167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
167.99.148.203200 OK 1.2 kB URL HTTP/1.1 167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3111), with no line terminators
Hash 085e2f434340263aa9c13eb04b38d4f4
7741b57af316837c196615909c5277c8571b1a85
9ecc981341faad83f6bf0ffe6965ba13a48d813339b57c92f8d84187a335dd6b
Analyzer Verdict Alert quad9 Sinkholed
GET /agency-online/directing/desjardins/identifiantunique/index.php HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:00 GMT
Content-Type: text/html
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b04-c27"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8800
Expires: Mon, 06 Feb 2023 11:38:41 GMT
Date: Mon, 06 Feb 2023 09:12:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12239
Expires: Mon, 06 Feb 2023 12:36:00 GMT
Date: Mon, 06 Feb 2023 09:12:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10062
Expires: Mon, 06 Feb 2023 11:59:43 GMT
Date: Mon, 06 Feb 2023 09:12:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 08:34:03 GMT
content-type: application/json
age: 2278
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R/PoOB4IJvJ/3KXmnsqdb8Xi72KJl2qXKfROYJP9wcqxcdzr+SXkr2ZeLOOH+2mb60ZrIo3dK38=
x-amz-request-id: 80VNX9W9P4A8XKPS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 08:24:52 GMT
age: 2829
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
216.58.207.227200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14784, version 1.0\012- data
Hash 13fd948eebe1c50558df7f53a2922e70
e1cf18262ef303da935a67bd9cc2dbc063e45604
cb474dc9b3e75c8ec335bab847cb29ec7e89da057ad068abdb99da4585366c8c
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51ostz0rdg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://167.99.148.203
Connection: keep-alive
Referer: http://167.99.148.203/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14784
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 09:18:06 GMT
Expires: Sat, 03 Feb 2024 09:18:06 GMT
Cache-Control: public, max-age=31536000
Age: 258835
Last-Modified: Tue, 19 Apr 2022 19:13:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
216.58.207.227200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 14736, version 1.0\012- data
Hash c27a2e28b3a242fa8ff8f98b497e77ab
82aa3d68bb1a3922ce860fc07336eb2ac77ceb6c
60cdff1621cd9803c61b2c7d010adcb8094f41fcab2da420f99dead9c097395f
GET /s/barlow/v12/7cHpv4kjgoGqM7E_DMs5ynghnQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://167.99.148.203
Connection: keep-alive
Referer: http://167.99.148.203/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 14736
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 10:05:09 GMT
Expires: Fri, 02 Feb 2024 10:05:09 GMT
Cache-Control: public, max-age=31536000
Age: 342412
Last-Modified: Tue, 19 Apr 2022 19:13:12 GMT
Content-Type: font/woff2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 09:12:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
167.99.148.203/agency-online/directing/desjardins/identifiantunique/fonts/BebasNeue-Regular.ttf
167.99.148.203200 OK 1.2 kB URL HTTP/1.1 167.99.148.203/agency-online/directing/desjardins/identifiantunique/fonts/BebasNeue-Regular.ttf
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3111), with no line terminators
Hash 085e2f434340263aa9c13eb04b38d4f4
7741b57af316837c196615909c5277c8571b1a85
9ecc981341faad83f6bf0ffe6965ba13a48d813339b57c92f8d84187a335dd6b
Analyzer Verdict Alert quad9 Sinkholed
GET /agency-online/directing/desjardins/identifiantunique/fonts/BebasNeue-Regular.ttf HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/html
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b04-c27"
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
167.99.148.203/fonts/font.css?c5ee45f52964584319fe6a468b6ab27742bf4fb3
167.99.148.203200 OK 261 B URL HTTP/1.1 167.99.148.203/fonts/font.css?c5ee45f52964584319fe6a468b6ab27742bf4fb3
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash 686b59c9d538412c64f6a8320bb1d5f2
c5ee45f52964584319fe6a468b6ab27742bf4fb3
1b238364a4815be27fa690d014413e3a6a7b1ea3391d26a1fd850207908e9c16
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/font.css?c5ee45f52964584319fe6a468b6ab27742bf4fb3 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Content-Length: 261
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Connection: keep-alive
ETag: "63dd1b04-105"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
167.99.148.203/css/library.css?17b6bb89c2f77967d3c5baec0b62a22cf14c5282
167.99.148.203200 OK 538 B URL HTTP/1.1 167.99.148.203/css/library.css?17b6bb89c2f77967d3c5baec0b62a22cf14c5282
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1379), with no line terminators
Hash 51a675b1eaec99f57dbba7c2056de947
865b850a064eceb85a8e17e0e9e1451d350c9370
eb35f9e667da8e1e2b3b088bda35865522a9c37e2c17179c6217dc3187db15a4
Analyzer Verdict Alert quad9 Sinkholed
GET /css/library.css?17b6bb89c2f77967d3c5baec0b62a22cf14c5282 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b04-563"
Content-Encoding: gzip
167.99.148.203/static/js/2ae.f4fc2804fad8c6e32976.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 2.1 kB URL HTTP/1.1 167.99.148.203/static/js/2ae.f4fc2804fad8c6e32976.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (4110)
Hash ce9b00097acd5fa4a76cfa88685aeaeb
aa14a07387e08229c1c279dbc4b007da1717d2de
ddbc1479c5581fe8d3d9feaa02029b6763d6c7f388f41d6f105c2e643e0df7c4
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/2ae.f4fc2804fad8c6e32976.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Jan 2023 11:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63c7d144-1043"
Content-Encoding: gzip
167.99.148.203/css/bootstrap.min.css?572c7d838c896e09eca4e6268df2234c561ce9fd
167.99.148.203200 OK 37 kB URL HTTP/1.1 167.99.148.203/css/bootstrap.min.css?572c7d838c896e09eca4e6268df2234c561ce9fd
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65305)
Hash eab303e267d00b902af3de1b9dc4bff3
6d38778fcbbe3bbf9d9e4e205250651f2f38f015
744e9b2a90097b474438823851d1f16847ed8bbdb084dce1090f9c6aca9d54bc
Analyzer Verdict Alert quad9 Sinkholed
GET /css/bootstrap.min.css?572c7d838c896e09eca4e6268df2234c561ce9fd HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 14:32:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b03-30072"
Content-Encoding: gzip
167.99.148.203/static/js/19a.fdd16269685fd3a90db7.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 23 kB URL HTTP/1.1 167.99.148.203/static/js/19a.fdd16269685fd3a90db7.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash dcf70dc41feb56f5d92f9ad0975be3ca
13c6442027245c5f3f7dc55a1913e65c3f25fcfc
e8496e9a180f44eafbf3b19e6ae5b740a9ac6a20ec763f9ddb686bc7d22eb7eb
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/19a.fdd16269685fd3a90db7.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Feb 2023 11:49:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dcf4bf-15119"
Content-Encoding: gzip
167.99.148.203/static/css/2f3.017e2689d638ff4678a2.css?ff3df105fd0fd47b6225
167.99.148.203200 OK 63 kB URL HTTP/1.1 167.99.148.203/static/css/2f3.017e2689d638ff4678a2.css?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash b53fe9ea6d4c387c7db6ae23a38840d7
043e604e7b71d60f9c91ef43d36d5c7ba4dd6e00
79055c0dac052af96000e87ece937b6732a89ecf212a8566b716e81afb4d4f16
Analyzer Verdict Alert quad9 Sinkholed
GET /static/css/2f3.017e2689d638ff4678a2.css?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 14:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b00-41b32"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 09:07:20 GMT
age: 281
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
167.99.148.203/css/custom2.css?657bb4f6aa17f75df00ffeb4094506be632773ba
167.99.148.203200 OK 15 kB URL HTTP/1.1 167.99.148.203/css/custom2.css?657bb4f6aa17f75df00ffeb4094506be632773ba
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (57164), with no line terminators
Hash 97fb6c3bf4714f8710013ec657a0cdfa
2414be635a735445fa142e14d341557009bf76ba
879f99682265bf513561712520d40a8828475364264c9d208e4ca58fc3d3f338
Analyzer Verdict Alert quad9 Sinkholed
GET /css/custom2.css?657bb4f6aa17f75df00ffeb4094506be632773ba HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b04-df4c"
Content-Encoding: gzip
167.99.148.203/css/custom.css?7fce15fd24b00f989e6683e12d880ba338ffdf52
167.99.148.203200 OK 33 kB URL HTTP/1.1 167.99.148.203/css/custom.css?7fce15fd24b00f989e6683e12d880ba338ffdf52
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Hash e9bc027ff61c05c4f94ebb79a9fc3968
3636320230935b8a4236b6c1a72076f020484838
f5061e35ecb4c719e3ea0df2b4e1d1db03dc74a1cca20ac3b7fa95f40bfd8cee
Analyzer Verdict Alert quad9 Sinkholed
GET /css/custom.css?7fce15fd24b00f989e6683e12d880ba338ffdf52 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: text/css
Last-Modified: Fri, 03 Feb 2023 14:32:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b03-1d73f"
Content-Encoding: gzip
167.99.148.203/static/js/6c4.9cb9d1a5b2b1bd317b8f.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 276 kB URL HTTP/1.1 167.99.148.203/static/js/6c4.9cb9d1a5b2b1bd317b8f.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65454)
Size 276 kB (275728 bytes)
Hash e26a60a7e0eddd6803db5ef8c9e0b7d0
3296c0975ecad0239ff880aa56be54b203b0ac29
2756d0cb6634382c5c7e5981fc67724336a617d47384a1958bcce3921ba769d1
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/6c4.9cb9d1a5b2b1bd317b8f.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Jan 2023 11:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63c7d144-9bd27"
Content-Encoding: gzip
167.99.148.203/static/js/864.eb40060cad5c6a970de9.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 342 kB URL HTTP/1.1 167.99.148.203/static/js/864.eb40060cad5c6a970de9.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65454)
Size 342 kB (341864 bytes)
Hash 0178c6e8e98586d7437b616299e07a07
f8b22342c1aef27abb7de9145fad296e732c435c
be79d029f707eb73e33e50e37f0e3bfd9881f9757cdcce949b6a4152fb14c10d
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/864.eb40060cad5c6a970de9.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Jan 2023 11:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63c7d144-ef03c"
Content-Encoding: gzip
push.services.mozilla.com/
52.42.5.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.5.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AMhlLV0E9GAAYlcX+LitTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lNHbgagpnL6yeTUpupwonrEvuUE=
167.99.148.203/static/js/50f.2944c9af803985f71ff1.js
167.99.148.203200 OK 84 kB URL HTTP/1.1 167.99.148.203/static/js/50f.2944c9af803985f71ff1.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (62859), with no line terminators
Hash f4a71fa84b17cafbf0e129a138d95c9c
8650f99e999f76b1f8c7aac409950913b52d3754
6faa149f0c56fd66d5ab26b90a65986c6fe02c133f09d036f217684373d73c0b
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/50f.2944c9af803985f71ff1.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Jun 2022 18:57:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ab7d11-3b395"
Content-Encoding: gzip
167.99.148.203/static/js/b64.eff09d85168b180ad4a6.js
167.99.148.203200 OK 129 kB URL HTTP/1.1 167.99.148.203/static/js/b64.eff09d85168b180ad4a6.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65454)
Size 129 kB (128984 bytes)
Hash 3771db56ba72f252fa751a85de5779c2
4e9b6bddc7c9f7394d6744e0274fa4eb628fd273
c8ef3aa5e02ac0fff21f3dfb670350695f5bd832ca8e843967b804bd1baab465
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/b64.eff09d85168b180ad4a6.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 20:44:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6328d4c4-55181"
Content-Encoding: gzip
167.99.148.203/static/js/d43.e732d254f26d1cc198ce.js
167.99.148.203200 OK 44 kB URL HTTP/1.1 167.99.148.203/static/js/d43.e732d254f26d1cc198ce.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65483), with no line terminators
Hash a691a0db2f53e2aceda20efa89d8b971
99fcb4e6c3ce8d7367898621271517f1dce215d2
3dc95785ac0b1ca392bbb4a2caec9f45cb7e0ebff3946788ad6e57e4bbf8750d
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/d43.e732d254f26d1cc198ce.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Jun 2022 18:57:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ab7d11-1bfdd"
Content-Encoding: gzip
167.99.148.203/static/js/135.b739318995cdd459f52b.js
167.99.148.203200 OK 5.6 kB URL HTTP/1.1 167.99.148.203/static/js/135.b739318995cdd459f52b.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (12484)
Hash ba89a7434bdef2533afa9ca3278aec48
5d757befed18f61daa1649ea2a94b3ce47f2f11e
d2e2189b7e88884e649288149e06c17a95e946fecd4e76250026e781d2ace155
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/135.b739318995cdd459f52b.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 20:44:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6328d4c4-30f9"
Content-Encoding: gzip
167.99.148.203/static/js/241.0e9a26f9c84f30f8aa1b.js
167.99.148.203200 OK 29 kB URL HTTP/1.1 167.99.148.203/static/js/241.0e9a26f9c84f30f8aa1b.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 045c1b17efa68b611951222f034c0770
c6b87c33752397100fa3a70eab1b419941b59f0c
9808fa3aa973ce2cb4306884650197597af7840059a9b9aef85f0a08a0f05250
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/241.0e9a26f9c84f30f8aa1b.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Sep 2022 20:44:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6328d4c4-127af"
Content-Encoding: gzip
167.99.148.203/static/js/2f3.220cc0fa2321d6b56be1.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 139 kB URL HTTP/1.1 167.99.148.203/static/js/2f3.220cc0fa2321d6b56be1.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65454)
Size 139 kB (139346 bytes)
Hash ca9e20c7dfe5927ee867e562728d5b1e
796d1485164fbb578e504fbf788355540c160691
c992d262c21e7761ccb0c816daab29868071fec59d464a09b35b98630b0c4e18
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/2f3.220cc0fa2321d6b56be1.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Feb 2023 14:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b00-d85e2"
Content-Encoding: gzip
167.99.148.203/static/js/f7c.ae0803d204b401b22515.js?ff3df105fd0fd47b6225
167.99.148.203200 OK 36 kB URL HTTP/1.1 167.99.148.203/static/js/f7c.ae0803d204b401b22515.js?ff3df105fd0fd47b6225
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 840f34881f505e8ad8c5304c3edfd68d
a0c02d9498607b719e60dab2f22e68316dded36a
0cc90a77f1b2bbc79105304193d4768a0faf58e02d9ccd79ab3ea7ebba28e8c1
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/f7c.ae0803d204b401b22515.js?ff3df105fd0fd47b6225 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:01 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Feb 2023 14:32:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b00-e9d04"
Content-Encoding: gzip
167.99.148.203/static/js/43e.71e88d755b8804f6fd00.js
167.99.148.203200 OK 122 kB URL HTTP/1.1 167.99.148.203/static/js/43e.71e88d755b8804f6fd00.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Size 122 kB (122131 bytes)
Hash bcd4cb2835b55a0b1dc29fccba7a9da0
761d6157585c5dd14818fdfd4c26eba1672384e7
596c87cbcd2420d4840a528597ab5448b90b64179a1aaa91c7761a597d5bdfaf
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/43e.71e88d755b8804f6fd00.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Wed, 18 Jan 2023 11:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63c7d144-a1526"
Content-Encoding: gzip
167.99.148.203/api/login
167.99.148.203403 Forbidden 25 B IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text
Hash 0283ed52104eb1fd3ae2e3158668d4c7
cff1433cb4eb9f6bf8c897495f992324836fda49
75e8165b85ba983c13c084d62647bacef721b59a6fd15e956eedb45d8e99ab7f
Analyzer Verdict Alert quad9 Sinkholed
GET /api/login HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 403 Forbidden
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/json
Content-Length: 25
Connection: keep-alive
Vary: Origin
167.99.148.203/version.txt?0.28145116992632924
167.99.148.203200 OK 11 B URL HTTP/1.1 167.99.148.203/version.txt?0.28145116992632924
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3f5cf1646f4762e89d4962f743855dab
3cbb8711f5dae83bab5b3aff409fa47a60215b08
50946def3692ae081e3c9909329000eb5f321c5407cc1552516b08c1a6091ad4
Analyzer Verdict Alert quad9 Sinkholed
GET /version.txt?0.28145116992632924 HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: text/plain
Content-Length: 11
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-b"
Accept-Ranges: bytes
167.99.148.203/static/media/preloader.9b32f607e8904613d046.svg?url
167.99.148.203200 OK 34 kB URL HTTP/1.1 167.99.148.203/static/media/preloader.9b32f607e8904613d046.svg?url
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (32590)
Hash a5a84719b484212e8bb87f2c69d66205
029534d36b3ac4995926a37b7deeb759ab470164
0ab176d10f0285af6cd1a57bad7b3ab65d61c97231c2784fd679b81335f0d36a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/media/preloader.9b32f607e8904613d046.svg?url HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/svg+xml
Content-Length: 33517
Last-Modified: Fri, 03 Feb 2023 14:32:32 GMT
Connection: keep-alive
ETag: "63dd1b00-82ed"
Accept-Ranges: bytes
167.99.148.203/static/js/fb5.16fa470948e24925c865.js
167.99.148.203200 OK 55 kB URL HTTP/1.1 167.99.148.203/static/js/fb5.16fa470948e24925c865.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65452)
Hash 9126668b5589345ecdb2adeb6ca2050b
568e5842233e1e8881bac601048916b1e892df22
65f7628bd45ccf58fb161ab7d4140091937baaf0a3fb4fda74e4b71c63de047c
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/fb5.16fa470948e24925c865.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Jun 2022 18:57:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ab7d11-30b3b"
Content-Encoding: gzip
167.99.148.203/static/js/8d3.5bfc7f8e88642615c016.js
167.99.148.203200 OK 27 kB URL HTTP/1.1 167.99.148.203/static/js/8d3.5bfc7f8e88642615c016.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash b529a6982deb9f765ef8f26cc91a0386
6e65b4edcd932027f92b994d247b448188b106a1
6cf9a66d1b59794f9dc3174cb7d3f92d1fe70bf56f79b6e1d5b9741789f2dad3
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/8d3.5bfc7f8e88642615c016.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Jan 2023 10:55:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bfe715-11617"
Content-Encoding: gzip
167.99.148.203/img/favicon/apple-touch-icon.png
167.99.148.203200 OK 5.6 kB URL HTTP/1.1 167.99.148.203/img/favicon/apple-touch-icon.png
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c92c7f95fdacf56c8db9f2a901f5ca3
f6d135ca0393ae2214ca2ce5b5956c7a706dfc84
724f802ee73588314828b9c53369c709f5570f5d19590f27463214a6da333bda
Analyzer Verdict Alert quad9 Sinkholed
GET /img/favicon/apple-touch-icon.png HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/png
Content-Length: 5588
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-15d4"
Accept-Ranges: bytes
167.99.148.203/img/favicon/favicon-16x16.png
167.99.148.203200 OK 1.0 kB URL HTTP/1.1 167.99.148.203/img/favicon/favicon-16x16.png
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 4a80d02e45a068ef10ad1d3952e31e7e
d6e1349eb7bf4a58bcf9585b66915940c98a00a0
71ea47a4bc36651d4c810f19606f37fddfe4f99d473650bdfa58838c96721b0e
Analyzer Verdict Alert quad9 Sinkholed
GET /img/favicon/favicon-16x16.png HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/png
Content-Length: 1008
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-3f0"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21724, version 1.0\012- data
Hash c3609c36a150ce088ea4dcab92b7c00b
0c18236a183e962533a4f61bff3ae2581313561a
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
GET /s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://167.99.148.203
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 18:29:09 GMT
expires: Mon, 05 Feb 2024 18:29:09 GMT
cache-control: public, max-age=31536000
age: 52973
last-modified: Tue, 19 Apr 2022 19:29:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
167.99.148.203/img/hide.svg
167.99.148.203200 OK 986 B URL HTTP/1.1 167.99.148.203/img/hide.svg
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (882)
Hash fdadd6301a2198f55c3b545fd2f5724c
59c4aa7a23269d7b9bf74ea17cfe7eb3557ed041
8101bdc41cb3925bc7971e273f921754ff9df38995a2c058e9d766ed4c74e37b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/hide.svg HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/login/
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/svg+xml
Content-Length: 986
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-3da"
Accept-Ranges: bytes
fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21144, version 1.0\012- data
Hash 2bc7630144496092dc786ce63109e560
723df3658078cfed03c85e47f15fc439eb4331be
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
GET /s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://167.99.148.203
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 02:06:26 GMT
expires: Sat, 03 Feb 2024 02:06:26 GMT
cache-control: public, max-age=31536000
age: 284736
last-modified: Tue, 19 Apr 2022 19:43:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
167.99.148.203/img/logo_signup.svg
167.99.148.203200 OK 4.1 kB URL HTTP/1.1 167.99.148.203/img/logo_signup.svg
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (565)
Hash 25ef1b79dc13e0cba0cd7656c645c750
a20cc9711e5f8f0786fc0c33ba24caf86a9ac2e3
e6b246c8ce4362143e1984d5a81013388dd7e1152188a52c02adb5cbcc664e9a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/logo_signup.svg HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/login/
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/svg+xml
Content-Length: 4052
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-fd4"
Accept-Ranges: bytes
167.99.148.203/img/password.svg
167.99.148.203200 OK 1.1 kB URL HTTP/1.1 167.99.148.203/img/password.svg
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1034)
Hash 9fa666d500d929363d3765e5919631a2
d47b0d2d01d59d1f20d3da047de0d18064b8e805
44fd53e1e70ec956b411889ce94ac923536bef103d04c836f0e7e470523c9303
Analyzer Verdict Alert quad9 Sinkholed
GET /img/password.svg HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/css/custom.css?7fce15fd24b00f989e6683e12d880ba338ffdf52
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/svg+xml
Content-Length: 1138
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-472"
Accept-Ranges: bytes
167.99.148.203/img/signup_bg1.jpg
167.99.148.203200 OK 40 kB URL HTTP/1.1 167.99.148.203/img/signup_bg1.jpg
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2020:07:23 13:38:58], progressive, precision 8, 470x600, components 3\012- data
Hash c2ea85d3dcc7572215729bec045d1156
d7c88825bc080c6daf01ae1f9a383766b2a23b2a
5b7b7068f7fd26085fccb05da602fe9f67b4b97fa3b0171251e33ae7e2906cad
Analyzer Verdict Alert quad9 Sinkholed
GET /img/signup_bg1.jpg HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/login/
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/jpeg
Content-Length: 39903
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-9bdf"
Accept-Ranges: bytes
167.99.148.203/img/user_email.svg
167.99.148.203200 OK 842 B URL HTTP/1.1 167.99.148.203/img/user_email.svg
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (738)
Hash 0d0699d4c7ff42fbcbe056f9336b24b4
36218a60492b93e56688a618f5a7b300979c3c6b
68715c4168f37f4cc957d29d80514227b2d5e08a9df793867e09f86991dd2d0e
Analyzer Verdict Alert quad9 Sinkholed
GET /img/user_email.svg HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/css/custom.css?7fce15fd24b00f989e6683e12d880ba338ffdf52
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: image/svg+xml
Content-Length: 842
Last-Modified: Fri, 03 Feb 2023 14:32:33 GMT
Connection: keep-alive
ETag: "63dd1b01-34a"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
167.99.148.203/static/js/01b.0aa1bf5719fc456b6976.js
167.99.148.203200 OK 182 kB URL HTTP/1.1 167.99.148.203/static/js/01b.0aa1bf5719fc456b6976.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (65406)
Size 182 kB (182379 bytes)
Hash 67c4c703b268e5140287d0b25497d52c
8ce08b0801df3b6aa090bdbff2878f1c8d357eb0
7b75bba4d31e0a242f74b42a1591212fa0853a720c7b1e814db1931337afd125
Analyzer Verdict Alert quad9 Sinkholed
GET /static/js/01b.0aa1bf5719fc456b6976.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/agency-online/directing/desjardins/identifiantunique/index.php
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Jun 2022 18:57:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62ab7d11-89426"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:12:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:12:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3827
Expires: Mon, 06 Feb 2023 10:15:50 GMT
Date: Mon, 06 Feb 2023 09:12:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 40920
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 40920
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 40920
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d97807096c24402f2938faa7bef0bb1f
5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5
61d5e5e14348dcd17a2d65ed50bf4870cfa0869b2027bd9e02e5656b71ae7b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6941fb6-e957-4628-8403-b30032e53952.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9504
x-amzn-requestid: 5ed1526b-636a-4aac-9900-3438fe44bc68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4o9ZF4fIAMFuhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e021ef-6925f9fa343504e94459aa70;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:38:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U81u29w8Kam-xsluWwUqh-4J1bS-8viBRP4f6ERFJcGUpsDLcB-feg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:09 GMT
age: 40854
etag: "5dcc91fcfb218579f9bb8d74949c62b42a0ee0f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 40687
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 18:39:44 GMT
age: 52339
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9206c3ba6d5a17d62244c438fd03496e
069e8257aebe618953434b1299d065540125a512
937d395fed398e9410f75945e80f607f3146458b48cd47ba7249536ca2195817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a3d7474790bd1bb7085e24507afccff4
8281e5304c45e41aa96d6395fcc6dea9f81c251c
ef207bdfff69a7b45ebb93af668cd77bbd1d197c8bf2ce7abe08a7b98a93f4d4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 10
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:04 GMT
Last-Modified: Mon, 06 Feb 2023 09:11:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn.pendo.io/agent/static/34f48131-69df-40ca-49f6-f8c53e01d507/pendo.js
54.230.111.32200 OK 133 kB URL HTTP/2 cdn.pendo.io/agent/static/34f48131-69df-40ca-49f6-f8c53e01d507/pendo.js
IP 54.230.111.32:0
File type ASCII text, with very long lines (47568)
Size 133 kB (132840 bytes)
Hash 810bcdec205b8a5c7d712d3a072ae9e8
b6d259e56b89371480b50f44449804e9c27bf824
f136517a5e4b3fa4d9a0b8a2e52f32d74c45abf94f453949d7d1aaca5a07b312
GET /agent/static/34f48131-69df-40ca-49f6-f8c53e01d507/pendo.js HTTP/1.1
Host: cdn.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 132840
x-guploader-uploadid: ADPycdtSWYWxMeurAvGJhwAEnWgWTeX7C6mrVUbAuUA30BTLQwxpa_2yBlHJ_apthVn37RlgySaOiY_7vvMxLrDbXFBQP3O7Tvqp
last-modified: Fri, 03 Feb 2023 17:17:26 GMT
x-goog-generation: 1675444646532770
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 132840
content-encoding: gzip
x-goog-hash: crc32c=FmNcng==, md5=gQvN7CBbilx9cS06Byrp6A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 09:12:04 GMT
expires: Mon, 06 Feb 2023 09:15:56 GMT
cache-control: max-age=450
etag: "810bcdec205b8a5c7d712d3a072ae9e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zdgzwWd6vod_yaf8Idml9cmbLUbQjXxj23NtTr9BwO_H0LQdElP6Ug==
age: 218
X-Firefox-Spdy: h2
js.stripe.com/v3/
151.101.64.176200 OK 118 kB IP 151.101.64.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (118542 bytes)
Hash d2cd49bf5f9c3f948fe39778dc632363
e9a969951f8dfcd6b280632d91d01755b0971daa
311d97b529d7231bf8bb42c5c13543c60f3506a52bc3dceb8d8cf426211df69a
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 03 Feb 2023 21:59:34 GMT
etag: "638ce73a366c14c70d612128520d3260"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 06 Feb 2023 09:12:04 GMT
via: 1.1 varnish
age: 20
x-request-id: 9f8cb402-932c-4274-9ef3-6c00b7e2c460
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
content-length: 118542
X-Firefox-Spdy: h2
167.99.148.203/js/adapter.js
167.99.148.203200 OK 52 kB URL HTTP/1.1 167.99.148.203/js/adapter.js
IP 167.99.148.203:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (864)
Hash 173de58fcbbc1e808186e16100dd43ef
81509dd995b9d4bacde8f6047cd5c944ec9fbdcd
0797e356a6f9e2a7e5893b0a68313217d67ef7f3802c06b441dd9b540b9a59f5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/adapter.js HTTP/1.1
Host: 167.99.148.203
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.99.148.203/login/
HTTP/1.1 200 OK
Server: nginx/1.16.0
Date: Mon, 06 Feb 2023 09:12:04 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Feb 2023 14:32:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63dd1b04-30a5a"
Content-Encoding: gzip
js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
151.101.64.176200 OK 332 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js
IP 151.101.64.176:0
File type ASCII text, with very long lines (526)
Hash ada7d17b721f065b91d249c998f2967e
1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Mon, 06 Feb 2023 09:12:04 GMT
via: 1.1 varnish
age: 7304800
x-request-id: b0554569-4db1-412b-b3ac-51b4c33f13ea
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 184216
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
IP 142.250.74.131:0
Hash 3bde75422d0e01b79be4293a1f257475
6574b9628e3a66366a4f3db76b5334667fc0ef0f
50e82d20427d1ed79780dab8e6f469a7ca4373e60b92ca4157ca64e5a8e56202
POST /s/gts1d4/qNaXkhQj53U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ea965ca7cb10f8c6c2962ea97a4aba42
3332a2435e18c8c1b4196c229f279c2d21555790
82bffdf0f0cff6baf7061b0748e54a3af7b9158b241c3a0719e7d500c47cbcd3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 09:12:04 GMT
Last-Modified: Mon, 06 Feb 2023 07:57:56 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fXrlXY7Lfu806l81-yNC6scJlLUcYVsIjjOd3Aql47xWtjCypTl_0A==
Age: 4448
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 142da2afb2a4750ce8ec4d94040698c7
6a39d31deee8c6e34110e7ebb960cd907d63f3b4
82d408fcfa0b40c7aa0709d115787bf75c805abe8c8a79dbac56123250bce04b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104285
Date: Mon, 06 Feb 2023 09:12:04 GMT
Etag: "63dfab46-1d7"
Expires: Tue, 07 Feb 2023 14:10:09 GMT
Last-Modified: Sun, 05 Feb 2023 13:12:38 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qWwvkLUs_dJg7Fa7Rccbsm-P1Z1ntS3ezoP214IssI3qTvVYmMlwTA==
Age: 3451
ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
IP 142.250.74.131:0
Hash 3bde75422d0e01b79be4293a1f257475
6574b9628e3a66366a4f3db76b5334667fc0ef0f
50e82d20427d1ed79780dab8e6f469a7ca4373e60b92ca4157ca64e5a8e56202
POST /s/gts1d4/qNaXkhQj53U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
IP 142.250.74.131:0
Hash 3bde75422d0e01b79be4293a1f257475
6574b9628e3a66366a4f3db76b5334667fc0ef0f
50e82d20427d1ed79780dab8e6f469a7ca4373e60b92ca4157ca64e5a8e56202
POST /s/gts1d4/qNaXkhQj53U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:04 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.stripe.network/inner.html
151.101.64.176200 OK 527 B URL HTTP/2 m.stripe.network/inner.html
IP 151.101.64.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash e02352ef72e8a9563463c07174b0e50f
7a41613f7eae0819d1a4785eae3617fdbb33b9b3
2275fff71f8cbf1f25a1af7f7bbe5ecbc868ed0b16d345a8ce31770f66fc8ea5
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 09:12:04 GMT
via: 1.1 varnish
age: 236
x-request-id: 9eee4633-ac25-4a86-aa4e-f7395a52b3e0
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 137
x-timer: S1675674725.918068,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 527
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
151.101.64.176200 OK 16 kB URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 151.101.64.176:0
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 0b880c6e7a381ef1f81263cf34c54e79
af46e0111cb22576b07084f4b49be7b41b5fc3ca
115ea79f002c0c2e3405178f66ce92ecb5173e7678f692ab65d6bbf526880b7b
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=300, public
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: Fastly
content-encoding: gzip
accept-ranges: bytes
date: Mon, 06 Feb 2023 09:12:04 GMT
via: 1.1 varnish
age: 221
x-request-id: 2525cfac-a45d-4012-bd7a-a5345c5b7288
x-served-by: cache-bma1644-BMA
x-cache: HIT
x-cache-hits: 126
x-timer: S1675674725.945288,VS0,VE0
vary: Accept-Encoding, Origin
content-length: 16031
X-Firefox-Spdy: h2
data.pendo.io/data/guide.gif/34f48131-69df-40ca-49f6-f8c53e01d507?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1675674769069&v=2.169.2_prod
34.107.204.85200 OK 42 B URL HTTP/2 data.pendo.io/data/guide.gif/34f48131-69df-40ca-49f6-f8c53e01d507?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1675674769069&v=2.169.2_prod
IP 34.107.204.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/guide.gif/34f48131-69df-40ca-49f6-f8c53e01d507?jzb=eJwFwIEIAAAAwDDQd3-N1QABFQC5&ct=1675674769069&v=2.169.2_prod HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:12:04 GMT
content-type: image/gif
content-length: 42
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qNaXkhQj53U
IP 142.250.74.131:0
Hash 3bde75422d0e01b79be4293a1f257475
6574b9628e3a66366a4f3db76b5334667fc0ef0f
50e82d20427d1ed79780dab8e6f469a7ca4373e60b92ca4157ca64e5a8e56202
POST /s/gts1d4/qNaXkhQj53U HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wchat.freshchat.com/js/widget.js
54.156.217.194200 OK 19 kB URL HTTP/1.1 wchat.freshchat.com/js/widget.js
IP 54.156.217.194:0
File type ASCII text, with very long lines (61653), with no line terminators
Hash 18a88aa8d269e8a519f540f6b694e73d
c520e7fad5f6a2d525e981c5c7cd2a77e4f0e284
312cae728bccf4f2385446058db28ac95a5085e74db1beda7b17a5401be9e166
GET /js/widget.js HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=900, must-revalidate
served-by: 5323
x-server: 5323
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-bf312dd0f11179f20e6e64253d4f9834-fc7774dc8d705201-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 63e7986e-e704-4b4f-8a09-8e20c88612da
data.pendo.io/data/ptm.gif/34f48131-69df-40ca-49f6-f8c53e01d507?v=2.169.2_prod&ct=1675674769055&jzb=eJy9kEFPwzAMhf9LzlWbul1Kd0NiEoiJVWK7gFCUttmISJOSph3TtP8-d4OJ025wi53n79nvdU_8rpVkShrpBQlI6ey2k4571WA3ZtmEZWnGcppCQAbVKW8dVzUO8GL2dLfgSy6WX1Xfl9vVo0SAqCrbG3_SmF7rgPROo_zd-3YaRUgM8zyM05sQaBJpu1EmwrHW2bYj0_2Px_i8ZqOF2fRiM24uDV89k8PFGkexaIWTxt_-btXCj3rKIgoRUEiQM0jXKWuwDWHM8hA4blKPtDNgKcqHyyX-XJB5SgttPyBdl_PPoQPkrJ1o5Onzfihg3uTF4mVGt3ZhxlB3XuJxyYQdgkvg2or6auDsfwIf9_h2hzinf3I5JNnh7QgX1sND
34.107.204.85200 OK 42 B URL HTTP/2 data.pendo.io/data/ptm.gif/34f48131-69df-40ca-49f6-f8c53e01d507?v=2.169.2_prod&ct=1675674769055&jzb=eJy9kEFPwzAMhf9LzlWbul1Kd0NiEoiJVWK7gFCUttmISJOSph3TtP8-d4OJ025wi53n79nvdU_8rpVkShrpBQlI6ey2k4571WA3ZtmEZWnGcppCQAbVKW8dVzUO8GL2dLfgSy6WX1Xfl9vVo0SAqCrbG3_SmF7rgPROo_zd-3YaRUgM8zyM05sQaBJpu1EmwrHW2bYj0_2Px_i8ZqOF2fRiM24uDV89k8PFGkexaIWTxt_-btXCj3rKIgoRUEiQM0jXKWuwDWHM8hA4blKPtDNgKcqHyyX-XJB5SgttPyBdl_PPoQPkrJ1o5Onzfihg3uTF4mVGt3ZhxlB3XuJxyYQdgkvg2or6auDsfwIf9_h2hzinf3I5JNnh7QgX1sND
IP 34.107.204.85:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /data/ptm.gif/34f48131-69df-40ca-49f6-f8c53e01d507?v=2.169.2_prod&ct=1675674769055&jzb=eJy9kEFPwzAMhf9LzlWbul1Kd0NiEoiJVWK7gFCUttmISJOSph3TtP8-d4OJ025wi53n79nvdU_8rpVkShrpBQlI6ey2k4571WA3ZtmEZWnGcppCQAbVKW8dVzUO8GL2dLfgSy6WX1Xfl9vVo0SAqCrbG3_SmF7rgPROo_zd-3YaRUgM8zyM05sQaBJpu1EmwrHW2bYj0_2Px_i8ZqOF2fRiM24uDV89k8PFGkexaIWTxt_-btXCj3rKIgoRUEiQM0jXKWuwDWHM8hA4blKPtDNgKcqHyyX-XJB5SgttPyBdl_PPoQPkrJ1o5Onzfihg3uTF4mVGt3ZhxlB3XuJxyYQdgkvg2or6auDsfwIf9_h2hzinf3I5JNnh7QgX1sND HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
content-type: image/gif
x-content-type-options: nosniff
date: Mon, 06 Feb 2023 09:12:05 GMT
content-length: 42
x-envoy-upstream-service-time: 110
server: istio-envoy
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2821
Cache-Control: max-age=131043
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Etag: "63e01643-1d7"
Expires: Tue, 07 Feb 2023 21:36:08 GMT
Last-Modified: Sun, 05 Feb 2023 20:49:07 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
54.156.217.194200 OK 1.7 kB URL HTTP/1.1 wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
IP 54.156.217.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2773)
Hash 11563f27d82df9c2beaaacd90789d005
d28c012584ed23e02fbd8ae1d91f64252d469a28
f70c33bebd86403a52e3351f437a264f2eda344fdbf38676f76d247fbd285e48
GET /widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
served-by: 9886
x-server: 9886
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-3893c5389d30ebc3a332395d54f73a98-f09ef33bf090a16e-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 848babd5-1414-4883-8426-2526b363e212
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Feb 2023 07:44:08 GMT
expires: Mon, 06 Feb 2023 09:44:08 GMT
cache-control: public, max-age=7200
age: 5277
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: TJpf1SWVv1VgUVp94s+OsRwfiaXWq2tLptGPWKbam1afqlXnxpWQAr9TepueTshDwrIhjQcTpjmnBKcrG3Dh+A==
content-length: 27843
x-fb-trip-id: 2050670934
date: Mon, 06 Feb 2023 09:12:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pendo-static-6375871301419008.storage.googleapis.com/guide-content/SVJfOvbIKNUAtwYf6HymbGhS_ng@2ndLW8B5y4eb7YInq-8-ioDy4Gg/CGLsJa7QVy3Fv-plh-WQcGppSlI/I4f-OOFYmpLmvixIV4p153kmEtA.dom.jsonp?sha256=-8HVfOug1FiL1aPwHnItGV4DtDBusrIPCENhPcs7b34
142.250.74.112200 OK 3.2 kB URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/SVJfOvbIKNUAtwYf6HymbGhS_ng@2ndLW8B5y4eb7YInq-8-ioDy4Gg/CGLsJa7QVy3Fv-plh-WQcGppSlI/I4f-OOFYmpLmvixIV4p153kmEtA.dom.jsonp?sha256=-8HVfOug1FiL1aPwHnItGV4DtDBusrIPCENhPcs7b34
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (13930), with no line terminators
Hash f1c536a32f5579cf68e7c4ab0f1f5474
c96b6e7e1867e1b6e420a4de860f8d1b19cb98a1
50605504844bec3ddb5b6e279f7c4f4a220f6312779e37155ea7f987f1638ae0
GET /guide-content/SVJfOvbIKNUAtwYf6HymbGhS_ng@2ndLW8B5y4eb7YInq-8-ioDy4Gg/CGLsJa7QVy3Fv-plh-WQcGppSlI/I4f-OOFYmpLmvixIV4p153kmEtA.dom.jsonp?sha256=-8HVfOug1FiL1aPwHnItGV4DtDBusrIPCENhPcs7b34 HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtBy_WnCtZnejqlfzw7RY1tDkIWaFsezB7ol74dmlG28thU7gXBUgZvEfnv3oWgXOoKTXNWcUJW3pHPRx3XRq5w2G-b6FUb
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1668631240085420
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3193
content-encoding: gzip
x-goog-hash: crc32c=+oPBWw==, md5=8cU2oy9Vec9o58SrDx9UdA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 3193
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 16 Nov 2022 20:40:40 GMT
etag: "f1c536a32f5579cf68e7c4ab0f1f5474"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pendo-static-6375871301419008.storage.googleapis.com/guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/aXiDBQ1K50mKkPv9ZMmy59rloaM.dom.jsonp?sha256=amv_qaD3qUhK2u8XzESdfZ6QbpXEhJkbyb4UzV4jYKs
142.250.74.112200 OK 1.4 kB URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/aXiDBQ1K50mKkPv9ZMmy59rloaM.dom.jsonp?sha256=amv_qaD3qUhK2u8XzESdfZ6QbpXEhJkbyb4UzV4jYKs
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (4803), with no line terminators
Hash 56943ecc8f8b5ef7b9f8f941956d4e56
94c02e120504cc34f2d92d6811363c396c4f2fa8
0191174399ae32f61c88d3c433f3ff9a4c08590bd9529e4e05b6e2287b9c455f
GET /guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/aXiDBQ1K50mKkPv9ZMmy59rloaM.dom.jsonp?sha256=amv_qaD3qUhK2u8XzESdfZ6QbpXEhJkbyb4UzV4jYKs HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduTxcwd5I4Tp7dz20T_SsO6KEXf2QaY1Zo1OIUXuOZjh5JFnxYDglofL_XkJpc7hMOFiBZNFZ096TJA6E0REaXqRTPKBUFh
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1666183854054973
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1439
content-encoding: gzip
x-goog-hash: crc32c=0IRvNw==, md5=VpQ+zI+LXve5+PlBlW1OVg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1439
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 19 Oct 2022 12:50:54 GMT
etag: "56943ecc8f8b5ef7b9f8f941956d4e56"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
data.pendo.io/data/guide.js/34f48131-69df-40ca-49f6-f8c53e01d507?id=4&jzb=eJx9jUGLgzAQhf_LnCWJsbirt0J7WArdhdVzmNVgA2kiMbGFxf_ueJGeepv3-N58_zCbyUQfvnqoQf2cr6dv1Shsnl1Kf4_2oiED7DqfXNwQl6zNIAVL9C3GseY8Lz9YVbH88MmkKLj1g3GcVncdsceIUO-S7TRvRBbdkHDQRGin2l9YdjlNKYwYtIvH14oUGy9KLiSXQhb0Z9ZhMt5RLVleVkyqMfgelmUFWpFMPg&v=2.169.2_prod&ct=1675674769068
34.107.204.85200 OK 7.9 kB URL HTTP/2 data.pendo.io/data/guide.js/34f48131-69df-40ca-49f6-f8c53e01d507?id=4&jzb=eJx9jUGLgzAQhf_LnCWJsbirt0J7WArdhdVzmNVgA2kiMbGFxf_ueJGeepv3-N58_zCbyUQfvnqoQf2cr6dv1Shsnl1Kf4_2oiED7DqfXNwQl6zNIAVL9C3GseY8Lz9YVbH88MmkKLj1g3GcVncdsceIUO-S7TRvRBbdkHDQRGin2l9YdjlNKYwYtIvH14oUGy9KLiSXQhb0Z9ZhMt5RLVleVkyqMfgelmUFWpFMPg&v=2.169.2_prod&ct=1675674769068
IP 34.107.204.85:0
File type Unicode text, UTF-8 text, with very long lines (34848), with no line terminators
Hash 690854dea2d3052ee3566bae4e1d0931
83f04a12339f21f1932dbb1b7c31133a83d651a4
bc653fd99b6f510e3b7fd80ec13c7a3dc457dacef10aa79a9159669af0817024
GET /data/guide.js/34f48131-69df-40ca-49f6-f8c53e01d507?id=4&jzb=eJx9jUGLgzAQhf_LnCWJsbirt0J7WArdhdVzmNVgA2kiMbGFxf_ueJGeepv3-N58_zCbyUQfvnqoQf2cr6dv1Shsnl1Kf4_2oiED7DqfXNwQl6zNIAVL9C3GseY8Lz9YVbH88MmkKLj1g3GcVncdsceIUO-S7TRvRBbdkHDQRGin2l9YdjlNKYwYtIvH14oUGy9KLiSXQhb0Z9ZhMt5RLVleVkyqMfgelmUFWpFMPg&v=2.169.2_prod&ct=1675674769068 HTTP/1.1
Host: data.pendo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 09:12:05 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-credentials: false
access-control-allow-headers: Origin,Accept,Content-Type,Authorization
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-max-age: 600
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pendo-static-6375871301419008.storage.googleapis.com/guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/s-5NrXEhJ1ncAmhzMFNyLFP-v3s.guide.js?sha256=GGszxgVX-3zDMJS1rORYSBO8TLVtROirU48WCDjQps0
142.250.74.112200 OK 936 B URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/s-5NrXEhJ1ncAmhzMFNyLFP-v3s.guide.js?sha256=GGszxgVX-3zDMJS1rORYSBO8TLVtROirU48WCDjQps0
IP 142.250.74.112:0
File type HTML document, ASCII text, with very long lines (1533)
Hash 0f98d9c434d5df79d4cf583f01b68ed2
5e7c929062a8e13df3de072c94ce233c2d9325b5
cdafcf8fac926776c9b87adb1d4e4b1b67e1d363f8f1982138a640c350bfd13f
GET /guide-content/QBTD9kMwXPVruViZNgD7qJii6tM@2ndLW8B5y4eb7YInq-8-ioDy4Gg/gdG5HOWMLzA4ZrqM6Pm72A28K_I/s-5NrXEhJ1ncAmhzMFNyLFP-v3s.guide.js?sha256=GGszxgVX-3zDMJS1rORYSBO8TLVtROirU48WCDjQps0 HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvtMNj6mxm9rp9530YlkROKOR-44Ww8XIOBNelJSXddmGR7qT3pj90iKAwXYQBwG_PpK2yJCMFsvYk868bAT_cU8vW4_TTN
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1632826422107037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 936
content-encoding: gzip
x-goog-hash: crc32c=SrfodA==, md5=D5jZxDTV33nUz1g/AbaO0g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 936
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Tue, 28 Sep 2021 10:53:42 GMT
etag: "0f98d9c434d5df79d4cf583f01b68ed2"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=667924731&t=pageview&_s=1&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&ul=en-us&de=UTF-8&dt=BatchDialer&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=229131213&gjid=1835153790&cid=1789268508.1675674770&tid=UA-119765644-13&_gid=1557716709.1675674770&_r=1&_slc=1>m=45He3210n815C9WRZT&z=323439694
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=667924731&t=pageview&_s=1&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&ul=en-us&de=UTF-8&dt=BatchDialer&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=229131213&gjid=1835153790&cid=1789268508.1675674770&tid=UA-119765644-13&_gid=1557716709.1675674770&_r=1&_slc=1>m=45He3210n815C9WRZT&z=323439694
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=667924731&t=pageview&_s=1&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&ul=en-us&de=UTF-8&dt=BatchDialer&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAEABAAAAACAAI~&jid=229131213&gjid=1835153790&cid=1789268508.1675674770&tid=UA-119765644-13&_gid=1557716709.1675674770&_r=1&_slc=1>m=45He3210n815C9WRZT&z=323439694 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://167.99.148.203
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://167.99.148.203
date: Mon, 06 Feb 2023 09:12:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pendo-static-6375871301419008.storage.googleapis.com/guide-content/aXDp-zA8_XMIopjC2OZkE4-R8pI@2ndLW8B5y4eb7YInq-8-ioDy4Gg/LdhvK4dr22Wouj1808D_u-cLfeU/eY3hLmDaZjF3dcycsD6PuuHTG7s.guide.js?sha256=5a4lX2hhy2eiGmlUm-lDSQ-Fka0Y0dJfpXqJLFAzsnQ
142.250.74.112200 OK 671 B URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/aXDp-zA8_XMIopjC2OZkE4-R8pI@2ndLW8B5y4eb7YInq-8-ioDy4Gg/LdhvK4dr22Wouj1808D_u-cLfeU/eY3hLmDaZjF3dcycsD6PuuHTG7s.guide.js?sha256=5a4lX2hhy2eiGmlUm-lDSQ-Fka0Y0dJfpXqJLFAzsnQ
IP 142.250.74.112:0
File type HTML document, ASCII text, with very long lines (956)
Hash f251b7c839a560ba0a5afe9767729c59
0e93482a839350622ace41392d2bc1f918a9493a
436c35afbdfe52fe232b9221e7f3ede399f49f94b39bb92ee215213a8b0caf86
GET /guide-content/aXDp-zA8_XMIopjC2OZkE4-R8pI@2ndLW8B5y4eb7YInq-8-ioDy4Gg/LdhvK4dr22Wouj1808D_u-cLfeU/eY3hLmDaZjF3dcycsD6PuuHTG7s.guide.js?sha256=5a4lX2hhy2eiGmlUm-lDSQ-Fka0Y0dJfpXqJLFAzsnQ HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvZD4kEG7XCj8daZs3xaen1YAI7IsqA56KBkIzrBDODrk069asp-3jQ02iOqacWvuR4ql8VzeWL4ENuwp_MvC6rjw
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1631806509921127
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 671
content-encoding: gzip
x-goog-hash: crc32c=D2Lxcw==, md5=8lG3yDmlYLoKWv6XZ3KcWQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 671
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Thu, 16 Sep 2021 15:35:09 GMT
etag: "f251b7c839a560ba0a5afe9767729c59"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2821
Cache-Control: max-age=131043
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Etag: "63e01643-1d7"
Expires: Tue, 07 Feb 2023 21:36:08 GMT
Last-Modified: Sun, 05 Feb 2023 20:49:07 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
pendo-static-6375871301419008.storage.googleapis.com/guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/o0YWVjSZgFbgHGxFfVa0OB_XBfM.dom.jsonp?sha256=v2t5gJ8QtHor_4TFD7NZoW1wraUWfeE7cKRasqMpxLk
142.250.74.112200 OK 1.4 kB URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/o0YWVjSZgFbgHGxFfVa0OB_XBfM.dom.jsonp?sha256=v2t5gJ8QtHor_4TFD7NZoW1wraUWfeE7cKRasqMpxLk
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (4803), with no line terminators
Hash b5d1a06e134b1586cbcaa5a12faea4a8
2145fea14f59f20220a38373ef5911f8901df734
fad9794675c4f97be8e0dd42a1f344bb3a930f1427523e841e1cd3db66a00f65
GET /guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/o0YWVjSZgFbgHGxFfVa0OB_XBfM.dom.jsonp?sha256=v2t5gJ8QtHor_4TFD7NZoW1wraUWfeE7cKRasqMpxLk HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvYsvAF7yiftdjMtnmBtCZa1Xz6qA9ERJIMyV8L1Crv5md4b2Uy1BoWJkYEo9fInz1mP5SzeHQ_4wBMO3ivfOfJ
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1666183854068963
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1436
content-encoding: gzip
x-goog-hash: crc32c=XSrwxw==, md5=tdGgbhNLFYbLyqWhL66kqA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1436
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 19 Oct 2022 12:50:54 GMT
etag: "b5d1a06e134b1586cbcaa5a12faea4a8"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pendo-static-6375871301419008.storage.googleapis.com/guide-content/LaiWS-hB-xG_ppS_-cZDGzf9TGE@2ndLW8B5y4eb7YInq-8-ioDy4Gg/TE_aoqVBdL7h6mscZpq8g_MWRp4/Tp9TcLyiLEpFMlfB9ZbUZpC-UHM.dom.jsonp?sha256=lastsp6blNxTQ7st9KHZvM9JkK0yBSQy6bLAFDBtpmQ
142.250.74.112200 OK 1.6 kB URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/LaiWS-hB-xG_ppS_-cZDGzf9TGE@2ndLW8B5y4eb7YInq-8-ioDy4Gg/TE_aoqVBdL7h6mscZpq8g_MWRp4/Tp9TcLyiLEpFMlfB9ZbUZpC-UHM.dom.jsonp?sha256=lastsp6blNxTQ7st9KHZvM9JkK0yBSQy6bLAFDBtpmQ
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (5532), with no line terminators
Hash ab1ab4475b849dd6f1fa5ffbadb4e5b0
f9d7492452a5d65fc511d08dc517aa6a1e9fdf49
bde12ec5e9eb9e75ba1d9534274f4ee89e2e380bb576dcc59fb46a3684ff0ec0
GET /guide-content/LaiWS-hB-xG_ppS_-cZDGzf9TGE@2ndLW8B5y4eb7YInq-8-ioDy4Gg/TE_aoqVBdL7h6mscZpq8g_MWRp4/Tp9TcLyiLEpFMlfB9ZbUZpC-UHM.dom.jsonp?sha256=lastsp6blNxTQ7st9KHZvM9JkK0yBSQy6bLAFDBtpmQ HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu-rohSulHjfh-9Wav8oASxjoLM8dDFRjuyz3kIzdOQFgzQGC8HCjEj7Et_QdSxwb1WhydTG7l3PDFBPnFqC2Xq3Cn9kI0d
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1666183853900149
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1599
content-encoding: gzip
x-goog-hash: crc32c=XC+iIA==, md5=qxq0R1uEndbx+l/7rbTlsA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1599
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 19 Oct 2022 12:50:53 GMT
etag: "ab1ab4475b849dd6f1fa5ffbadb4e5b0"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pendo-static-6375871301419008.storage.googleapis.com/guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/fBAkyC06oUM6qDY6iQ_lzVmNlgk.dom.jsonp?sha256=GGlZHyYCgYjMX3RmoeilnpJI_vrYWjERndL7eNPMfQo
142.250.74.112200 OK 1.4 kB URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/fBAkyC06oUM6qDY6iQ_lzVmNlgk.dom.jsonp?sha256=GGlZHyYCgYjMX3RmoeilnpJI_vrYWjERndL7eNPMfQo
IP 142.250.74.112:0
File type Unicode text, UTF-8 text, with very long lines (4802), with no line terminators
Hash 064d72ff4b94441fc039cb40d90e41d5
bfcf95638a92025a98bf0ba0afcff2d107df1355
7d18eb21926282dd3b404c37b466ba20825870cca3b402a935f9e299572fdd00
GET /guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/fBAkyC06oUM6qDY6iQ_lzVmNlgk.dom.jsonp?sha256=GGlZHyYCgYjMX3RmoeilnpJI_vrYWjERndL7eNPMfQo HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtPVPGVfIPUa2cSw2O0fzxFIbNU0MdQsYSNDxmuaP2vwqKUpfzaYnfqLEUyaQgt1wV5mssvGNBIid2IRngrN62PgUa8Y6WV
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1666183854392839
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1433
content-encoding: gzip
x-goog-hash: crc32c=pG2sUw==, md5=Bk1y/0uURB/AOctA2Q5B1Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1433
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 19 Oct 2022 12:50:54 GMT
etag: "064d72ff4b94441fc039cb40d90e41d5"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pendo-static-6375871301419008.storage.googleapis.com/guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/39ha7welOCzIpd_pwvSS282ffTQ.guide.js?sha256=z98B7SLHQdqAHF5wmOnjdbYi_WriYM-ul91Ctm3TUto
142.250.74.112200 OK 686 B URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/39ha7welOCzIpd_pwvSS282ffTQ.guide.js?sha256=z98B7SLHQdqAHF5wmOnjdbYi_WriYM-ul91Ctm3TUto
IP 142.250.74.112:0
File type HTML document, ASCII text, with very long lines (973)
Hash 7011e06aa4ae348f7d4b5dbe42a261da
a7683247b22416facec9e3c81cf0d8ef295814e1
7074222cef34dc9e5a83d0f9dd857bde6b6affb758243de65d482757e973c2c7
GET /guide-content/_Qw4TF7JTkB3gRl-5_qCtq270Jc@2ndLW8B5y4eb7YInq-8-ioDy4Gg/lEmB-fxFuCgPV4jiPHXHZaNbCFY/39ha7welOCzIpd_pwvSS282ffTQ.guide.js?sha256=z98B7SLHQdqAHF5wmOnjdbYi_WriYM-ul91Ctm3TUto HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsG_vrUmLB2krv45ZeoJ8gXIc8sJPC9pS9HA_TXoMIcMGJ434uhpPiHNhBCy-4iiwu6KHzdVEZe3fXgMaryAqbTuA
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1666183854039474
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 686
content-encoding: gzip
x-goog-hash: crc32c=hQ9fTQ==, md5=cBHgaqSuNI99S12+QqJh2g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 686
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Wed, 19 Oct 2022 12:50:54 GMT
etag: "7011e06aa4ae348f7d4b5dbe42a261da"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5acad4d02dd29fdea5b81109c3073e8
2e10f3faf9f3a7fc2f4b8302b1ab6adcef64e22e
ca1163c938735d113ecc28a222845a165ed3e334894097fbad1b9a2df7955628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pendo-static-6375871301419008.storage.googleapis.com/guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/QvFBQ_WwQ3OR4V0fvm8XDt2KGIA.guide.js?sha256=mFjbONJJ2P_fKvprkM9o_mIlVAXMJ9GZOWEUNLeeghk
142.250.74.112200 OK 714 B URL HTTP/2 pendo-static-6375871301419008.storage.googleapis.com/guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/QvFBQ_WwQ3OR4V0fvm8XDt2KGIA.guide.js?sha256=mFjbONJJ2P_fKvprkM9o_mIlVAXMJ9GZOWEUNLeeghk
IP 142.250.74.112:0
File type HTML document, ASCII text, with very long lines (1095)
Hash e4e9f9489c7dd0730c37bba6dfc58550
aee8dc84f0c9c8eebcb834c1a25301dc99e5e768
0fb01a822cfb3d179927d74af56022a1ee66fdbf2b8653be283d114f3609e688
GET /guide-content/htuL9HqPs9w-MVW5DQlKkG8rtG8@2ndLW8B5y4eb7YInq-8-ioDy4Gg/t1lj1fgH8kcyOpXkm6TiQjyMUDo/QvFBQ_WwQ3OR4V0fvm8XDt2KGIA.guide.js?sha256=mFjbONJJ2P_fKvprkM9o_mIlVAXMJ9GZOWEUNLeeghk HTTP/1.1
Host: pendo-static-6375871301419008.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu3aJNX1ic9fylAZXX-IMSsHqJs0qZ1sOcbMwbRIIPceEMD0K-XTwG-L3CnM9vwU5WUdcxOTYjEJ84erTOKSnHGkhQa9l-G
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1631806453062372
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 714
content-encoding: gzip
x-goog-hash: crc32c=gLAPIA==, md5=5On5SJx90HMMN7um38WFUA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 714
access-control-allow-origin: *
access-control-expose-headers: *
server: UploadServer
date: Mon, 06 Feb 2023 08:39:55 GMT
expires: Mon, 06 Feb 2023 09:39:55 GMT
cache-control: public, max-age=3600
last-modified: Thu, 16 Sep 2021 15:34:13 GMT
etag: "e4e9f9489c7dd0730c37bba6dfc58550"
content-type: application/javascript; charset=utf-8
age: 1930
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
IP 54.230.111.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 0
last-modified: Tue, 31 Jan 2023 11:25:09 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 09:12:05 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4ISKaTBJPIWiYODPK1J8zyOpshLdRU1Onb7V0Eq-J1Z1hwogh84x0Q==
age: 4
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c29038bdcf59c877fb1dc0d05743ba91
af086331d74eb5a426caf2c290c69716f538a22e
7d6bf6f556ffa097f8e2d230335ede55c293000527d67e0672f88fb0c8663a7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2112
Cache-Control: max-age=134287
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Etag: "63e025b4-1d7"
Expires: Tue, 07 Feb 2023 22:30:12 GMT
Last-Modified: Sun, 05 Feb 2023 21:55:00 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
wchat.freshchat.com/widget/css/widget.css?t=1675674769408
54.156.217.194200 OK 1.7 kB URL HTTP/1.1 wchat.freshchat.com/widget/css/widget.css?t=1675674769408
IP 54.156.217.194:0
File type ASCII text, with very long lines (8857)
Hash b5e89ee0ad0cccc7ddc1f3cfad9939d0
04751cd854046b72e25e2428b9ec5fd8c3fa09e0
5f797f013b7f7d86962b0b99977a5990fb3a0e193befaf7e935ab005d6f25b38
GET /widget/css/widget.css?t=1675674769408 HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
expires: Tue, 06 Feb 2024 09:12:05 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 9886
x-server: 9886
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-a866a2fa1afcf80c617a9f3bc95fea0b-a829a680f7342ece-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 5256a18a-115e-417b-bf43-794ec5409983
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&gjid=1835153790&_gid=1557716709.1675674770&_u=YEBAAEAAAAAAACAAI~&z=1719443045
74.125.131.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&gjid=1835153790&_gid=1557716709.1675674770&_u=YEBAAEAAAAAAACAAI~&z=1719443045
IP 74.125.131.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&gjid=1835153790&_gid=1557716709.1675674770&_u=YEBAAEAAAAAAACAAI~&z=1719443045 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://167.99.148.203
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://167.99.148.203
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 06 Feb 2023 09:12:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7afb8eb5dcbd727fb69c14bfabe20e72
d4b1cc1973e4200a371f0aa8c5ec8232d780a77b
ca0a46edfe267973b60ff163d696fe7c0e862e56ee3f90f098bf309f276c987f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:12:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-119765644-13&cid=1789268508.1675674770&jid=229131213&_u=YEBAAEAAAAAAACAAI~&z=960408150 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 09:12:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9d7d54937b70d60ca299d07980bc1e1e
42ee245e31b6c480419253d420a75159e107cc65
fd8c0e9b7ce1332347da031c471053f5acaab963f5aafd0e29bb94b90bcf9293
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 09:12:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.stripe.com/6
34.209.12.98200 OK 156 B IP 34.209.12.98:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0c5c24dbd6b6e2157e30b245999525d9
d5f7708bada55740e2edd0ff3fdaff2e9de03888
c619f98d679025b5a7cc0bbcf4dbd2bb49a61a7f98203546840020a933d3cf08
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2420
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 09:12:05 GMT
content-length: 156
set-cookie: m=b20a73e3-b181-46ef-9c42-1a415d7b59c8ec7aa2;Expires=Wed, 05-Feb-2025 09:12:05 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
x-stripe-bg-intended-route-color: blue
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770041&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770041&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770041&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 09:12:05 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770047&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 110 kB URL HTTP/2 www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770047&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
File type gzip compressed data, from Unix\012- data
Size 110 kB (110259 bytes)
Hash f2ff4ccf13ae2f82000fb4978abe1073
34e1ec302accda52688dadb83030fa0201bfd9c7
90b46eb6e1f8669aaa456ab6bc733bdbce121767e49db5012515e1ed47b9c262
GET /tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770047&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 09:12:05 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770045&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770045&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=648730976037065&ev=PageView&dl=http%3A%2F%2F167.99.148.203%2Flogin%2F&rl=&if=false&ts=1675674770045&sw=1280&sh=1024&v=2.9.95&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&cs_est=true&fbp=fb.3.1675674770040.865155919&it=1675674769649&coo=false&tm=1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Mon, 06 Feb 2023 09:12:05 GMT
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/config?domain=aHR0cDovLzE2Ny45OS4xNDguMjAz
54.156.217.194200 OK 1.3 kB URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/config?domain=aHR0cDovLzE2Ny45OS4xNDguMjAz
IP 54.156.217.194:0
File type JSON data\012- , ASCII text, with very long lines (2921), with no line terminators
Hash 56a4a33089664f6f0aa3032e03f82791
87ab86441a1297d0e6d03c4ac09dc99eef2d0757
a37d7c7a7dd46b2b0d2bb6f4afdde92452872abeebe8b5974d1d8afd35a8eee7
GET /app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/config?domain=aHR0cDovLzE2Ny45OS4xNDguMjAz HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:05 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 642470c6-b9ad-44b4-9b87-a4b079ffb883
content-encoding: gzip
vary: accept-encoding
x-server: 5323
x-envoy-upstream-service-time: 14
x-trace-id: 00-b59df69fbb357b22b3a2d96a3890202d-f8098747b77f41a0-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2999
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
54.230.111.39206 Partial Content 4.3 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
IP 54.230.111.39:0
File type Audio file with ID3 version 2.4.0, contains:\012- MPEG ADTS, layer III, v2, 56 kbps, 22.05 kHz, Monaural\012- data
Hash a529450a7cfb4a60dea41ef294fa90dd
50eb9373dfa8c38ec6aebfa6e2a5f4494871aa37
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
GET /static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3 HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 4302
last-modified: Tue, 31 Jan 2023 11:25:09 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 06 Feb 2023 09:11:37 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-range: bytes 0-4301/4302
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _WQt8-_d3Ffi6rtHDg-8epvUk8q7ozyA5Dj-SBjntq-_rf0NolU0Jw==
age: 192
X-Firefox-Spdy: h2
wchat.freshchat.com/widget/js/co-browsing.js
54.156.217.194200 OK 8.0 kB URL HTTP/1.1 wchat.freshchat.com/widget/js/co-browsing.js
IP 54.156.217.194:0
File type ASCII text, with very long lines (27109), with no line terminators
Hash 451e59041c9a97c80376792d2b0a3b17
1dde1364568db32996c36b6e479e21233f2d4901
4a22e8436c72556b1b44b1c5e691127b31f7852261afac57dde7a76f8b9d1ab9
GET /widget/js/co-browsing.js HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
expires: Tue, 06 Feb 2024 09:12:06 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 6714
x-server: 6714
content-encoding: gzip
x-envoy-upstream-service-time: 0
x-trace-id: 00-52f82480ef9b50b9ff6f908bc3c2cd72-8c298f8f0ae12b46-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 85419811-7036-4221-bbcd-f3ef4bb5edf6
wchat.freshchat.com/widget/css/cb.css?t=1675674770537
54.156.217.194200 OK 639 B URL HTTP/1.1 wchat.freshchat.com/widget/css/cb.css?t=1675674770537
IP 54.156.217.194:0
File type ASCII text, with very long lines (1524)
Hash a9f329d058fdd0d77215e146238839e5
805ec101d0f1e8499e7d6228c4ae260e9321459f
0e6588f44780ace88861cf0e21c7d684c1adf891f23348a44bc466bc73409e6a
GET /widget/css/cb.css?t=1675674770537 HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
last-modified: Fri, 03 Feb 2023 10:43:54 GMT
expires: Tue, 06 Feb 2024 09:12:06 GMT
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 5323
x-server: 5323
content-encoding: gzip
x-envoy-upstream-service-time: 1
x-trace-id: 00-010f814f2cfe8722da093d1d38c6fd59-c29bdf58a3978787-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: false
x-request-id: 71a8d1d1-ba43-49e0-a48f-59fed0f5882f
wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/user
54.156.217.194200 OK 63 B URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/user
IP 54.156.217.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 986b346dcc5bc15f4f28a5878eb3bd54
0576953cc35e7ddfad56bf9e0ca4c35411c62aea
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
GET /app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/user HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:06 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 63
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: d3b9e2ee-a4a2-4d45-89aa-3fb4481956e0
x-server: 2601
x-envoy-upstream-service-time: 4
x-trace-id: 00-42aa611d79b1c5c8cd8e860d079a6cc9-ef849fd688e9e30c-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2998
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/widget_info_v2?locales=en-US,en-US&platform=web
54.156.217.194200 OK 2.6 kB URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/widget_info_v2?locales=en-US,en-US&platform=web
IP 54.156.217.194:0
File type JSON data\012- , ASCII text, with very long lines (13874), with no line terminators
Hash 57449fdb3592ddec0a9bb9832dfa6722
780c122c6c5fcd8305ca8906989e1480de0aba31
30379135ea4b3d5b68bf32996fcd457b4968e226ffb4b070c4b35802d08a8f07
GET /app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/widget_info_v2?locales=en-US,en-US&platform=web HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:06 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
server: fwe
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: a35dbb9c-ebeb-46cf-b465-c76d90533720
content-encoding: gzip
vary: accept-encoding
x-server: 4082
x-status: EXPIRED
x-envoy-upstream-service-time: 95
x-trace-id: 00-be6cd38e0767d4019b9320b414505201-e3a61b49f26046f5-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2997
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
assetscdn-wchat.freshchat.com/static/assets/chunk.7854b87572ae80705c5f.js
54.230.111.39200 OK 14 kB URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.7854b87572ae80705c5f.js
IP 54.230.111.39:0
File type Unicode text, UTF-8 text, with very long lines (60251), with no line terminators
Hash 0fc63c0ba1dc4d2972f26f05bcbb1e25
b95a79e0e318f43caf0b4a20c8e2fc5fec8e5bae
d67e0352feb2c11f816733ef5d7bf144b221692ed13a16366027a263dbfc875e
GET /static/assets/chunk.7854b87572ae80705c5f.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 08:22:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:08:16 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"53e82ffd91010db61d58b13dbb6a3197"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Avb6-kcyci8eHE3ME4SJ1TJ0LZgUJdScp6DQU7KrBoOBedbphGdqqA==
age: 231
X-Firefox-Spdy: h2
wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1
54.156.217.194200 OK 606 B URL HTTP/1.1 wchat.freshchat.com/app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1
IP 54.156.217.194:0
File type JSON data\012- , ASCII text, with very long lines (606), with no line terminators
Hash 5ef91ac4ab8cd1c3f29523c014bac3ed
74186addd36d33764c5abbf424c5c0ac2d11ee51
8fc80dec136835d20cbe0412cbc2f95093601e331aa688b5f63f91c4c40a73ab
GET /app/services/app/webchat/4e9a748f-fb25-42df-b175-b45d7dd8ab98/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1 HTTP/1.1
Host: wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/widget/?token=4e9a748f-fb25-42df-b175-b45d7dd8ab98&referrer=aHR0cDovLzE2Ny45OS4xNDguMjAz
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 09:12:06 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 606
Connection: keep-alive
server: fwe
x-b3-spanid: e16cc58b04684ab9
x-b3-traceid: 47f4ed49fb0ff4c1b9b4a73201e2481c
x-fd-request-id: 7c60795d-4d77-4714-baa4-73ae593fd563
access-control-allow-credentials: true
cache-control: no-store
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
x-request-id: 47381a57-7e0b-41d6-822d-39b1462457cf
x-server: 6714
x-envoy-upstream-service-time: 54
x-trace-id: 00-4f85428decba0f57027ca1ffc06f4c04-ec31c6f37f52b672-00, 00-4f85428decba0f57027ca1ffc06f4c04-df0d22c7ca954781-00
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
x-fw-ratelimiting-managed: true
x-ratelimit-total: 3000
x-ratelimit-remaining: 2995
x-ratelimit-used-currentrequest: 1
x-ratelimit-limit: 3000
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ec70adbf86edcdb7953acf2b3c9c799b
ddf8cdf338dda95eeb462f7fa9ca83aa2dce0689
28ff30299d6a9fddd4bf1bb20fa78e7a0ef9ff3ab5ebd9f174e92d691a08a9fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 09:12:07 GMT
Last-Modified: Mon, 06 Feb 2023 07:45:06 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h0K9zEL8cGLhXXrjwQesI_5TkxmcZq62KHx1SyPSt7OIyqTJ7-zP3Q==
Age: 5221
fc-use1-00-pics-bkt-00.s3.amazonaws.com/e8e98e60fa8057adfad169cf929b39d2325a388711f93dead389acf2379a7966/f_marketingpicFull/u_e60870fa396460e2f6b75d504db77390e7a4bbcdf73170605ee991b56095bfac/img_4bsnfg5t8f_6d14d938b794c6caeb49c1d5d10754d1075273251d2c6b97aedad0bbdd7a5614.jpeg
52.217.131.1200 OK 25 kB URL HTTP/1.1 fc-use1-00-pics-bkt-00.s3.amazonaws.com/e8e98e60fa8057adfad169cf929b39d2325a388711f93dead389acf2379a7966/f_marketingpicFull/u_e60870fa396460e2f6b75d504db77390e7a4bbcdf73170605ee991b56095bfac/img_4bsnfg5t8f_6d14d938b794c6caeb49c1d5d10754d1075273251d2c6b97aedad0bbdd7a5614.jpeg
IP 52.217.131.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash dc2d139ea21b698cf32c0d36b42f2b3a
354770c8b5607f1d70c03d92924634be189ca4d5
a8831dac6dc558140033ea8028da6c003f4ddad3a76fbd8102778593223ec32c
GET /e8e98e60fa8057adfad169cf929b39d2325a388711f93dead389acf2379a7966/f_marketingpicFull/u_e60870fa396460e2f6b75d504db77390e7a4bbcdf73170605ee991b56095bfac/img_4bsnfg5t8f_6d14d938b794c6caeb49c1d5d10754d1075273251d2c6b97aedad0bbdd7a5614.jpeg HTTP/1.1
Host: fc-use1-00-pics-bkt-00.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: zAYxdVNRIleY4jUNi5rnHNJThM7z4S6bNPT/9Hq8AI8aSPEArano+OXW6zMR0jwu0T7+LvNuECY=
x-amz-request-id: 2DCGV6THT6BFMHW6
Date: Mon, 06 Feb 2023 09:12:08 GMT
Last-Modified: Tue, 22 Nov 2022 12:00:09 GMT
ETag: "dc2d139ea21b698cf32c0d36b42f2b3a"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
x-amz-version-id: pdy6aRNC4SnLNZzGjNF.7y0aZVPq5XpP
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 24856
www.googletagmanager.com/gtm.js?id=GTM-5C9WRZT>m_auth=>m_preview=>m_cookies_win=x
142.250.74.40200 OK 0 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5C9WRZT>m_auth=>m_preview=>m_cookies_win=x
IP 142.250.74.40:0
GET /gtm.js?id=GTM-5C9WRZT>m_auth=>m_preview=>m_cookies_win=x HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 06 Feb 2023 09:12:04 GMT
expires: Mon, 06 Feb 2023 09:12:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/3799.js
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/3799.js
IP 54.230.111.39:0
GET /static/assets/3799.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 11:25:06 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:08:11 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"8180076189d919f05b9c73b7c659821f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zJwwKfgS_0L0oESdEX_ZAw8N_1V95L9CrRM_-XH7gLnUUS2OGsDbNg==
age: 236
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.6e0ac8304b76d95ffd34.css
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.6e0ac8304b76d95ffd34.css
IP 54.230.111.39:0
GET /static/assets/chunk.6e0ac8304b76d95ffd34.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 30 Jan 2023 08:22:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:09:22 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"708ec0bb5cd0b617b871a1180f2a5f31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ytioHRbKjjY-uoVggte0suWBC41aPUu9HOOgiPabCZw4pfAzTsQyzA==
age: 164
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/fd-messaging.8b449bba6a7c6c411f87.css
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/fd-messaging.8b449bba6a7c6c411f87.css
IP 54.230.111.39:0
GET /static/fd-messaging.8b449bba6a7c6c411f87.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Mon, 30 Jan 2023 08:22:20 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:07:25 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"708ec0bb5cd0b617b871a1180f2a5f31"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tD1tNhsNSLjRYKi6U7VH9qnShfJZCNuVXOaUZvR24_cjazU-OxeJCw==
age: 281
X-Firefox-Spdy: h2
rts-static-prod.freshworksapi.com/us/rts-min.js
54.230.111.75200 OK 0 B URL HTTP/2 rts-static-prod.freshworksapi.com/us/rts-min.js
IP 54.230.111.75:0
GET /us/rts-min.js HTTP/1.1
Host: rts-static-prod.freshworksapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 17 Nov 2022 06:29:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: BHs75.bKXbPkSsEMomQcy9Qw2gVgmqdU
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 09:12:05 GMT
cache-control: no-cache
etag: W/"c4bb02a4c6be31fc499881d3abbbc6be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NglI3vpVvKVsKR-yvKsuBfP4xtAh9f61WLbs64NhJObKemHjrzLe3A==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Barlow:300,400,500,600,700,800,900&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Barlow:300,400,500,600,700,800,900&display=swap
IP 142.250.74.106:0
GET /css?family=Barlow:300,400,500,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 09:12:01 GMT
date: Mon, 06 Feb 2023 09:12:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.firstpromoter.com/fprom.js
143.204.55.13200 OK 0 B URL HTTP/2 cdn.firstpromoter.com/fprom.js
IP 143.204.55.13:0
GET /fprom.js HTTP/1.1
Host: cdn.firstpromoter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.99.148.203/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sun, 16 May 2021 12:18:56 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 08:30:09 GMT
cache-control: public, max-age=7200
etag: W/"4050b7f2106d3693d62497155108e557"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TrLR88EA-VKDIVj159nhkI5aCshZyEESdoozXp05t8z5BETLI7oGrg==
age: 2516
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
IP 54.230.111.39:0
GET /static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 31 Jan 2023 11:25:10 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:08:09 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rMmKDHH7PVeI9M7jkbSDFMdlXjyV89OdhRMOyKwE4MQX97qmaRUGaQ==
age: 237
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/fd-messaging.bf12cdc8ff2e414711f1.js
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/fd-messaging.bf12cdc8ff2e414711f1.js
IP 54.230.111.39:0
GET /static/assets/fd-messaging.bf12cdc8ff2e414711f1.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 08:22:19 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:07:55 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"d9c24b938de9543b4c7ac6c4c6b33eaa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: upj2ugKiCPtUoSUbl2rgx9wZYTmwoKq6mGbhsW0RjtgcF-r9z5XwFQ==
age: 251
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
IP 54.230.111.39:0
GET /static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 11:25:10 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 06 Feb 2023 09:08:09 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uVgpaeycejO-ULxz3zdJ66NRuWg5ZUYqr6f5RboZscXKUQN_rtBiuw==
age: 237
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.9938837881ee5355d084.js
IP 54.230.111.39:0
GET /static/assets/chunk.9938837881ee5355d084.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 11:25:07 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:08:17 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"daac960ffa002e906acd414b6f246293"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6r0JAtVZYKuIQnRLUataCCVmTbl_eJD9SEjzvQJjhdcVdYEXOMJmdQ==
age: 230
X-Firefox-Spdy: h2
assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
54.230.111.39200 OK 0 B URL HTTP/2 assetscdn-wchat.freshchat.com/static/assets/chunk.f0e50d864072128887fc.js
IP 54.230.111.39:0
GET /static/assets/chunk.f0e50d864072128887fc.js HTTP/1.1
Host: assetscdn-wchat.freshchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wchat.freshchat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Jan 2023 11:25:08 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Mon, 06 Feb 2023 09:09:35 GMT
cache-control: max-age=31536000, no-transform, public
expires: Sat, 03 Feb 2024 10:43:55 GMT
etag: W/"1ae4407b7afcc2dc550f4d597659d448"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RpDaPzEVjw4fYxWN8r4j5iUJV6wWJnf3iOE-Y-CRZz3wicyvo8kFew==
age: 154
X-Firefox-Spdy: h2