98eda9
Analyzer Verdict Alert quad9 Sinkholed
GET /offer.php?id=373&sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25 HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/Kexkfc/rhlmg873555pqvh/PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iylUnk%2Bf%2FAp6ATeM6Akm2xyeIZycOMsxVWcMCkMnV7GTCyXJZ5uXN2RIpcW8MoMqSfmAYmQeAnJeIs9R%2FyukOkD5I9n9NIsCIiBxxXrCLupRLuXxwkbcstFyMPFNydIcAywbZCfz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74976b464d521c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5239
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:33 GMT
Last-Modified: Mon, 12 Sep 2022 07:27:14 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
fast.wistia.com/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/2 fast.wistia.com/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=315360000, public
content-type: image/gif
etag: "631b786a-4be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 09 Sep 2022 17:31:22 GMT
timing-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 12 Sep 2022 08:54:33 GMT
age: 228068
x-served-by: cache-iad-kiad7000029-IAD, cache-bma1627-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 3128
x-timer: S1662972873.190775,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 96
content-length: 1214
X-Firefox-Spdy: h2
www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
104.21.44.239200 OK 14 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
IP 104.21.44.239:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16084), with CRLF line terminators
Hash 5bd9ddfdcd58c1e4e3985feefd71b2e1
bbf6f18695bfe651ed462cfbd3c85b09617d3baf
22c76e80fa04485dd88fe3a011b6a9656c680a03301e440776e150c4ae5096c9
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25 HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.3.25
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NagU6MD03FTd1NEJ3L3gR8RuVv75gshBZPXtC0PfQHtSJw7w25tlfKbCKjj78kumV28kNk6%2FEGvf9rflNURfg7GqlqxWkwsoxJrF9V3DTQAdYsnGjssz3LzLMyfjNXohPS1LcV%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74976b479f0b1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/modernizr-custom.js
104.21.44.239200 OK 1.6 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/modernizr-custom.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (4277)
Hash 3b0b7910dbc74a70a84d5aaadd6dd5d8
ede9efa01f4f13ff72a4e0ec38f861fb0038997a
ffceb69c04fb2f1c15b6212bf27ab6a5e40522a273ad49fd3d4a05578f49d2c0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/modernizr-custom.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-114c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyrjW%2FjOSWKOzBBBx26dtJtm47axqn5UOZlzOym%2FOkH1P5MjlY6A67%2B8FdqO3105Mhatb%2BrW%2BzFe5tExHQxOzb0lthyjA8X6ETIZVgOWyv812i8ETQfI0sTPa2Ay2iUsbvb9MmzR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b490b241bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/blueshift.js
104.21.44.239200 OK 2.0 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/blueshift.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (4246), with no line terminators
Hash e510f0f99cb3baeac9c35553b8aec6f7
af64d1fc4bf5aa002596afa0d3c52a396ff69720
df549f295116025c11a3d9c8c4491963ba4f08ef3b3aa6eaa29542777cac70b1
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1096"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYkRJsi3TCtjZ8GB%2FxQJhqdDqtpGMiJPqgpOQZ8kve9hHK6q54xqKoUmTZ5XTqXIp5%2B18I5ngd7cov70lg5PxAjTwJW%2BW4imCEbYbhZ3M3cmQ8AV7wjJJ7wA7du%2BZNGtkDBQL9Zp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b490cb7b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/css2.css
104.21.44.239200 OK 1.1 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/css2.css
IP 104.21.44.239:0
Hash 53163eba0cf2d43dc392eca69fc2bfca
6f8c761a3da4e24bf7061f156db65a9f540c9c6f
a06dd967385fb560f7d9cc68fe9c7ee4e9476d33c4f5416d17fd953d1c2b0421
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/css2.css HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-65d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E64tLqREqkOebMmFzWwn6Wcd3J%2BX0EB%2B1izzg%2Fzm5Zb4fJ3lDPudnfOeQi%2BPp5y1zZ0rWvyx9GSxtxIbjnD%2Fu12pON126dcvbunmIj4qUHU0C34SffDNMcT3MEek7uJHp17VkK46"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b490b5eb52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/blazy.js
104.21.44.239200 OK 2.0 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/blazy.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (4991)
Hash b8116e5ca2a0e5c405502b6ee3cc25c5
52992193091d2872454ff3015f5d1756fd6b67f0
a7ed5eb0e7d7f08e31b08c515cbd6f491e18583106a549d060f1b4941f85c506
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blazy.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-1448"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti6IXR9tkqEz2N1zWtvvMhZ5ri7NW8mrZEj4zh%2BQUPDcDtUMJcOnd4CpxigXQCACFS5IRnr6HUL6mAjmLKZ7k8s2TuFLFDTHbIUkBVbbUsuDxuoNmzrtIvuyunnOfXf7CIHCpTyb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b49bbd61bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/gtm_002.js
104.21.44.239200 OK 68 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/gtm_002.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (62413)
Hash 6fdc4ea785ec4cc00f67e91ee7b38ba8
72458fb5a66d19067d7c24be9a9c7154925fd964
130d86eb0dbe7b3ec701e78d18f6982db50feffe7597e6241bf045776ed62b7f
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm_002.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e9e8"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exvUp4NZSHf9YnhOIia%2FpkYWeTQZzZgfP6DwGZntKLNBHdER5MZJqQnl7t%2FFjISm8j2SznRa6uuU4ZEq50DEqXmgJbgX9BpBILB%2FF4pGIyIJ3inUF7D92RzR6DTml8XuIjZ1V4Wi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4908d60af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/jquery-3.js
104.21.44.239200 OK 20 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/jquery-3.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (54348)
Hash 56fc9633833c473831b8772b20db4222
0f10326f6916de5303c92b3305ddcf3f64717242
0b64c12f01acfbac88bfac17bcfbe537a3be0c50ac7945309ca2a53378c930d6
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/jquery-3.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d573"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0BbYzH2rEN7ZsU93L0xmYwTPOQeXjFicDQHVSxnQQoSel1bfTCnejYLlg56Ki78%2FBJsQsCWdvE3Wcm0KT8jdtLUQov4kLc%2FZT2%2FswRdHt6wuaSHz6UyBZHY%2BSEJOp%2FbwvGPBcoe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b49a9191c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/pre-vsl.css
104.21.44.239200 OK 2.8 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/pre-vsl.css
IP 104.21.44.239:0
File type ASCII text, with very long lines (10514), with no line terminators
Hash a6194a7ab9c22bc59390745f841b48aa
a247bebbd2a37da8e811a7194f9328c84ec56170
a3f25cc361c9d1ac5f237abe450e0795863f6d635a2b54dd731320e24a4ccefc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.css HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2912"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eX%2FzO0ZNAZKIEPJA%2BdEbUNIQmmDwnTF7XEPm%2BbkzSEzLnQi2yAp4k9VfefsOxQ1p%2FjcGxEL9BZZIu5U29ZGv5i7XHIj0DXIqzbx%2F6%2FhhgDpDNzCbhrpLGv6R61L6HtJDBKciii04"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4a5c45b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/ctrwowUtils-v2.js
104.21.44.239200 OK 11 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/ctrwowUtils-v2.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (33542), with no line terminators
Hash e6bde883be6ad8515c33ef779bd321f7
137f2bf9436f3f892c3e176da7429b171736d52f
9c1c652b9439d825b0a4bb12fc127a9a4b3397c1103becd5b6630541151bb11e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwowUtils-v2.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-8306"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U33e8wgE4fh1QgimWu6V9uPMsJG5mVwrrokg6mkwwX4nAngdFAykF7DTsC2mBdEGLTINHrF6goRBVrXre%2B1G5A6Q%2F9%2Bu6CosnuPt2uMaQ8%2FNP0JKreBiIzYwzXG8Y5gQrucjlzB5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b49edc6b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/gtm.js
104.21.44.239200 OK 69 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/gtm.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (55397)
Hash 5fa1c01b5d91b87b894513a1abe72ebb
165aadc0a4a01222146e4f7281e592532da95796
5d4826e8ff74dba968c57d47d2bbe791508729c389d445abd680e608dbab39d0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/gtm.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3a09f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma3uBpshLHJeORLovzPFIrKxNaEzl0fcvEiNiDexA%2B9RWPcbmVIAsgzf3GNjjNuNZ9uOu2DnXZgSQz5gsRR%2BJ6prHQd9a%2FRqDO6GJvspiJ9offsRCaaVqNDl6m%2BRl8iQR3Q0UuWR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b490c551c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
104.21.44.239200 OK 12 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/CTR_FP_TRACKING-v2.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (41829), with no line terminators
Hash 0295b973fd65376712df8353df786270
08c89d5801568d82ff1a316f444ac89a70138006
065905d0503934ee11aac8cfbfe36c4476c94f93dcaf980367f76030a881b87d
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/CTR_FP_TRACKING-v2.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-a365"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKseze7GjiqMzHarJAZdCvtBEghUs7xdFqHiNFDwe%2FDlfn%2FQhyPlBeesUXwDwgzW%2FAE5EuT30VYqK2TDI5BfgPTcPkoCq%2FEAXQvx1oVvKZ6yJ4OyZ3%2BzIVbZqWKNpDb6TqqXg8J1"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4a5c5d1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
104.21.44.239200 OK 3.0 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (8769), with no line terminators
Hash 53c890fc05fb6b6f2ba47d4efb27c270
1ddeb2e7e2457457afd49eb36ca322b8974b4503
f95f367cdc41e82a967eb190867b0a08dea30585fc45c0f4f5dcb43886d752bf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/CTR_FUNNEL_TRACKING-v2.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-2241"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NPnGzMUAozZN81eC4SUzzhL2fv8Q%2BVGxjXy9YL%2BGHTkIl16AtCsH4MptBRLz4kmhYJwMCvXhE%2FYeeByikX84HCL5vO39Tw4CmACAfKkQWBs9Ovzvd246cdukUD241ABNpYFAdfn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4abaca0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/pre-vsl.js
104.21.44.239200 OK 4.3 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/pre-vsl.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (12372), with no line terminators
Hash f1bde3c479fc31ed81fa769c1385710e
238cec8e873157b500f313ba9b1b8ed32a632f3b
03a9e4b87446916d42182a7bc7912d2fd7d25d9efbdb4a13dae39834a3eab00e
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/pre-vsl.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3054"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WUR2IyjwtDgn2GCd0Zw43eM0MeSxnm%2Fli7r6sfAjiO0MJUhqvr4cCdJ478E96Ev3z%2FNElrQSBY35OVw%2BiNORgq1ot%2BkAx9GnfN51lgbf6IZ4Qvco52WtXW0H5cfzB6LcEEKhodA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4b2ebd1c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
104.21.44.239200 OK 9.3 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/ctr_heatmap_tracking-v1.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (30558), with no line terminators
Hash 1db1146a85840c35a9b14adf025fab66
8a96cbb216131380e65e2309ddc95102c4ca40b2
2cc882d7ca1ddde7f0b740d1715427768bb32a4058c613109ab107fb483203a7
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctr_heatmap_tracking-v1.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-775e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qkd%2FQv6I%2BSmqnsxPMqPbWubnFluoNScymandLpYCGPHGRF2s3sx46h3pzOz09gNeVgZ9mJWVWwMtqbYCfo6r5nyAG9%2FtjnTrL9XWxLxb8aBvFFdFjZ6Uld5pEdU9uYakoW3K%2FuE5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4afa951c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0\012- data
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15688
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 10:09:08 GMT
expires: Wed, 06 Sep 2023 10:09:08 GMT
cache-control: public, max-age=31536000
age: 513925
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.navysign.sa.com/clicks/circaknee_files/blank.htm
104.21.44.239200 OK 548 B URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/blank.htm
IP 104.21.44.239:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank.htm HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
Cookie: _gcl_au=1.1.1562318018.1662972862
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPvRXmg31GGMn4JhLCLPKnWSYAoP8HFnDXjGuzefBGOzpHa7A6yPdavaCLNyv1T17c6emavohodfSDCwpLxyaEODh7EIMIC4PU0YhLs05cOBiPhfdFruIThLsfZZA5uW9buo32Ck"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 74976b4b8c0a0af6-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15828, version 1.0\012- data
Hash bf28241e67511184c14dbd0ef7d39f91
c706e0a4122ab727645b744c21667390e8898a4d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
GET /s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 05:46:24 GMT
expires: Wed, 06 Sep 2023 05:46:24 GMT
cache-control: public, max-age=31536000
age: 529689
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash f00e7e4432f7c70d8c97efbe2c50d43b
d836c7d4bc52bcd67626b8960ae030ad315c2507
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
GET /s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 01:28:54 GMT
expires: Sun, 10 Sep 2023 01:28:54 GMT
cache-control: public, max-age=31536000
age: 199539
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15732, version 1.0\012- data
Hash 80fe119e5efa3911b9d61b265f723b3d
34f751a1b1a0c1c0b5264b99f490e689db939657
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
GET /s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15732
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 21:52:56 GMT
expires: Sun, 10 Sep 2023 21:52:56 GMT
cache-control: public, max-age=31536000
age: 126097
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.navysign.sa.com/clicks/circaknee_files/ctrwow_analytics.js
104.21.44.239200 OK 18 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/ctrwow_analytics.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (55555), with no line terminators
Hash b4122018c18e0056422bb66c626070ee
836971bf8615cf908a985bf6307537cb10a84d15
f8ade1457ef938e60eb3f133e0e26dfa9a6eef5e74fa1aff540b12d8fcea41cd
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/ctrwow_analytics.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-d903"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvzFPmlGnYsuS2mNimFqDeMFHi9NVvLD6PpjoZwLDC7PLXWwObn0GXNAIxfc8sAzVudz1Uj39BxTyiSsHSgTHCW%2BuLp%2F2s71ZnHjwRYlYinhbwKYZBSyz7g7MFK4kp4GjLhPv95y"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4afce0b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.navysign.sa.com/clicks/circaknee_files/blueshift_wow.js
104.21.44.239200 OK 5.4 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/blueshift_wow.js
IP 104.21.44.239:0
File type Unicode text, UTF-8 text, with very long lines (15843), with no line terminators
Hash e65348c7a35e848a81cdfa547cffd09f
101070c91c21f9fe0ffd42fc17c8a0cfee2c56cd
4aa0a980550dad9808b8d4a80190720ad9c40d92b9e86c19919361a43d7745a0
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blueshift_wow.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-3e23"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jerXU7ZIjMf0KwftGS2NhxDbywgIJkYxT632u2IpuBVQCwCHCTuhT%2Bn3xmzGmw%2F4w2cNeRlrueJEQ95iJlgvHV%2FNGITZ1QY2zgH2wgBhD9TLuZqmhYbMK6%2FCNt3Px81pdx1HYYgz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4b7d1b1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/dmca-badge-resize.webp
104.21.44.239200 OK 1.4 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/dmca-badge-resize.webp
IP 104.21.44.239:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9985d83ad8ac83764331a13b920ac486
6991872ac8abd1abd1045d20f355ce4b124de007
286198e6e4eaa35a618b8c9c954584d5d8c19bb0720228a0546bea63995285fa
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/dmca-badge-resize.webp HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: image/webp
Content-Length: 1386
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-56a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSCLtnX%2FrJFQsQi%2FP9UeTHTd0n67mWQmgIMRS6BbWTDHJTAkStlwwbdyrYqz%2Bbe9uhJOnm7cOzrkMV9xdUrRQWnkSfc%2Fr4Bm89ayyA5mL9AN%2BPNA5Gw%2F%2BZ9ZW20yOKMI5UgZYPSZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4befa21c12-OSL
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/icon_shipping.webp
104.21.44.239200 OK 1.4 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/icon_shipping.webp
IP 104.21.44.239:0
File type PNG image data, 104 x 52, 8-bit colormap, non-interlaced\012- data
Hash ba2661585e30c45f0a39517480f9968f
bc126b42415e512f42aa551cc2af30e3d675ee8a
b8d83ff7d53074a841c50d8e17b38e41f8624b38f842fe4edad04f63fe9e4962
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/icon_shipping.webp HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
Cookie: _gcl_au=1.1.1562318018.1662972862
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: image/webp
Content-Length: 1431
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-597"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX%2BfWRdxXfadg9SgW%2FPHonbiPuL0z2uWa%2BIBjWmar2Mgu5umxxoYZxcRXBcnXntbczySBKrB67qD2Z1De12vIFHa%2BVOYzfaEsV96P%2F93bl4eF2sZb3XwfwaY8qH08w7zRPuH9ji9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4c3cac0af6-OSL
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/blank_data/inject.css
104.21.44.239200 OK 928 B URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/blank_data/inject.css
IP 104.21.44.239:0
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/blank_data/inject.css HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee_files/blank.htm
Cookie: _gcl_au=1.1.1562318018.1662972862
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2F9lXpAtWPL%2FiWof2NZkPbKWCpDI%2FKUlOH4BYDndxBJ5cSvZOcRHdpz4Ln6XvzLrMtEQ0PxElHwKXnFOCJmugxHcqgR%2FBFvELosHWqUVrdMLrcb1MKnG2ih8DDj5cWuygor20atF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4c9e261bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/caresole-logo.webp
104.21.44.239200 OK 11 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/caresole-logo.webp
IP 104.21.44.239:0
File type PNG image data, 250 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 1c5dbd2e1ce2316b00542d800ef78ce0
621e8e53b796f51192300283da10107a8ac30280
cfd90f4cf00eb0e2918940b49b27c69cade015d631b3d7ac31c227f624edcb83
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/caresole-logo.webp HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
Cookie: _gcl_au=1.1.1562318018.1662972862
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: image/webp
Content-Length: 11188
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-2bb4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tceLIYX3K%2B9ABi6TWF%2BZVA0h0Wnw5ZRcFsY5RYGNyoeiVTMQOCPmhUSwIphBDIkUpQOAjWTYgopnTvg%2FKqzgxF%2FXJ0s9DH4q3v9Zqr7I906w7fruz5e%2Fdz7Pj2GYN59huc%2FAnX7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4c6e67b52d-OSL
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
104.21.44.239200 OK 66 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp
IP 104.21.44.239:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/624bfc51d2fcbc0ebaac400b53014447.webp HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: image/webp
Content-Length: 65510
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: "62e823bb-ffe6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vV1EV6gp67XVdFJCs0VMX6Qi0jjGCJ8%2BRZyghADqMScB1O3HfpA4fdwicSlxn1qtIWRQ1VOenx3UHr7wFiktLBn9uYnMUp38lFn73uE9XvlZyA7dBlOex4ERcyiEpgzLKtnjn3X"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4bfb9e1c06-OSL
alt-svc: h2=":443"; ma=60
www.navysign.sa.com/clicks/circaknee_files/E-v1.js
104.21.44.239200 OK 154 kB URL HTTP/1.1 www.navysign.sa.com/clicks/circaknee_files/E-v1.js
IP 104.21.44.239:0
File type ASCII text, with very long lines (65459)
Size 154 kB (153756 bytes)
Hash aaaf417f60bc4b6154bc19e986c91100
cbec210ecfe93e0228665dd34c1ce55a5ad92cd2
5b77d5516120b74fe87c6940c863883d02db3306f138b897758e7abc4bd0dcbe
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/circaknee_files/E-v1.js HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 01 Aug 2022 19:04:27 GMT
ETag: W/"62e823bb-9b796"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WefOSvO0VejDTsuQApPzKYc1msInpcNeS1Pod72YackiJDrWqN40HTgkfi8Ste9OA0KNAYUvnTQx0BFnLHu9S1JfTlysby%2FW0XJpIKWdIvFQBfdS11tRXQlRiW4EAmr3zLHUacmd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b4b1f93b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
151.101.86.110200 OK 1.8 kB URL HTTP/1.1 fast.wistia.net/embed/medias/wl3c973xo9.json?callback=wistiajson1
IP 151.101.86.110:0
File type ASCII text, with very long lines (5598), with no line terminators
Hash a35dd610c6d78f8a5e553bbfa236a9d7
471a6403e119b17faeecb4ce98bd65ee5e4e0781
75bfb1ee8d37ab093925ee38b4ab214fed7dd939f8fa8252d4129e9c9e50d7cd
GET /embed/medias/wl3c973xo9.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, no-cache
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
ETag: W/"97a31bf50655e002192162070a423e05"
P3P: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
Referrer-Policy: strict-origin-when-cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: cb7e485cb147b9a476e0f2d5889f3478
X-Runtime: 0.075057
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1845
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:34 GMT
Age: 83633
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100109-IAD, cache-bma1677-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972874.118506,VS0,VE1
Vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/external/wistia-mux.js
151.101.86.110200 OK 37 kB URL HTTP/1.1 fast.wistia.net/assets/external/wistia-mux.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 088055ee2e1d957c0747384fd644b01d
a05f4510e6127c5ba4a204a3de92f8e76ef3bc77
1213ca9a4ad31ab9d1bb8cc2c60517a48099dde403112d4251e5c5e94d996b24
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-9121"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 37153
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:34 GMT
Age: 1250
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100020-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972874.118665,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/external/share-v2.js
151.101.86.110200 OK 16 kB URL HTTP/1.1 fast.wistia.net/assets/external/share-v2.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (51358), with no line terminators
Hash 85a8d5fcc8b3f06704fd016714106422
4f96f638aa290263c17b1ffaffa46b79a455c108
31f2f387f5ef6b9b4af68b82f98698abadabc11f0ad109868d8f000a2fdf7906
GET /assets/external/share-v2.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-3d48"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 15688
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:34 GMT
Age: 1169
Connection: keep-alive
X-Served-By: cache-iad-kiad7000159-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972874.160638,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b0074a6aabb5f85650d75e8b9099bd4e
a93943c07d89dc0b887cdb7a1401b93f8a61866d
10929f35a8e415a548559ea180410433c73751a4e6649fbf49279ab9c805b4e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10929F35A8E415A548559EA180410433C73751A4E6649FBF49279AB9C805B4E3"
Last-Modified: Sat, 10 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19679
Expires: Mon, 12 Sep 2022 14:22:33 GMT
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
api.sjpf.io/
99.83.173.21200 OK 204 B IP 99.83.173.21:0
File type ASCII text, with no line terminators
Hash f64f117407b0eb6e72bd1091be03db8b
d6db43f5f6e864606b6d66f776ef4ce5e6011fe7
9d2ec03d62c24db09f3cb385c53019dcbaca9020701706c4966c93c94ca51860
GET / HTTP/1.1
Host: api.sjpf.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=2592000, immutable, private
strict-transport-security: max-age=63072000; includeSubDomains
content-type: text/plain; charset=utf-8
content-length: 204
date: Mon, 12 Sep 2022 08:54:34 GMT
X-Firefox-Spdy: h2
ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
52.176.5.241101 Switching Protocols 0 B URL HTTP/1.1 ctrwow-prod-analytics-socketserver.azurewebsites.net/?trackingId=5f8ea23018087a1c5c16753a
IP 52.176.5.241:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?trackingId=5f8ea23018087a1c5c16753a HTTP/1.1
Host: ctrwow-prod-analytics-socketserver.azurewebsites.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.navysign.sa.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4FRGzJasVaYnNPYu1Vslxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Mon, 12 Sep 2022 08:54:34 GMT
Server: Microsoft-IIS/10.0
Set-Cookie: ARRAffinity=2e96f0a30871186d102ce57b784a297a29b914f32f980a498e84dab5aed79a0a;Path=/;HttpOnly;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
ARRAffinitySameSite=2e96f0a30871186d102ce57b784a297a29b914f32f980a498e84dab5aed79a0a;Path=/;HttpOnly;SameSite=None;Secure;Domain=ctrwow-prod-analytics-socketserver.azurewebsites.net
Upgrade: websocket
Sec-WebSocket-Accept: Eqsg8to9TANjCUFvMHgAdHdJ/TQ=
Origin: http://www.navysign.sa.com
X-Powered-By: ASP.NET
embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
2.22.244.131200 OK 66 kB URL HTTP/1.1 embedwistia-a.akamaihd.net/deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720
IP 2.22.244.131:0
ASN #20940 Akamai International B.V.
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f36d62db167adfa5c64a791490c1a04d
526b470fae5046c224f05b2394225943da24f602
11b47f9ca33a2da98a9cc8fbdd2507a85ab3d8e71d8d499fa185be8cf42cc1f8
GET /deliveries/624bfc51d2fcbc0ebaac400b53014447.webp?image_crop_resized=1280x720 HTTP/1.1
Host: embedwistia-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/webp
Accept-Ranges: none
Access-Control-Expose-Headers: Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
content-disposition: inline
Last-Modified: Tue, 11 May 2021 01:11:50 UTC
surrogate-key: 624bfc51d2fcbc0ebaac400b53014447 thumbnail-delivery
Content-Length: 65510
Cache-Control: max-age=31065878
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Request-Method: *
Access-Control-Allow-Origin: *
fast.wistia.net/assets/external/engines/manual_quality_video.js
151.101.86.110200 OK 25 kB URL HTTP/1.1 fast.wistia.net/assets/external/engines/manual_quality_video.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5f34fb143ebb48f3e8a42fca02878707
f9bc9126bf05c2caeec00cb8e6b7f3a926416ccb
c29ef5c516533467b029fdd597983988db8686147ce06180fa73758e02e024be
GET /assets/external/engines/manual_quality_video.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-61b6"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 25014
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:34 GMT
Age: 1120
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100110-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972874.433337,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
fast.wistia.net/assets/images/blank.gif
151.101.86.110200 OK 1.2 kB URL HTTP/1.1 fast.wistia.net/assets/images/blank.gif
IP 151.101.86.110:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash fbdc4ed9a1e2ee4917a265306927bcf1
6d177725d8230df0457e72004080f712e26fe624
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
GET /assets/images/blank.gif HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Content-Type: image/gif
ETag: "631b7880-4be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Last-Modified: Fri, 09 Sep 2022 17:31:44 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1214
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:34 GMT
Age: 228069
Connection: keep-alive
X-Served-By: cache-iad-kjyo7100103-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1189
X-Timer: S1662972874.491396,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5332
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5332
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5332
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5332
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 08:54:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 40363
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6065db8d4276060fbc5f9e0ef04573bc
4077cf9a03f0fa3601bcbea161bfe762feb3a7e0
a14f6e8db246a321dbdcd8672e1914daa53cb9a27a926f63393e5ddc279e58de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F877083da-81e2-47df-adc5-ba5b0f83249c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9588
x-amzn-requestid: 61cc89f2-7e05-483a-a17b-be3041e0c096
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJK7GvaIAMFoHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5578-068429955950e2374ca0dade;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:39:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VJtwWtz9hw9B_bK6SXcRQbN7HXqDsVD3twNaSqIkwGQeRTeAbyReFg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
age: 39534
etag: "4077cf9a03f0fa3601bcbea161bfe762feb3a7e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca76593aa217eb69a58ed89610d9d59d
d09f2d5acd5945620a2a51d72411c3c464a5166e
7b31c12dad70a30defa8924061b635410d8b2a59e90819c8707ee6d0b5acc98e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce25d3c5-b755-430d-b6d0-23fad3078dbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7029
x-amzn-requestid: 188bfede-89d9-42f9-914b-13a330675370
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxLHkBIAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d4-44c167dd64d1756c0280a759;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qbhdBjUA4GNK7U8VQYUPDynJ58slL5aG1bZMDdXc8IKeg0KwZeqn2Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:55 GMT
age: 39519
etag: "d09f2d5acd5945620a2a51d72411c3c464a5166e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da890c42b21daa080ec1bdd023800393
02807770b43d375393e1efef0ba432b664a05be0
c0795e0b7535a3f25564b52b2e70a7447baa79378c95153ceb51f8bd3620d89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f6d3098-68f1-4ed7-baff-aed0e0b792ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8658
x-amzn-requestid: 37529bed-8f0c-43dc-926b-32ef4a7adbac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkSfHkDIAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb40f-45988cf4677a87b521ac15b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:45:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Gc_42daM_t1zgHPELLgKNn3Sk4lis4zmV7yBWRme4NRXOzf2qr2NSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:17:41 GMT
age: 38213
etag: "02807770b43d375393e1efef0ba432b664a05be0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TnWZhLnecuseTYzrivm2OgMn1lXVKVzeXivXm4XhGVzhv_jV9MQQdQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:51:17 GMT
age: 39797
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 866ace739b788c7d6e9047d246985a8f
bec098ac12c44fc877555fea7b3ddb8cbef12b2d
1d8599845425acd4bf90d7da05efdd2a9c7e0b5a37efc291cdcf1a2277671429
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82cfbbd4-ab05-47a9-8f70-73405b312a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8390
x-amzn-requestid: 43e68b0e-80fd-43ed-8f63-86ec0c94c0a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUJAPGy8IAMFsdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e5534-0d51f22d34cb67eb2319ebf1;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: e-lL-3G5SCGgrsm_9pp51JYvBtgtZB144EZPmBq6Mx16HfXYK2-nZw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:44:30 GMT
etag: "bec098ac12c44fc877555fea7b3ddb8cbef12b2d"
content-type: image/jpeg
age: 40204
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 08:41:12 GMT
expires: Mon, 12 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 802
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Sep 2022 08:54:34 GMT
expires: Mon, 12 Sep 2022 08:54:34 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 0b2a2a6770a37b7b3fdfb7bfcc796339
0bf5ef5a447f683e143785394775a08132833d0a
2619a1b834327e7774ff1bd62ab2caf6b812471e8c267c9c27d9e1706d50130f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:54:34 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KasbPDXpgbrEQpK5rcsoB995rMpcDumfE7KUB6RXIInmDWhwGIlEOw==
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ccb4b35579ffc022737559948b38becb
09875779c63d6a00f58e23da93d3089dc7c7c0ad
895113c8c3397ee73a795f96ab5e706dbc68829ddfe1e0ede2c4035129f49e25
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:54:34 GMT
Server: ECS (dcb/7FA5)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gPGXEEfjYFu_7iO2JGFRbYECvkAbbX6yqSSagmKOF1pQmMY7Sz0EKg==
www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
54.230.111.82200 OK 1.0 kB URL HTTP/2 www.buycircaknee.com/en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png
IP 54.230.111.82:0
File type PNG image data, 128 x 127, 8-bit colormap, non-interlaced\012- data
Hash 0f351fbdf834a0dfa6b09ee104664762
1d0f4329ee8bd6e0f4fd1e89ba7b6e7feb4c117b
d4571ae92aa3e457bd64730f7bca11b74a0052faddd90e9c57560683ed538c11
GET /en/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/61a8e210-6748-4c7c-b2a1-23ebffc86321/favicon-a5551bb1-a4db-4b5e-ab39-4afedf9403a7.png HTTP/1.1
Host: www.buycircaknee.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 1048
date: Sat, 06 Aug 2022 01:37:32 GMT
cache-control: max-age=31536000
last-modified: Fri, 24 Jun 2022 10:36:10 GMT
etag: "0f351fbdf834a0dfa6b09ee104664762"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5jsBS_gi9rc3cBVDcFMe3ifs-26iWb9jGQxVGC3IRS0IxoJWLunbVg==
age: 3223023
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1662972862988&cv=9&fst=1662972862988&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.34200 OK 1.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/781463602/?random=1662972862988&cv=9&fst=1662972862988&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2726), with no line terminators
Hash 0b73ed8d8bdf7a6bf623864e6f1c36c7
e7155ce3ede9a47d6abe0bff13017bfc776a52a4
5b0a76cb9081ee28f3c8fa0614bde947529271525a0e7c51440180c1f444e897
GET /pagead/viewthroughconversion/781463602/?random=1662972862988&cv=9&fst=1662972862988&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 08:54:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1239
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Sep-2022 09:09:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=1917632414.1662972863&jid=966335352&gjid=1926807371&_gid=375476334.1662972863&_u=YEBAAUAAAAAAAC~&z=2087060661
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=1917632414.1662972863&jid=966335352&gjid=1926807371&_gid=375476334.1662972863&_u=YEBAAUAAAAAAAC~&z=2087060661
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-135383900-2&cid=1917632414.1662972863&jid=966335352&gjid=1926807371&_gid=375476334.1662972863&_u=YEBAAUAAAAAAAC~&z=2087060661 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.navysign.sa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 08:54:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&gjid=554027204&_gid=375476334.1662972863&_u=YEDAAUABAAAAAC~&z=219475711
142.251.1.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&gjid=554027204&_gid=375476334.1662972863&_u=YEDAAUABAAAAAC~&z=219475711
IP 142.251.1.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&gjid=554027204&_gid=375476334.1662972863&_u=YEDAAUABAAAAAC~&z=219475711 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.navysign.sa.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 12 Sep 2022 08:54:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fp.ctrwow.com/
75.2.62.78403 Forbidden 75 B IP 75.2.62.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c179c6f7c51bb64f2ab0ccd4e87ad6d4
6f78afc64edc332863a1879327ea72a9487f4668
f1b896a29bde2b49a308925dfb74722363ffbc27068423ac9cc5f21dad0b3a31
POST / HTTP/1.1
Host: fp.ctrwow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1023
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 12 Sep 2022 08:54:34 GMT
content-type: application/json; charset=utf-8
content-length: 75
server: nginx
access-control-allow-credentials: true
access-control-allow-origin: http://www.navysign.sa.com
access-control-expose-headers: Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/781463602/?random=1662972862988&cv=9&fst=1662969600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=4285836463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/781463602/?random=1662972862988&cv=9&fst=1662969600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=4285836463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/781463602/?random=1662972862988&cv=9&fst=1662969600000&num=1&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wgc10&sendb=1&frm=0&url=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25&tiba=Get%20the%20Compression%20Sleeves%20That%20Provide%20Instant%20Relief%20for%20Sore%2C%20Agi&async=1&fmt=3&is_vtc=1&random=4285836463&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 08:54:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&_u=YEDAAUABAAAAAC~&z=1186706997
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&_u=YEDAAUABAAAAAC~&z=1186706997
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22484186-3&cid=1917632414.1662972863&jid=1137226142&_u=YEDAAUABAAAAAC~&z=1186706997 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 12 Sep 2022 08:54:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/playPauseLoadingControl.js
151.101.86.110200 OK 18 kB URL HTTP/1.1 fast.wistia.net/assets/external/playPauseLoadingControl.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (59748), with no line terminators
Hash 5ace5f22e80cd593e867b5494ab1db8a
dc3232d86ae6f6d9c81a95aeff2d7da3e74b1b5a
8caefe5996d4051f4f46508718c00d036883284e39abdf3ad55bfbd5211c6d0c
GET /assets/external/playPauseLoadingControl.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-4564"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 17764
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:35 GMT
Age: 1251
Connection: keep-alive
X-Served-By: cache-iad-kiad7000071-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972875.037686,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
cdn.getblueshift.com/blueshift.js
54.230.111.116200 OK 2.0 kB URL HTTP/1.1 cdn.getblueshift.com/blueshift.js
IP 54.230.111.116:0
File type ASCII text, with very long lines (4407), with no line terminators
Hash e180e60ec878d69551a1c449b37c6552
41e08b360ccf3b35947abcf709f1cc249f6393c6
daa4b9339673c9cce7e986f05b60b11f5773108503f83ce2f81464fc470f254c
GET /blueshift.js HTTP/1.1
Host: cdn.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1990
Connection: keep-alive
Last-Modified: Tue, 08 Feb 2022 00:38:50 GMT
Content-Encoding: gzip
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 12 Sep 2022 08:09:31 GMT
Cache-Control: max-age=3600
ETag: "e180e60ec878d69551a1c449b37c6552"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5V2zHTkbmPwv9xmG3he0Q4hFXV_xc810ZEWTLcLw80ug65EGfCNy4g==
Age: 2705
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc16b956392846e1100a913453575c87
09e81e2f60ab04ca565b73ed9060380a2229cf30
3a3eecb77d71c4f1c3d706f33f33e8df527b3653906d0086089c2e5b45fd25e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 08:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/assets/external/E-v1.js
151.101.86.110200 OK 150 kB URL HTTP/1.1 fast.wistia.com/assets/external/E-v1.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 150 kB (149606 bytes)
Hash fd0fff4f043900ebb99c39c16979eff1
45e7f1e9520b3e36a74c536918beda7892f4bf71
822d8f97ea075fb7717a290072222a55a128e8d729d592bbf6e895a2728306fd
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-24866"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 149606
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:35 GMT
Age: 1263
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200104-IAD, cache-bma1631-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 3
X-Timer: S1662972875.089935,VS0,VE0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
www.navysign.sa.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
104.21.44.239404 Not Found 116 B URL HTTP/1.1 www.navysign.sa.com/clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534
IP 104.21.44.239:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash d6e62b966693d7822072903ae8310d00
2de307cf4db56a090d7633f2da9ce6d224f6ffb7
36bd7d3c61ddaa2cfd74438dfcc2552f527a5299abc17957073a05d4b1d5cecf
Analyzer Verdict Alert quad9 Sinkholed
GET /clicks/assets/image/19822fef-80c0-4e76-ac06-1c9140d937d2/5f8ea23018087a1c5c16753a/f124aa22-b68f-4251-8730-5e7d42902268/dmca-badge-resize.webp?t=20211012T10425534 HTTP/1.1
Host: www.navysign.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/clicks/circaknee.php?sid=991927&h=PO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE/XpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
Cookie: _gcl_au=1.1.1562318018.1662972862; _ga=GA1.3.1917632414.1662972863; _gid=GA1.3.375476334.1662972863; _gat_gtag_UA_135383900_2=1; _gat_gtag_UA_22484186_3=1
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 08:54:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ewj4NQd%2BwFSfPrOUbdntlhxOjrWgt5fM51EjB2xgeohazM3RD20DTYVSgSiObEV0R0jIZ7blRdQStFkjVn9l7EsBPqCqJpoaORGeannM%2BDXWYXg4PrIBkbhJl0u2PNtJTbcqJqq0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74976b552dadb50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2161
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:35 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6e572fa740f2e9ba86bf582f2df35341
2f8644e97458a9d0f7085979ad4e7ba84d9cbada
46cc738389abdc9d14406f0e66db313c34f647235955980818e518190a816acb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:54:35 GMT
Last-Modified: Mon, 12 Sep 2022 07:37:56 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xwh-Gw4mkZDb55Zdt8GxB0yA7LD1Jz64JDv5oKLqK4Anp65aaFZdlQ==
Age: 4599
distillery.wistia.com/x
44.197.44.53204 No Content 0 B IP 44.197.44.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1288
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 08:54:35 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 97d1bc78d4745eb507bf0d8febe0fbd3
2a640e92e27faff80ccf278d77a303dd9298c285
88bbaf3752be1966f6233316cc8b50156eac034ed178195852dc2d281d874fc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:54:35 GMT
Last-Modified: Mon, 12 Sep 2022 07:20:53 GMT
Server: ECS (nyb/1D2A)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ob0jsjEC0-F-hVf-s4XKtBVm_iT_lyyPP0qcaNRGpg4_HRN_hjdF1A==
Age: 5622
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 97d1bc78d4745eb507bf0d8febe0fbd3
2a640e92e27faff80ccf278d77a303dd9298c285
88bbaf3752be1966f6233316cc8b50156eac034ed178195852dc2d281d874fc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Sep 2022 08:54:35 GMT
Last-Modified: Mon, 12 Sep 2022 07:15:40 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 14o9kD_Mkh1ZKudNrN0NiI4o1FRY5HOAo64FO6530mBgsNE7GablSQ==
Age: 5935
fg8vvsvnieiv3ej16jby.litix.io/
35.168.92.55200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 35.168.92.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://www.navysign.sa.com/
Origin: http://www.navysign.sa.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Date: Mon, 12 Sep 2022 08:54:35 GMT
Content-Length: 0
Connection: keep-alive
fg8vvsvnieiv3ej16jby.litix.io/
35.168.92.55200 OK 0 B URL HTTP/1.1 fg8vvsvnieiv3ej16jby.litix.io/
IP 35.168.92.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: fg8vvsvnieiv3ej16jby.litix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1515
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Date: Mon, 12 Sep 2022 08:54:35 GMT
Content-Length: 0
Connection: keep-alive
distillery.wistia.com/x
44.197.44.53204 No Content 0 B IP 44.197.44.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /x HTTP/1.1
Host: distillery.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1276
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 12 Sep 2022 08:54:35 GMT
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
X-Firefox-Spdy: h2
fast.wistia.net/assets/external/allIntegrations.js
151.101.86.110200 OK 6.2 kB URL HTTP/1.1 fast.wistia.net/assets/external/allIntegrations.js
IP 151.101.86.110:0
File type ASCII text, with very long lines (21488), with no line terminators
Hash 479c3d43fc32adefbc7b0a21729a27de
03bc95db80884138c4c02e5ee4d0289c02fc3313
9da99cb5d6f56332e08a440bdecef3faf7788190b607e9fe9bb736028289301c
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Content-Encoding: gzip
Content-Type: application/javascript
ETag: "631b56d7-1862"
Last-Modified: Fri, 09 Sep 2022 15:08:07 GMT
Timing-Allow-Origin: *
Via: 1.1 varnish, 1.1 varnish
Content-Length: 6242
Accept-Ranges: bytes
Date: Mon, 12 Sep 2022 08:54:36 GMT
Age: 1239
Connection: keep-alive
X-Served-By: cache-iad-kcgs7200165-IAD, cache-bma1659-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1662972876.043348,VS0,VE1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
X-ECMA-V: modern
X-Browser: firefox
X-Browser-Version: 96
pipedream.wistia.com/mput?topic=metrics
52.44.213.33200 OK 2 B URL HTTP/1.1 pipedream.wistia.com/mput?topic=metrics
IP 52.44.213.33:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /mput?topic=metrics HTTP/1.1
Host: pipedream.wistia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
content-type: application/x-www-form-urlencoded
Content-Length: 2161
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:36 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: *
api.getblueshift.com/unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
52.88.71.207200 OK 0 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
IP 52.88.71.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25 HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Referer: http://www.navysign.sa.com/
Origin: http://www.navysign.sa.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:36 GMT
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: http://www.navysign.sa.com
access-control-max-age: 86400
access-control-allow-headers: if-none-match, content-type, if-modified-since, x-api-key, x-requested-with
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: PATCH, HEAD, POST, DELETE, PUT, GET, OPTIONS
api.getblueshift.com/unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
52.88.71.207200 OK 42 B URL HTTP/1.1 api.getblueshift.com/unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25
IP 52.88.71.207:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /unity.gif?t=1662972864&e=pageload&r=&z=925982&x=13c25a652e2a0c05cb06a3b1dba09a85&k=42e3b954-3e50-da37-5c0f-d4a59cdbbd99&u=http%3A%2F%2Fwww.navysign.sa.com%2Fclicks%2Fcircaknee.php%3Fsid%3D991927%26h%3DPO2dhZ_VQbR8OMD0VsgnpG9aHUqbGBKPZtbpGPTI9vE%2FXpqDf8QTl2GHx3e-7vOAalgCxciWhXnisbyFCF0ptY1aXf44TqTF5DTtaVBR4l_6mb6xQLtRs0FRynJkdj3S9tD6yjBOKDdnEYBtHC6PHsra_eOUzSYnv34D9QA8yI25 HTTP/1.1
Host: api.getblueshift.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Api-Key: 13c25a652e2a0c05cb06a3b1dba09a85
Origin: http://www.navysign.sa.com
Connection: keep-alive
Referer: http://www.navysign.sa.com/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 08:54:36 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: etag
access-control-allow-origin: http://www.navysign.sa.com
static.hotjar.com/c/hotjar-1450693.js?sv=7
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1450693.js?sv=7
IP 143.204.55.37:0
GET /c/hotjar-1450693.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.navysign.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 12 Sep 2022 08:54:05 GMT
cache-control: max-age=60
etag: W/36f78d1cfa8f8c3afea4b627280e1b85
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c0ZTTlAsymKhhWZd29DaQaG_pdSSm8lS2CcF1pBhRHyUVihwLq6tZQ==
age: 29
X-Firefox-Spdy: h2