detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 28 Mar 2023 03:13:09 GMT
Age: 82325
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8342
Expires: Wed, 29 Mar 2023 04:24:17 GMT
Date: Wed, 29 Mar 2023 02:05:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4563
Expires: Wed, 29 Mar 2023 03:21:18 GMT
Date: Wed, 29 Mar 2023 02:05:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RSh6eumKr4DEOkNWAraKYXFOT7dv0gzU3i+I7Q2HlZ344pOWrzUiFHR96oJSRSG6LJHb5v1sdI0=
x-amz-request-id: N24EGRZHW8HQ2806
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 01:05:01 GMT
age: 3614
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 710a535aaa1450fafb8bdd6b36beb8b6
b8e939b2be6c874de3930bf80bfe9dc2dbb58c59
1f56eee1c433abbe6b5a60dc91cbf0340a2e5ef13c59352683df3e828919d8ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F56EEE1C433ABBE6B5A60DC91CBF0340A2E5EF13C59352683DF3E828919D8CE"
Last-Modified: Tue, 28 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11282
Expires: Wed, 29 Mar 2023 05:13:17 GMT
Date: Wed, 29 Mar 2023 02:05:15 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
200 OK 39 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 756fd950dd3969402fd6617b450e712d
2394628431169a8e1dc7190ea21f22327b698e17
c6bf78c566abd577a04c07f615ab0b1c119c9163eb083860a6aa5dc47b0a71be
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Oxd058v-NwwF3s3lYdatChogUR1GtEw--u0Nu33EmKQEoBiQEHHv8A==
content-encoding: gzip
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 01:51:00 GMT
age: 855
content-type: application/json
vary: Accept-Encoding
content-length: 39298
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 02:05:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Wed, 29 Mar 2023 06:49:50 GMT
Date: Wed, 29 Mar 2023 02:05:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 01:28:08 GMT
content-type: application/json
age: 2227
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a3242c27d5e1454c4ed0224a21b99fde
d14f94d30b766f1e11284fb333529903e116718c
e9f38284fdd9e5d9c19f16fe29db0d58bc68bd71c35aebfbcb80580417feefae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9F38284FDD9E5D9C19F16FE29DB0D58BC68BD71C35AEBFBCB80580417FEEFAE"
Last-Modified: Sun, 26 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9731
Expires: Wed, 29 Mar 2023 04:47:26 GMT
Date: Wed, 29 Mar 2023 02:05:15 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Pragma, Last-Modified, Retry-After, Expires, Cache-Control, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 01:17:26 GMT
age: 2869
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 62e1cfbac54e32c7335cb1b32771af73
a166212bc83c04d496d03f03f8f2e8ebb9526c5b
de90af33c79fb2e6ed05080835dad5d351816c1d21d96260c7f7998fe2ec66fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5711
Cache-Control: max-age=141907
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:15 GMT
Etag: "64230ddf-1d7"
Expires: Thu, 30 Mar 2023 17:30:22 GMT
Last-Modified: Tue, 28 Mar 2023 15:55:11 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jssV7zzJNIXL/fWU977ZBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Hvw76UOLq/xkxlfP2ikDlZP9m8M=
Date: Wed, 29 Mar 2023 02:05:15 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 28 Mar 2023 03:13:09 GMT
Age: 82327
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680048079765%22
200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221680048079765%22
IP
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash 27dc9fb04a49e79392b7455f58a4b0ac
55a0eab0a375a788d10860095f30b46d3e1e488f
5f3e199f3543f3f8ad72394d66d3127f9e2c88e086fbffff7ae50dd33fa5a34d
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221680048079765%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Wed, 29 Mar 2023 02:02:00 GMT
age: 196
last-modified: Wed, 29 Mar 2023 00:01:19 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22
200 OK 40 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22
IP
File type JSON data\012- , ASCII text, with very long lines (40281), with no line terminators
Hash d44792ae3ff2bee72cd88837b1d30d00
3e599758152abb07c785cb964fc0baee4fb4f446
1b9e59d165a60f7406de62e0817f0d4994a9f64ac7c4f0582ff43016fc05b229
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1680028648110&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 40281
via: 1.1 google
date: Wed, 29 Mar 2023 01:13:58 GMT
age: 3078
last-modified: Tue, 28 Mar 2023 18:37:28 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Wed, 29 Mar 2023 02:05:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: UPwE/lEgpL33Q5lkSXWTYeJc3kTGvwZtG5uTQ0+FJ0oFDzKsjKdiFB1RBbJcBnoCZ3IRxDTMtww=
x-amz-request-id: C9FDSPDVS3J8PPF5
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 02:02:17 GMT
age: 179
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 01:28:08 GMT
content-type: application/json
age: 2228
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8583a49876a2b3acf1d10916cf47afb8
793d88d20831ad1026d2b96f3ffbd6a3489e48f4
17260b4be0df572947ec12f84539eb870cfdac88fcfeb1a4f3cb766f4e4af2a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17260B4BE0DF572947EC12F84539EB870CFDAC88FCFEB1A4F3CB766F4E4AF2A7"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16432
Expires: Wed, 29 Mar 2023 06:39:08 GMT
Date: Wed, 29 Mar 2023 02:05:16 GMT
Connection: keep-alive
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 59G7qTJQiLuRHxxSkAS7i5JoVkPmSxvoUFSiSuMU5NDxXetcSPNyHZPUwj7u+afDVOleH+O6SLE=
x-amz-request-id: RWFC6R5QJM79BGGV
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 23 Mar 2023 11:49:19 GMT
age: 483357
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
200 OK 10 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22
IP
File type JSON data\012- , ASCII text, with very long lines (10096), with no line terminators
Hash ceb5afa740b44e3ce7f4227d4b439113
c61643d28463d062f8ffee3b8ea1cd89cb7b5a6c
0a2f9b659d2e0c816d958925eba9ce4e1387ef3571542036b5c9641f0f364c26
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1680018554787&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 10096
via: 1.1 google
date: Wed, 29 Mar 2023 01:53:48 GMT
age: 688
last-modified: Tue, 28 Mar 2023 15:49:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22
200 OK 94 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f4572adefd3ecea7598420c956ee846a
730c7e0818c2be35cceaf3ec67ddd2556678510d
fbefcc3fc55ca43a43fca916443ddab8c96f406c3ea1a79dd862f3d71dadb4ec
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1680048066000&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 94145
via: 1.1 google
date: Wed, 29 Mar 2023 01:37:02 GMT
age: 1694
last-modified: Wed, 29 Mar 2023 00:01:06 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7
302 Object moved 74 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7
IP
ASN #9498 BHARTI Airtel Ltd.
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d8f3cac4ba5181c905b7e407ed2a6287
6b36dab0c36dcdc83c358a10a21df04a9dff83e4
00d9e7efee0bf52a7c90c51696fe60aad8f1c7d8fdb4da66b5a061d885b21220
GET /assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7 HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Object moved
Location: https://www.spectrumpharmatech.com:443/assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7
Content-Length: 74
Content-Type: text/html
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 43e4ae012aa36f9b6a3297174b84121b
114a70a8f2dbe4fa305435ffd386d0bf93009b2e
414f92b77ac1003e257269744bc94665e94eb8932460df4d6b0b80ba8a9ddce1
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Wed, 29 Mar 2023 02:02:38 GMT
age: 158
last-modified: Tue, 28 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP
File type JSON data\012- , ASCII text, with very long lines (1646), with no line terminators
Hash 0530a1e9082b795cd4fd4c2b8bd25d70
3f0229439b1d96f80fcb6ab6b77a25feaa8775e9
84fac3b241036cfdcf0f5ded9e9a46d2b49eba4344b3db83755f7268ee21f553
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1646
via: 1.1 google
date: Wed, 29 Mar 2023 02:01:48 GMT
age: 208
last-modified: Tue, 28 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22
200 OK 71 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2adf233b581f2d7d3054238110e9c192
7205a1337a2e2fef30da495d33d812c4df8399c2
e2afe8cc7154cee09c4491f629f7f06cc85017664c578ef87e57a895da2eade4
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679956624429&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 71024
via: 1.1 google
date: Wed, 29 Mar 2023 01:37:03 GMT
age: 1693
last-modified: Mon, 27 Mar 2023 22:37:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 1e047b83920b53efa84372fbf1a81bee
e2404b9c4d03d1c58e71884919a54c2f9a3dedfd
7e9d0acd7bc581de92f53a81423bd582b348c3c871a02cd7b26229313d5e6013
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, ETag, Alert, Last-Modified, Retry-After, Content-Length, Pragma, Backoff, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Wed, 29 Mar 2023 01:15:58 GMT
age: 2958
last-modified: Sat, 25 Mar 2023 16:36:56 GMT
etag: "1679762216708"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash 544e218878f656b4373563a094716a70
ae8f7f0929f1f4cf0b28eb0a2b5943e148ca61a9
532f508ccf0e693debde8f684a0fd170c3296dfad6f1bb27c672c37af6c3e7a7
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Wed, 29 Mar 2023 01:46:12 GMT
age: 1144
last-modified: Sat, 25 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash c6ffeaa329fe3d4b15ca88fc8d960a12
f3f1fbe76d66e7d72122d56efa5d47a660c758b3
0f4df13e808c9a2caa24aa9c2419b0b14f9a79514f32bedf2addb947dd285608
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Wed, 29 Mar 2023 01:46:42 GMT
age: 1115
last-modified: Sat, 25 Mar 2023 16:36:45 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 62afb1fa88807347754e21d4e6f7d11b
e6795456579a63cfeee589d0a552466b243e1e43
6ca826b391bbb2432b8516fa7208c329ea04a5ba96bbdf198bcaecef5a413d0a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:16 GMT
Etag: "64200149-1d7"
Server: ECAcc (amb/6AA6)
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 377da5cb5955db6a3bbed6eaf61e789a
64f5e967b2d903ad2934ab11a8c567dbf282b025
60fe6df1f2d1e2e1727f1b8d44c1102f86558928b4df9cd7a92569d04f8724cf
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Wed, 29 Mar 2023 01:11:01 GMT
age: 3256
last-modified: Fri, 24 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
200 OK 772 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22
IP
File type JSON data\012- , ASCII text, with very long lines (772), with no line terminators
Hash 1150fc438e642be5635e3234834367d9
a421eab9d39f0fefd6a1f2ecda9fc11ceddb646c
2b980c60a311dafdf93d9983c4ed8ac7dea9f7ff61329ffb1e1a24d0909f3d15
GET /v1/buckets/main/collections/password-rules/changeset?_expected=1679600032742&_since=%221659924409785%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 772
via: 1.1 google
date: Wed, 29 Mar 2023 01:36:43 GMT
age: 1714
last-modified: Thu, 23 Mar 2023 19:33:52 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 318c328ba16a767b6d94b0cbfc1a8b4d
40dfca34d6034f7bdeb27801f3b485e001699c38
6293349b31e326d2e8e4001e780554226b24584f981cc1325d70e48fbfa69ed0
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Wed, 29 Mar 2023 01:11:02 GMT
age: 3255
last-modified: Thu, 23 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
200 OK 935 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
File type JSON data\012- , ASCII text, with very long lines (935), with no line terminators
Hash 9122f99473d982e0cf08d156d80fa431
0c58a6dc78b365762e6cce14075639d4b5e12b15
5a12e97c12a31b264b4ff70f17bf92ed19aff7cd04029d71d913a37593e3d600
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 935
via: 1.1 google
date: Wed, 29 Mar 2023 02:02:38 GMT
age: 159
last-modified: Thu, 23 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 92ef0b8c859dbf1a8eb36743ed5d280a
a1524882fcfc9db519841b42276d34e9f6f7dfb1
915ba6d82d28de9d983a184d875d1ba56955dbefb1bbde72e867b334634e56be
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Wed, 29 Mar 2023 01:54:02 GMT
age: 675
last-modified: Thu, 23 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7e2d8156baac12231cc9cbfdefedacf1
62384d8842fb5b560ac39636bb519953e22dc664
ee4dbd79fc1569ab6ae0ea7b90b4b7d8dbb846296cf7fc68b24be78b7b95993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-WJRFVMC
200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-WJRFVMC
IP
File type ASCII text, with very long lines (2379)
Hash 905a710ca03642e6a8d2fe3160069cb7
d449976a8b12326cccd6d903c384ed8aed714913
2ece099eb16d1b5c450db512d4c3f78d68470c645494c77e57d2362c6ddd9195
GET /gtm.js?id=GTM-WJRFVMC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 02:05:17 GMT
expires: Wed, 29 Mar 2023 02:05:17 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Mar 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e10c0c62a68346a599a245ad2d85fbbe
a79383efdb28292b6e2112da2344915a97eb7888
b239a83a0672895d5960617bba31f4404a4c103eec12d4e975aaf51204e1f953
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8504
Expires: Wed, 29 Mar 2023 04:27:01 GMT
Date: Wed, 29 Mar 2023 02:05:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8504
Expires: Wed, 29 Mar 2023 04:27:01 GMT
Date: Wed, 29 Mar 2023 02:05:17 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8504
Expires: Wed, 29 Mar 2023 04:27:01 GMT
Date: Wed, 29 Mar 2023 02:05:17 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32e391ba-5f96-413b-afda-e6ea52953668.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32e391ba-5f96-413b-afda-e6ea52953668.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11a3ec10ceec6a8147a4c173b4b420d7
9fe904e5f3062677c6290b821c89a7e3aaee0371
ce934631eda7670329b9bc46a14eff0dd9839bdc838ad90d401600bee70c4f4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32e391ba-5f96-413b-afda-e6ea52953668.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11027
x-amzn-requestid: 48f65bca-a792-4f2c-8eb4-d05c6dc2c2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CXODXE7eoAMFl3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f907b-6a5a7a890aa383fc4e0eb983;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 00:23:23 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qeit17u4hnY6-u4djG8q98cqMH0bj5wwWQxczrjTN02iB3tQ8nq5MQ==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 19:20:30 GMT
age: 24287
etag: "9fe904e5f3062677c6290b821c89a7e3aaee0371"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c59a4159472f366958e67dc928b2a749
0c483adeebf10605e954c55e94c3f43bf1dace30
8fe24cee6c4ee94547e8721448fbdcbd0ab6a38de924d62e00ee6310a1cdfe4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e8842db-211d-4276-b788-ef1e9cb5f3f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7053
x-amzn-requestid: 2fc4b1ec-6550-4e18-8374-4f174b081f40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguaOHC-IAMFUYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dda-1e21707f0ceb33ff63afb449;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:26 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: KyFR5-RwbZBpuDGeCmHDv3mNngDb1jiKDAYnQDzSDiNIK1Tgb_8fvg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:17:11 GMT
etag: "0c483adeebf10605e954c55e94c3f43bf1dace30"
content-type: image/jpeg
age: 13686
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefde0954-487c-4823-9114-65bb559deff5.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefde0954-487c-4823-9114-65bb559deff5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d84646702004ad2c911a68dfac90d6f1
445039f25191cf86c79423ffa04e2bffa7f2085e
632d6d1600d08a15e72dd12324ffa5792e948db9694dc2fa826f3c76be651931
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefde0954-487c-4823-9114-65bb559deff5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6760
x-amzn-requestid: 592000fe-a490-4139-8eb4-877935019797
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguKFFgOoAMF5Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d73-6f980246043a8f746441b0d5;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:43 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TumC2WcIbdifBNgIvJ1PZ31IO9uz14ix2ZoHxnmFbpGzNZlBZDundQ==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:28 GMT
age: 15649
etag: "445039f25191cf86c79423ffa04e2bffa7f2085e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 15642
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg
200 OK 2.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef31e77467cccbf20aa2656ff50a0cbe
f50b09779ce9b340ae3347e93ec2df33f7f8c73f
5c50ae61f57724446c927c12c4dbd9d5527ec9db8f33e5d521211e4b1f366c38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b49e5d7-941e-4eaa-8953-0ce30631f5ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2423
x-amzn-requestid: 8cf5179c-e011-405e-aa08-7b94b1cf81c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguI9HYHIAMFtVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d6c-765e143b6730877b647f6de4;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:36 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: mMW3O50g-ueBhNFHn7HV21vJ-kCbEVe46RCbIsb0nPsCfSFwUP9rPQ==
via: 1.1 17d76c2aee343249585a570f2d36d2ee.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:36:54 GMT
age: 16103
etag: "f50b09779ce9b340ae3347e93ec2df33f7f8c73f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: lZBspmi0Dku2a7jY39WyiBC3wu5F4eAvbTwHF6_8pgHfw21XSW_NbA==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:58 GMT
age: 15679
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
detectportal.firefox.com/success.txt?ipv4
200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 28 Mar 2023 03:13:09 GMT
Age: 82328
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
www.youtube.com/embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay=
200 OK 81 kB URL HTTP/2 www.youtube.com/embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash 1452bb4cdd9efd95bb7b4928846afc48
8dc3430dd3343969a88f71f1f5e1abbcbcdce24b
64a92051b6905b8dc3857f505adf1f81dd9fb179f3f07e961b434a51603989a9
GET /embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay= HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Mar 2023 02:05:17 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=xRO1vRflFSk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=2O5hzCqJFOg; Domain=.youtube.com; Expires=Mon, 25-Sep-2023 02:05:17 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+998; expires=Fri, 28-Mar-2025 02:05:17 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js
200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/ace4d669/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (679)
Size 110 kB (110254 bytes)
Hash 8fddc97d131bf74e054fe861dd45b637
3f7d1c5e6d69c89847cfce5bee89fce548e86290
16f04e220c0e897266f178aa92486e6b3d53e6b76bcd11f820d71b564340f702
GET /s/player/ace4d669/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110254
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 16:01:15 GMT
expires: Thu, 21 Mar 2024 16:01:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 554642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js
200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js
IP
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/ace4d669/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 16:55:40 GMT
expires: Tue, 26 Mar 2024 16:55:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 119377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/ace4d669/player_ias.vflset/en_US/base.js
200 OK 626 kB URL HTTP/2 www.youtube.com/s/player/ace4d669/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (555)
Size 626 kB (625756 bytes)
Hash b184139ce34469a5ec45b250b44646d6
de45e59516e6170cd38f4e3b386f30e7ebdc14ef
ac738b8f617b74220e663f7a6d4715b00ed3fc49ce181c790ddc56a128896622
GET /s/player/ace4d669/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/rJe9jYewqaA?rel=0&modestbranding=1&autohide=1&mute=1&showinfo=0&controls=0&autoplay=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 625756
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 17:33:09 GMT
expires: Wed, 27 Mar 2024 17:33:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 22 Mar 2023 00:22:24 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 30728
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash eb2978f78249fa2030ff84708ab627b5
0003a93bc57234fba10c90bd0bd80c00d5a90884
b76d3066ba863b1aaf4f5f4fced0a48768bc34de818dc3494e89c045f41f5acf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spectrumpharmatech.com/assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7
200 OK 194 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7
IP
ASN #9498 BHARTI Airtel Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (3626), with CRLF, LF line terminators
Size 194 kB (194386 bytes)
Hash b8a7a12d87be1254c45d9244a50ed769
ead213f961b1c8d17835b23db2aed15ee1ad8aa4
0e40e2f5868956f512c5245a2ebaf075f5570666c1e4b60a30518337a8b60898
GET /assets/dhl/home.php?ip=51.195.199.93&countryCode&OS=Windows+7 HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; path=/; secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB;Path=/;Secure;HttpOnly;SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194386
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
File type ASCII text, with very long lines (32180)
Hash b1e4b2a99336201b37fb8cea5d57abb9
d57980f0d0eaaf57ec33ddc9ed027274cfa86027
c805bfd991983f57b5b7878b998f7529e9b7e2df4bc2d39ba493934e23ba3f8a
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 25502306
expires: Mon, 18 Mar 2024 02:05:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7zscfx0wOvxGcWzJwyY9PdbsOI3IbcHHp562mhsrkpYfAxBR%2BdUMi%2BxBHRfCfSTJeSwhdx99D5M9cHWTh15PTzrVnrgB48VI5JSbnKlo12K7cNm7PlMUcnGEGp9iJvWit2IVKMb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7af48c0c9cf80b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 27 Mar 2023 14:02:57 GMT
expires: Tue, 26 Mar 2024 14:02:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 129741
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
vjs.zencdn.net/5.4.6/video.js
200 OK 148 kB URL HTTP/2 vjs.zencdn.net/5.4.6/video.js
IP
File type ASCII text, with very long lines (912)
Size 148 kB (147834 bytes)
Hash a4da7d895ec25be65f0a764fa4a3ae07
511f49df690a24bc666872b7d14c63db4f3d36d4
52722202f71e1e6f26cc8b19d3044a5be41119a23cc808e329c392f55b59e082
GET /5.4.6/video.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 08 Jan 2016 00:33:38 GMT
etag: "68f55dbb5cb73a0271352342aab82a8d"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Wed, 29 Mar 2023 02:05:18 GMT
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 147834
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/font/flaticon.css
200 OK 7.9 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/font/flaticon.css
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 52075dd40be96aa98ddcde7356418da1
886dee7975d94ebb56fd55d1fd71fb221c9da205
cafe1759b8163f98311ff79a3c73d01495e6905a260dec831ce798bf3639ca11
GET /assets/dhl/font/flaticon.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194320
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7927fa1bac0e5bcc27ed32b6b5107bd3
68da43f59df9c524940efc35f40e3599b9a1995b
f48f276b9dee3b509dd0554b8e660039fe61020bd793cbf9a0381d3e5f76ae59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/jarallax@1.12.8/dist/jarallax-video.min.js
200 OK 21 kB URL HTTP/2 unpkg.com/jarallax@1.12.8/dist/jarallax-video.min.js
IP
File type ASCII text, with very long lines (17617)
Hash a9a2c5d676a796b67ffb5a7fd32574c0
d082433de12357edc54eff476c958eb61aac7bca
85fc40586c8343985171c45cf2191244656828aaf5a1700393f9b80306eccf53
GET /jarallax@1.12.8/dist/jarallax-video.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"45a0-MScWLTHc4y3Eqm4ZUoy7jRvn2Vo"
via: 1.1 fly.io
fly-request-id: 01FJEZC29QEV3Z95KE31FWQJTK
cf-cache-status: HIT
age: 13779152
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7af48c0d5d2bb4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 401914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/jarallax@1/dist/jarallax.min.js
302 Found 530 B URL HTTP/2 unpkg.com/jarallax@1/dist/jarallax.min.js
IP
Hash aa09ede37fed33a2b2f529d2647e7350
9c6fb0ebe3ac664ae46772f4e92012a6e833957c
3b97eee4acf3af8483265299ca74c39a44b03df4b3802f9e58468a51b019e252
GET /jarallax@1/dist/jarallax.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /jarallax@1.12.8/dist/jarallax.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GWNHSB3REGHW4ZKBMD2KC8KT-ams
cf-cache-status: HIT
age: 6
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7af48c0cfd07b4f1-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a5d7c873dc1b13b23c1e3e39fa266b65
9a88a6fc168e9e0c162ab9308e15c9e578ebbb07
5b0e3389347f42930bd4fc639814bf3f69d1d82dccaffc9ee909edf269258ae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
200 OK 8.0 kB URL HTTP/2 netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (27605)
Hash 01c6dbe1f3959b9ce7ead9a7dba07e39
ce44dee86677ae03ccc1818d3bff54c26db4d75c
4aea35e655bae0a6c0a6be22515cc4a7dbe1381a95a1645db413d742d2ee1d89
GET /bootstrap/3.0.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 601, 617
last-modified: Mon, 25 Jan 2021 22:03:55 GMT
cdn-cachedat: 2021-08-04 14:02:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: bf6d2d387b6946e55fe126554259bc5e
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15676637
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af48c0cbdcab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/jarallax@1/dist/jarallax-video.min.js
302 Found 94 B URL HTTP/2 unpkg.com/jarallax@1/dist/jarallax-video.min.js
IP
Hash 83526b1aaf035933f0076abea9101196
6f51b5a5f0c6736bf9850cec39a0582c0adda98e
15bbc24ccf48d35390515f009a449196d1c723ffd784d0cf6f0fb0040985588f
GET /jarallax@1/dist/jarallax-video.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /jarallax@1.12.8/dist/jarallax-video.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GWNHSH1KHX5C7T40G08ZK2TP-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7af48c0cfd04b4f1-OSL
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
200 OK 8.8 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (31650)
Hash e230dd97d2936a730794e14e7169651d
ba81d7314b0bcc16cedefbc5435098c821a3dac9
a826bfe2d85cd40fb3405564c81913f11ae8c265a350b3771e2d73bec48221d6
GET /bootstrap/3.2.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 718, 718
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
cdn-cachedat: 2021-04-23 06:51:03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a364cd7ac9f65a4eeda0270e8afd4d8b
cdn-cache: HIT
cf-cache-status: HIT
age: 28165698
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af48c0cba990b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a5d7c873dc1b13b23c1e3e39fa266b65
9a88a6fc168e9e0c162ab9308e15c9e578ebbb07
5b0e3389347f42930bd4fc639814bf3f69d1d82dccaffc9ee909edf269258ae1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
unpkg.com/jarallax@1.12.8/dist/jarallax.min.js
200 OK 5.7 kB URL HTTP/2 unpkg.com/jarallax@1.12.8/dist/jarallax.min.js
IP
File type ASCII text, with very long lines (14589)
Hash b3b7d7703e37d7e0fc1fe59e7693136a
c54f305a0e55d7e00c5edb84a6e3402c0d993099
e34228556018a00aaba43c152e8cac29e3f985cd7ff7f19d46a1ca3c417a182f
GET /jarallax@1.12.8/dist/jarallax.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:18 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"39c0-1qcdyZZrmnQuAy/Ut1uLsrZVpwc"
via: 1.1 fly.io
fly-request-id: 01GM9C8WZ7B1P9YZ9QQF95NB5Q-fra
cf-cache-status: HIT
age: 8998376
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7af48c0d2d15b4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/assets/css/custome.css
200 OK 16 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/css/custome.css
IP
ASN #9498 BHARTI Airtel Ltd.
Hash bb9da77f1996e381c23d878c0658e31a
a0ed217c01ff800aad2b54ae7be8afa2b72873ab
fd5a0cec236fa4c2cae903e304cb4fae8662b783ae0474f1fd7fee6b4d239439
GET /assets/dhl/assets/css/custome.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194329
www.spectrumpharmatech.com/assets/dhl/assets/css/responsive.css
200 OK 7.5 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/css/responsive.css
IP
ASN #9498 BHARTI Airtel Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2206)
Hash 7f575bf16d890b893d6cb4591cc00204
d4389c11303c398e175f39e215c99980a8c33a5d
b4bb5568e918dc98534c29d1c9145c5a95983fca0a1bcb23f917782d84fd2e67
GET /assets/dhl/assets/css/responsive.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194336
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5863debab64249d024553ffef52e4241
8b56a9c7eba9a82bc88f9045333c899122768222
301379961b59c1c4aede3364b0a8431936b8df2b8c903e867c110f8c4e2f8984
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 29 Mar 2023 02:05:20 GMT
server: ESF
cache-control: private
content-length: 31180
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba50d379b2776214995c207b42c083a4
0f1b48c6d01ace326c49acf5bcac222f772e9f6a
6692886530b311f94ac3855df31c774feed6d5135dad4ac24921b6030fcbb8d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/vfL9pRLeM2I8igeDEoZ-6BrdQvIN_PEUsYwY2am7_pk.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/vfL9pRLeM2I8igeDEoZ-6BrdQvIN_PEUsYwY2am7_pk.js
IP
File type ASCII text, with very long lines (36332)
Hash cd29bf7b28c6b469cad7a00de4f03d7d
ef2a6c612bba820e59447e344ed823cfa199d534
9c8a7a3abb40e232ea3bbed04b3753beff2c30dab3e6e00bbada79ab8e788652
GET /js/th/vfL9pRLeM2I8igeDEoZ-6BrdQvIN_PEUsYwY2am7_pk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:07:07 GMT
expires: Wed, 27 Mar 2024 10:07:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 09:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 57493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 308da5a83900563f5517b9b55ba28aec
d160bf2874ab3e07999daa5b8bec9dece9f446cf
57009a7873383a920a9e8b9fe2e7e82539cc3171e89534b4817240ea0f13b0b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spectrumpharmatech.com/assets/dhl/assets/vendor/waypoints/jquery.waypoints.min.js
200 OK 7.9 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/waypoints/jquery.waypoints.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 53abf77b833bfcc38af5833a4a60bb2d
c0301f081469c686d89c4a8423199fc26bb6884f
21ed0ab3b85110b564078041b99539f46850fcb6763ede1b543a5864e5a382bb
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/waypoints/jquery.waypoints.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194379
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 29 Mar 2023 02:05:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 308da5a83900563f5517b9b55ba28aec
d160bf2874ab3e07999daa5b8bec9dece9f446cf
57009a7873383a920a9e8b9fe2e7e82539cc3171e89534b4817240ea0f13b0b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 02:05:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spectrumpharmatech.com/assets/dhl/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
200 OK 7.6 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 58b547114fee3b1dff973bf85386ae27
68d139b51909542cfc31c7c5774165ec19c16b32
12d97a29bffd3f8bc429edc7fad164e9c78b2569711f6e4771fe592d42e73133
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194387
www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery/jquery.min.js
200 OK 10 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery/jquery.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 765f4eeb423fa6b1419c186796c99ecb
673ecc72c474caeee79eba8761244cbe3ced7ed1
1d6655e255be4743fe9850df327ca1cacad6c89ba4cad0e8c905f4a5dce8de3f
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/jquery/jquery.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194354
i.ytimg.com/vi/rJe9jYewqaA/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGBwgZShGMA8=&rs=AOn4CLBvUSuCCVFAzXCh-Qj5BA3LlZWWXw
200 OK 471 B URL HTTP/2 i.ytimg.com/vi/rJe9jYewqaA/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGBwgZShGMA8=&rs=AOn4CLBvUSuCCVFAzXCh-Qj5BA3LlZWWXw
IP
Hash f2cba2fa22dcbbc8a8f80e45eab01cb5
6c65f10e5a28c003273bad327a8411336b893dac
907b1ee3ad02582721f09a20fa09244c1ebe29c2a05853e6a9055e4218c35c93
GET /vi/rJe9jYewqaA/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGBwgZShGMA8=&rs=AOn4CLBvUSuCCVFAzXCh-Qj5BA3LlZWWXw HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 87190
date: Wed, 29 Mar 2023 02:05:20 GMT
expires: Wed, 29 Mar 2023 04:05:20 GMT
cache-control: public, max-age=7200
etag: "1661341508"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/assets/vendor/isotope-layout/isotope.pkgd.min.js
200 OK 7.5 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/isotope-layout/isotope.pkgd.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 86d31d7af19676621780479fa587b32b
8c26851867186add55b7498cb883dbd71df293fe
d3b4210e3ff92396bda09ae5ed75489ca2bcecaef75db5aeb37a263365b217ee
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/isotope-layout/isotope.pkgd.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194382
www.spectrumpharmatech.com/assets/dhl/assets/js/homenav.js
200 OK 7.5 kB URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/js/homenav.js
IP
ASN #9498 BHARTI Airtel Ltd.
Hash 86d31d7af19676621780479fa587b32b
8c26851867186add55b7498cb883dbd71df293fe
d3b4210e3ff92396bda09ae5ed75489ca2bcecaef75db5aeb37a263365b217ee
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/js/homenav.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194326
www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194381
www.spectrumpharmatech.com/assets/dhl/assets/css/homepagenav.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/css/homepagenav.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/css/homepagenav.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194338
www.spectrumpharmatech.com/assets/dhl/captcha.php?rand=428384058
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/captcha.php?rand=428384058
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/captcha.php?rand=428384058 HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194338
www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon41.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon41.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/solutions/icon41.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194353
www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon51.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon51.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/solutions/icon51.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194353
www.spectrumpharmatech.com/assets/dhl/assets/vendor/venobox/venobox.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/venobox/venobox.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/venobox/venobox.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194358
www.spectrumpharmatech.com/assets/dhl/assets/vendor/bootstrap/css/bootstrap.min.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/bootstrap/css/bootstrap.min.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194377
www.spectrumpharmatech.com/assets/dhl/assets/img/logo.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/img/logo.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/img/logo.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194325
www.spectrumpharmatech.com/assets/dhl/admin/uploads/aboutus/aboutimg.jpg
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/aboutus/aboutimg.jpg
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/aboutus/aboutimg.jpg HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194354
www.spectrumpharmatech.com/assets/dhl/assets/vendor/typed.js/typed.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/typed.js/typed.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/typed.js/typed.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194355
www.spectrumpharmatech.com/assets/dhl/assets/vendor/aos/aos.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/aos/aos.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/aos/aos.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194335
www.spectrumpharmatech.com/assets/dhl/assets/vendor/php-email-form/validate.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/php-email-form/validate.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/php-email-form/validate.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:19 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:19 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194367
www.spectrumpharmatech.com/assets/dhl/assets/js/cookie.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/js/cookie.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/js/cookie.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194324
www.spectrumpharmatech.com/assets/dhl/assets/js/plugins.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/js/plugins.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/js/plugins.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194326
www.spectrumpharmatech.com/assets/dhl/assets/vendor/php-email-form/validate.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/php-email-form/validate.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/php-email-form/validate.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194366
www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/formulation5.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/formulation5.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/solutions/formulation5.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194366
www.spectrumpharmatech.com/assets/dhl/assets/vendor/owl.carousel/assets/owl.carousel.min.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/owl.carousel/assets/owl.carousel.min.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/owl.carousel/assets/owl.carousel.min.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194395
www.spectrumpharmatech.com/assets/dhl/assets/vendor/aos/aos.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/aos/aos.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/aos/aos.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194335
www.spectrumpharmatech.com/assets/dhl/assets/css/option2.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/css/option2.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/css/option2.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194331
www.spectrumpharmatech.com/assets/dhl/assets/vendor/counterup/counterup.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/counterup/counterup.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/counterup/counterup.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194366
www.spectrumpharmatech.com/assets/dhl/assets/vendor/owl.carousel/owl.carousel.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/owl.carousel/owl.carousel.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/owl.carousel/owl.carousel.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:20 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:20 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194378
www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/apichemical5.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/apichemical5.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/solutions/apichemical5.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194366
www.spectrumpharmatech.com/assets/dhl/assets/vendor/icofont/icofont.min.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/icofont/icofont.min.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/icofont/icofont.min.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194358
fonts.googleapis.com/css?family=Questrial
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Questrial
IP
GET /css?family=Questrial HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Mar 2023 02:05:17 GMT
date: Wed, 29 Mar 2023 02:05:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/assets/vendor/boxicons/css/boxicons.min.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/boxicons/css/boxicons.min.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/boxicons/css/boxicons.min.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194373
www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/vendor/jquery.easing/jquery.easing.min.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194381
www.spectrumpharmatech.com/assets/dhl/assets/vendor/font-awesome/css/font-awesome.min.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/font-awesome/css/font-awesome.min.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194388
www.spectrumpharmatech.com/assets/dhl/assets/vendor/venobox/venobox.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/vendor/venobox/venobox.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/vendor/venobox/venobox.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:17 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:17 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194351
code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
200 OK 0 B URL HTTP/2 code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
IP
GET /ionicons/2.0.1/css/ionicons.min.css HTTP/1.1
Host: code.ionicframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 02:05:17 GMT
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Fri, 28 Oct 2022 02:55:05 GMT
access-control-allow-origin: *
etag: W/"635b4489-c854"
expires: Tue, 28 Mar 2023 00:58:54 GMT
cache-control: max-age=31536000
x-proxy-cache: MISS
x-github-request-id: 5C46:AAE0:21238BC:2246215:64223976
via: 1.1 varnish
age: 3707
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680051811.822168,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: ad355f11b2eccba29a86b30d051fc7a77cf0d4dc
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMpqoFUpkG7wTub0akbCVY%2FswUVam51lCf71MZjRqe8SnuL8mjcXXbkL4CGJVzhGaVawl8KGGZZoLC1TZ02AxzREt3Jlb%2BI2q%2FD1V0c4j9dIov0a80a0x26sMhQfYlfcb7aoFi6GKCQ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af48c08f95ab4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.spectrumpharmatech.com/assets/dhl/assets/js/jquery.js
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/js/jquery.js
IP
ASN #9498 BHARTI Airtel Ltd.
Analyzer Verdict Alert fortinet Phishing
GET /assets/dhl/assets/js/jquery.js HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB; _gcl_au=1.1.1196490378.1680055540
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194325
www.spectrumpharmatech.com/assets/dhl/assets/img/ISO-img.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/img/ISO-img.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/img/ISO-img.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:21 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:21 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194331
www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon31.png
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/admin/uploads/solutions/icon31.png
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/admin/uploads/solutions/icon31.png HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:22 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:22 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194355
www.spectrumpharmatech.com/assets/dhl/assets/css/style.css
200 OK 0 B URL HTTP/1.1 www.spectrumpharmatech.com/assets/dhl/assets/css/style.css
IP
ASN #9498 BHARTI Airtel Ltd.
GET /assets/dhl/assets/css/style.css HTTP/1.1
Host: www.spectrumpharmatech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=2670a60b7f52136b80c879a43241b004; cookiesession1=678A3E2283BDB35ED41259DBE49AC7FB
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 02:05:18 GMT
Server: XXXXXXX
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Pragma: no-cache
Expires: 0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1
Set-Cookie: spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
spectrumpharma=Active; expires=Thu, 28-Mar-2024 02:05:18 GMT; Max-Age=31536000; path=www.spectrumpharmatech.com; domain=true; Secure; HttpOnly; SameSite=Strict
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
content-length: 194326
182.66.212.220
34.160.144.191
104.17.25.14
188.114.98.234
95.101.11.115