supportcare.pro/Bin/ConnectWiseControl.Client.exe?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw+EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
302 Redirect 634 B URL HTTP/1.1 supportcare.pro/Bin/ConnectWiseControl.Client.exe?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw+EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (591)
Hash a11e24ab69ed736f0679ff96041260e2
ee7287a2bc98d5dae620c57a45ef660e8c21f2c1
5710431dc229aec891af35dab7c335d49ace8d51b6030652b8e7f2c0c8fd5014
Analyzer Verdict Alert quad9 Sinkholed
GET /Bin/ConnectWiseControl.Client.exe?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw+EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r= HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://supportcare.pro?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Server: Microsoft-IIS/10.0
Date: Fri, 16 Dec 2022 17:15:25 GMT
Content-Length: 634
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10435
Expires: Fri, 16 Dec 2022 20:09:21 GMT
Date: Fri, 16 Dec 2022 17:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9143
Expires: Fri, 16 Dec 2022 19:47:49 GMT
Date: Fri, 16 Dec 2022 17:15:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 16:34:01 GMT
content-type: application/json
age: 2485
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3408
Expires: Fri, 16 Dec 2022 18:12:14 GMT
Date: Fri, 16 Dec 2022 17:15:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rTCDpjk1XxEX93hWZzooXzn1HXXG+Qwg1uuL3ojIJLlopZ5Y8iAMl4h4NHFM2yc43bhlE+iJGvQ=
x-amz-request-id: YM6NR48WGZC6JY9E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 16:53:19 GMT
age: 1327
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 17:15:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 16:33:23 GMT
age: 2523
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
200 OK 7.0 kB URL HTTP/2 supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (524), with CRLF line terminators
Hash 7cbb25806e7c0f7eb4bb73586a849167
ea5afe9ccce11310184f4d0ff4d3fe6f500951e0
1164470e962bad355b14952aee6aab3edcb7ec2afe0e79aeb7488deaf817d91f
Analyzer Verdict Alert quad9 Sinkholed
GET /?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r= HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: private
content-length: 6969
content-type: text/html; charset=utf-8
content-encoding: gzip
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
p3p: CP="NON CUR OUR STP STA PRE"
date: Fri, 16 Dec 2022 17:15:25 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3164
Cache-Control: max-age=146650
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 17:15:26 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 09:59:36 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rch1lPSvmd1F5zGTfUrRDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XL02NU2MlHe9lAAn1dPeZ7MRzg8=
supportcare.pro/Script.ashx?__Cache=bb186781-74ad-41a9-ab3e-7a7b2069fcf4
200 OK 94 kB URL HTTP/2 supportcare.pro/Script.ashx?__Cache=bb186781-74ad-41a9-ab3e-7a7b2069fcf4
IP
File type ASCII text, with very long lines (34153), with CRLF line terminators
Hash 2aad519be7437bb8138d28af14ddc46e
4bc7aab62818d91169fafa94924fc998fc27c296
961949bea2dbf1992fe545f67c7df011aa0075eb2264f2cc63296919d784321f
Analyzer Verdict Alert quad9 Sinkholed
GET /Script.ashx?__Cache=bb186781-74ad-41a9-ab3e-7a7b2069fcf4 HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29326277
content-length: 93625
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Tue, 21 Nov 2023 03:26:43 GMT
vary: Accept-Encoding, Accept-Language, Host, X-Forwarded-Host, X-Forwarded-Port, X-Forwarded-Proto
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:25 GMT
X-Firefox-Spdy: h2
supportcare.pro/App_Themes/SolidWithBlue/Default.css?__Cache=b8cad6ca-be3b-43b7-93f8-0df328ce75d1
200 OK 107 kB URL HTTP/2 supportcare.pro/App_Themes/SolidWithBlue/Default.css?__Cache=b8cad6ca-be3b-43b7-93f8-0df328ce75d1
IP
File type ASCII text, with very long lines (27376), with CRLF line terminators
Size 107 kB (106707 bytes)
Hash 157ea6aa41c79756b38a1beb7b6d67ab
2cbfcc14ce7ebe926d91ab52ff26029312cd580b
5f14a1ad6dc7e59478f78999915ab8b853b0b2e170042bec3814ec4bac547e6a
Analyzer Verdict Alert quad9 Sinkholed
GET /App_Themes/SolidWithBlue/Default.css?__Cache=b8cad6ca-be3b-43b7-93f8-0df328ce75d1 HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29252564
content-length: 106707
content-type: text/css; charset=utf-8
content-encoding: gzip
expires: Mon, 20 Nov 2023 06:58:11 GMT
vary: Accept-Encoding
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:25 GMT
X-Firefox-Spdy: h2
supportcare.pro/Images/Extras.svg
200 OK 322 B URL HTTP/2 supportcare.pro/Images/Extras.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (322), with no line terminators
Hash 813c72f0a4741978669871e3800d5279
ae5e036f992577f8afca3d99a352f44a217c2c2a
8fce4aad3b04f9b76a08bad9b2459e355bbf16a470486d689fa801b9a30e3061
Analyzer Verdict Alert quad9 Sinkholed
GET /Images/Extras.svg HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 322
content-type: image/svg+xml
expires: Sat, 17 Dec 2022 07:04:10 GMT
last-modified: Thu, 10 Mar 2022 23:28:04 GMT
accept-ranges: bytes
etag: "1D834D67D769A00"
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:27 GMT
X-Firefox-Spdy: h2
supportcare.pro/Images/WaffleIcon.svg
200 OK 821 B URL HTTP/2 supportcare.pro/Images/WaffleIcon.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (821), with no line terminators
Hash 2599340bf60ee89b13e6b91beefe1199
4e0babcd7fdcabc1759ed0f130e06972340c5127
5bf4f707f250958980d313203989f1fca55b9446f34d667e7256f853d52e494d
Analyzer Verdict Alert quad9 Sinkholed
GET /Images/WaffleIcon.svg HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 821
content-type: image/svg+xml
expires: Sat, 17 Dec 2022 07:04:10 GMT
last-modified: Thu, 10 Mar 2022 23:28:04 GMT
accept-ranges: bytes
etag: "1D834D67D769A00"
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:27 GMT
X-Firefox-Spdy: h2
supportcare.pro/Images/ActivityIndicator.gif
200 OK 28 kB URL HTTP/2 supportcare.pro/Images/ActivityIndicator.gif
IP
File type GIF image data, version 89a, 200 x 200\012- data
Hash c63792b958d231654ab54542fea871db
c21cfffa5cbd2a7c94076324fe28c4596df92e0c
9d070c98f02f1d6287952256b47f7cd72eda89bda25ef99782325214a042f01a
Analyzer Verdict Alert quad9 Sinkholed
GET /Images/ActivityIndicator.gif HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/App_Themes/SolidWithBlue/Default.css?__Cache=b8cad6ca-be3b-43b7-93f8-0df328ce75d1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public
content-length: 27503
content-type: image/gif
expires: Sat, 17 Dec 2022 07:04:10 GMT
last-modified: Thu, 10 Mar 2022 23:28:04 GMT
accept-ranges: bytes
etag: "1D834D67D769A00"
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:27 GMT
X-Firefox-Spdy: h2
supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
200 OK 105 B URL HTTP/2 supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b09bb5a7d92cf47a919a9c301a4a4878
2d7ac868af18dad12330f531ab242c784b220f33
f7b840f398705b2495b0f2e0f425e3d49b80cc9a60092d726b475f1ffc3ed475
Analyzer Verdict Alert quad9 Sinkholed
POST /Services/PageService.ashx/GetGuestSessionInfo HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Anti-Forgery-Token: Y5UaKa3h7doBqbGET3jHzX/swU8lExvg4l1QNsgPnaEBAAA4DV09XbYtQg==
X-Unauthorized-Status-Code: 403
Content-Length: 9
Origin: https://supportcare.pro
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 105
content-type: application/json; charset=utf-8
expires: -1
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
access-control-allow-origin: https://supportcare.pro
access-control-allow-credentials: true
date: Fri, 16 Dec 2022 17:15:27 GMT
X-Firefox-Spdy: h2
supportcare.pro/FavIcon.axd?__Cache=6f6636bb-9de1-47b6-960d-04964124e06b
200 OK 38 B URL HTTP/2 supportcare.pro/FavIcon.axd?__Cache=6f6636bb-9de1-47b6-960d-04964124e06b
IP
Hash a3ddc69ead48d5e01cf0141dd3e20abe
9a7a966e9735e9611fadbb9f7b14355769143663
2206a9c2bb7c1863d52caacd4d3926b48a9f21127901747953d05b1c447b24ae
Analyzer Verdict Alert quad9 Sinkholed
GET /FavIcon.axd?__Cache=6f6636bb-9de1-47b6-960d-04964124e06b HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=29252566
content-length: 38
content-type: image/vnd.microsoft.icon
expires: Mon, 20 Nov 2023 06:58:14 GMT
vary: Accept-Encoding
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
date: Fri, 16 Dec 2022 17:15:27 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11926
Expires: Fri, 16 Dec 2022 20:34:14 GMT
Date: Fri, 16 Dec 2022 17:15:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11926
Expires: Fri, 16 Dec 2022 20:34:14 GMT
Date: Fri, 16 Dec 2022 17:15:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11926
Expires: Fri, 16 Dec 2022 20:34:14 GMT
Date: Fri, 16 Dec 2022 17:15:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11926
Expires: Fri, 16 Dec 2022 20:34:14 GMT
Date: Fri, 16 Dec 2022 17:15:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 513e2d0b516490cfc71d87da2c3165fa
2b34ba2bb73cedd73521fc8691feea59dc5aaf9f
879662e443cc9743d9636e2f019d189d961837c270a3d98b46430784360793b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5426e2d-eb97-4dd0-b16a-f3ce166c5467.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: 0c022863-fa46-4f77-a7d5-ebb6f09bc511
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dJ8xJE8jIAMFpVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a41a0-3b53793f62de069900ac46b1;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 21:35:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nK3dcDhst8WDMgyue78azRSSXz41W4xo6uMYSX1JDuRiU9s6_RLEew==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:41:32 GMT
age: 70436
etag: "2b34ba2bb73cedd73521fc8691feea59dc5aaf9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7368b60db0458b59ffc968f09b85fdd5
f359f9799d0f0dc7dccfbadeaf922b4050a5e692
26aa7f684080dace9064fc7973c6a5761985c69e73373fb24c644ab2efe26c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12482
x-amzn-requestid: edd7e693-4c4a-4203-8b12-c044825947bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJvGAUIAMF1gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9571-151a50943b420ba86ab61dda;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s2ITT38OGjs_LjIKFKnrqzT0Oay3veQw3iPUL8b3tdD1yOhIzwvu4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:17:09 GMT
age: 68299
etag: "f359f9799d0f0dc7dccfbadeaf922b4050a5e692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ffaf7e3899d2e846612269608ae1286
07e6d729ad09430b483f44c16146dd2707935314
0d101f77b5159818bdac6fd41d43df60d95a08cebea93b9c661d5694a2d92f54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11887
x-amzn-requestid: 1bd2cd9d-d47b-4c67-ab16-9b9b6126fcd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ9ME94IAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9521-1f916ee5306bdb53701cba5a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:44:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CPFHf2jkYX-Eas9cB8nUrwbbdc1b5HOkQmMosBIUXlQxkK8VXRz8ng==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:42 GMT
age: 68386
etag: "07e6d729ad09430b483f44c16146dd2707935314"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83be48c5771e071d94ac0d912357ac99
97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1
dc7eaffae4521f6bc297ce21c0abe99fe92bf8938266b550f8e38ff9705bdeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11196
x-amzn-requestid: 1bcdd4c6-14db-40bc-90aa-226a0e411a09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJFFeIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-65c676d06a24e0252e8828dc;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: clnZ4iIDmF0oSqQv7wWwYt-KHO6U1Lp7hz706oDCBLhP3szyWQiDLw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:33 GMT
age: 68815
etag: "97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d2294cdacdc84b8b19874ba56035a6d
53009a81b15e464d5529d36b1e04b841b2ae034e
67d59aa026b43ed3f698f3853b986fc7c07e4e6e5f7b3551e59238f79978480a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe34f6337-b00d-4487-82ce-cbed5b4f3f4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7616
x-amzn-requestid: 71bbe208-11e3-4280-bf09-bff8bd18fcb4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c82fXGmPoAMF3Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63950462-12393ca432808b7f0b2771dc;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 22:12:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G1MopDnv-WOAbIBMe0v-V9xXeJIVDReKWSMG33dQt1q5GpK41RU0PQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 07:15:01 GMT
age: 36027
etag: "53009a81b15e464d5529d36b1e04b841b2ae034e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c89c607de35e59fa4b8f79762af0f269
362e1b907abcaccb16b3750c21ed04e4fa91f04c
7b9a28ad984bc7544d0798ff38cf8e1ce9f2f21a0112c18ee127a7566ba683e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5791
x-amzn-requestid: 2fb8518c-1fe3-426e-94ed-eea686005473
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRKYHeoIAMFgKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9575-0e312c40469090d033c6fc6a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -baQ_JUiZDWWBIizZVrOZrXdHTSgQbIJubNqHqA7Zjj-eKTvCNfKSg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:08 GMT
age: 68780
etag: "362e1b907abcaccb16b3750c21ed04e4fa91f04c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
200 OK 105 B URL HTTP/2 supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c29eaa24bbc32809ea128a49ff183a56
fa9329d8f83a7fb5edb49dbba2ba733df85c3424
0d3439d5c874ae310f5b0a2208d59667e89f7ee9f840be6fece1b995dd93c8b2
Analyzer Verdict Alert quad9 Sinkholed
POST /Services/PageService.ashx/GetGuestSessionInfo HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Anti-Forgery-Token: Y5UaKa3h7doBqbGET3jHzX/swU8lExvg4l1QNsgPnaEBAAA4DV09XbYtQg==
X-Unauthorized-Status-Code: 403
Content-Length: 17
Origin: https://supportcare.pro
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 105
content-type: application/json; charset=utf-8
expires: -1
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
access-control-allow-origin: https://supportcare.pro
access-control-allow-credentials: true
date: Fri, 16 Dec 2022 17:15:28 GMT
X-Firefox-Spdy: h2
supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
200 OK 105 B URL HTTP/2 supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b5b1d79da64de24494faa76c4c32dc89
1ce8652d1bc7ed55a01d9bda905694c6f9572d35
896eb02083a751dfa3e604ec038cf2f0368124775a777a8bf9707fd4b1ed7575
Analyzer Verdict Alert quad9 Sinkholed
POST /Services/PageService.ashx/GetGuestSessionInfo HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Anti-Forgery-Token: Y5UaKa3h7doBqbGET3jHzX/swU8lExvg4l1QNsgPnaEBAAA4DV09XbYtQg==
X-Unauthorized-Status-Code: 403
Content-Length: 17
Origin: https://supportcare.pro
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 105
content-type: application/json; charset=utf-8
expires: -1
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
access-control-allow-origin: https://supportcare.pro
access-control-allow-credentials: true
date: Fri, 16 Dec 2022 17:15:29 GMT
X-Firefox-Spdy: h2
supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
200 OK 105 B URL HTTP/2 supportcare.pro/Services/PageService.ashx/GetGuestSessionInfo
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ab808dfe1c610336b765e6e5c2bd2758
ba552ff616474d2bfeba8627e06902d99d517919
b213d0ff284b0f8603617176d9311ff6356cb4ed054cc035e1f44f4e56be5534
Analyzer Verdict Alert quad9 Sinkholed
POST /Services/PageService.ashx/GetGuestSessionInfo HTTP/1.1
Host: supportcare.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Anti-Forgery-Token: Y5UaKa3h7doBqbGET3jHzX/swU8lExvg4l1QNsgPnaEBAAA4DV09XbYtQg==
X-Unauthorized-Status-Code: 403
Content-Length: 17
Origin: https://supportcare.pro
Connection: keep-alive
Referer: https://supportcare.pro/?h=supportcare.pro&p=8041&k=BgIAAACkAABSU0ExAAgAAAEAAQDFIYFw%20EW3NFzxIYD/RwtGClTA0Q8c9gxyG1xMArnelgZP5ifHErSPI66odOh2GLIDsvRruPQmwmS2r9ZUmoho00bAc5DK+hN2st/Fv0t4d+NprSWAy04i08HuwVk5KUVjQW2iOKna0PXFR3gXWjlxjf1UDXQs3/8xjZp5WDPDKxtAxagFktuUpNNK+JbhMCwvAosdf3KCjJzHDxZoz4bYOFEytju1YV7MsW9OWK2yKNHAzrfELacFjTvLdpqbFYQ9JPXFzhY/imfkFy+hVG/M1sBVRwFYWEJ8KF6TNYN+qUUT80h+cK5oaR/SxoxBmcgoZme7wfLemoUEt1vMBAWr&s=5a3dd9e7-f94c-4a09-9ed5-24cde7643c04&i=1&e=Support&y=Guest&r=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 105
content-type: application/json; charset=utf-8
expires: -1
server: ScreenConnect/22.3.7487.8130-854526139 Microsoft-HTTPAPI/2.0
access-control-allow-origin: https://supportcare.pro
access-control-allow-credentials: true
date: Fri, 16 Dec 2022 17:15:30 GMT
X-Firefox-Spdy: h2
209.145.54.183
23.36.77.32
93.184.220.29