Report - www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

Report Overview

Submitted URL
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
IP
66.84.30.17
ASN
#11989 WEBINT
Submitted
2022-10-19 11:32:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fast.comcast.demdex.net	unknown	2012-12-05T14:16:05Z	2023-01-06T08:59:22Z	407 B	3.2 kB	23.36.76.163
assets.adobedtm.com	512	2014-01-28T05:51:35Z	2023-03-09T05:13:15Z	1.8 kB	53 kB	23.38.200.237
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-09T13:41:05Z	471 B	995 B	142.250.74.162
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	455 B	757 B	142.250.74.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
sdx.xfinity.com	25278	2017-06-27T18:59:20Z	2023-03-08T03:11:10Z	1.5 kB	83 kB	104.110.1.60
login.xfinity.com	18995	2018-01-15T15:52:54Z	2023-03-06T23:55:28Z	829 B	3.4 kB	23.36.79.11
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	450 B	884 B	142.250.74.164
csm.fr.eu.criteo.net	6845	2017-01-30T06:18:06Z	2023-03-09T05:24:01Z	597 B	358 B	178.250.0.162
ag.gbc.criteo.com	5925	2018-12-17T14:17:41Z	2023-03-09T13:13:37Z	776 B	1.3 kB	178.250.6.169
z.moatads.com	374	2014-02-11T17:19:47Z	2023-03-09T05:09:34Z	378 B	415 B	23.38.201.146
comcastathena.demdex.net	38236	2017-01-30T18:14:31Z	2023-03-09T08:42:38Z	981 B	4.4 kB	34.242.80.80
gum.criteo.com	381	2015-01-22T11:58:57Z	2023-03-09T13:47:23Z	3.1 kB	2.1 kB	178.250.0.157
gem.gbc.criteo.com	6039	2019-01-31T11:05:09Z	2023-03-09T13:35:35Z	1.2 kB	1.5 kB	185.235.84.48
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
comcastcom.d1.sc.omtrdc.net	47742	2016-01-16T20:54:46Z	2023-03-03T02:17:53Z	2.0 kB	4.9 kB	13.36.218.177
ib.adnxs.com	241	2012-05-20T21:01:49Z	2023-03-09T05:22:48Z	8.7 kB	15 kB	37.252.173.22
rtax.criteo.com	24191	2012-05-29T08:45:10Z	2023-03-09T09:16:42Z	359 B	139 B	178.250.0.166
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.0 kB	4.2 kB	142.250.74.3
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.36
www.swancommunications.com	unknown	2019-07-11T05:46:51Z	2023-01-28T16:19:25Z	13 kB	630 kB	66.84.30.17
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.161.6.128
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	62 kB	34.120.237.76
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	2.6 kB	5.4 kB	93.184.220.29
dpm.demdex.net	204	2012-05-22T07:45:05Z	2023-03-09T05:14:52Z	970 B	2.8 kB	34.249.106.217
dl.cws.xfinity.com	25997	2017-07-25T00:51:42Z	2023-03-03T02:17:53Z	948 B	1.1 kB	184.86.58.27
dnacdn.net	3760	2019-09-02T17:07:45Z	2023-03-09T06:38:41Z	1.9 kB	3.4 kB	178.250.2.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-18	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	Comcast Corporation

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js	Phishing
2022-10-19	medium	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (57)

	URL	Size	First Seen	Last Seen
	assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js	44 kB	2023-03-07	2023-07-07
Pretty URL assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:08 Times Seen7 Hash dbef438e3fcd49bdc0ee4d74b97df080 79c305610b7a4fb1278de12baacdc64423b9735e 236b7ce99f4dde0feeb5ba4bd411a55d978fb32a6142912f819cbdf81c5a8e85 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	709 B	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 29c5b54202500180081ef946136655d3 6b14a205b31d00734f432925992c13b0b09bec76 56e768b8bae290f45303f65a960b707ebf66c29d93e39801a743518a612ecd1e Loading...

	ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0	7.8 kB	2023-03-10	2023-03-10
Pretty URL ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 IP 37.252.173.22 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash 011cb972205f2ca49c7259adf14458a0 9fe822de7ad419cc27d82e32f07071eb9cc1b86e 00c7aa72ec71033f15fca5f2c5b4567abd81385e8eac34ba9a531ca42d0b77bc Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	114 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash 950fae87e6e42fab14943d2c552ed5ce 80c484e6e4f4dc1ef3cb96fb6ef22d9e9e08a998 21d481eaad47d03b7827ec11ba8609014e8439ef54abb3d8316543470a02c3ca Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js	1.7 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash fa05120ba52f7ee87e3521b726d66fd0 d7ba5ed4796a436e942afac492ec02c4d9796e17 55b2a74a7498140a0e3d2e62e00a967fffac9a908c326d2294a1b37c0fb8b2f3 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	6 B	2023-03-07	2024-04-04
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-04 07:19:18 Times Seen267 Hash 4b8c072994ba9bea859a9b01d6205208 3eaae93ae9fb5785690b12424b6af2a6243ee7f1 ce85089bfa9d83e2220a519a0a0624d0e943376211d1a43eaaa231646615709b Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj	7.4 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 89cf9988d16c15d5919e2efdeb341003 6554b529e37e27af64a11b0d3507073ca05fb822 0f108c7122c218a486594e6ddd029c00844979992aa9d7b00ea9d3816a3e5be5 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js	87 kB	2023-03-07	2024-04-19
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 09:02:56 Times Seen105255 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	65 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash 29e83bce5988c6e2e9c982f33b549f9d 45e3ece4a19ae00ce899b2f3e732cc6b160542cc c89e5bd550ca246099ac733e2167fd98d6acc82c1240ecdcfa5ebe99169fb498 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js	23 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 542a4d4d47e89ca290d850a6a0ae09b4 56445e16057d5b725ae11f5e85db661120515299 49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js	2.5 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:44 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 576b123770b3c1ada8d4260344726960 c8716f7d0fe73d9edf5ec333e9fc5500f7543fe9 11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22swancommunications.com%22,%22topUrl%22:%22www.swancommunications.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:30,%22requestId%22:%220.25712797489409056%22%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22swancommunications.com%22,%22topUrl%22:%22www.swancommunications.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:30,%22requestId%22:%220.25712797489409056%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	584 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash 60832f7faa5302947414cf19208031ed 94d2d8ce3f11ba59008aa59ef110af03ac2e25f7 563988d71dc92b24dcdeb5f662da2ed6f08ad641630e2e6c24ba9eb2bbaca6c4 Loading...

	ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0	0 B	2023-03-07	2024-04-19
Pretty URL ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 IP 37.252.173.22 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 09:09:54 Times Seen36955350 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js	129 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 01221af4231ddeec15ca85739ffc766c f61a3d6cf1fc6262b0c1e9b8bad2c9d56dca1702 eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	66 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash 7019e8692f7347552ef1cb69c4c03501 4e9dab0f360e131a150cab652909985ea4a5d2e4 483f45ded9e46cb1a6b07eb2b0a21e88086356acdfec4ff2e5f615f9e2086041 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	185 B	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash ce7acc8a16264044d142e8499dc054cc 180003090e8c506594c6ef46efe96007d9955f66 42ebbc0f410e5d9931ba33915d8b1dc2e500988de7cce823989887287e2f0ca9 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js	8.8 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 0318627f2adf5aafb9520d94f30749a4 643454397eddf53c58e6766f58a519b0b444592c 1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js	7.3 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash e98c1a1adf5539adda926dc57b56df92 3024e9e83dc44d9d9e6e7b1437110d68ca80e54f aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json	169 B	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash d64e6c5a8ce0f0383b88a1be77b053ee a316ca3df9822a7e638623d92e5aeacb3f4e3a2e c3d83128029acb4b1c9ae295ea823c9adb93e1cfa1e81d200e30adba82b3d4d3 Loading...

	fast.comcast.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	6.7 kB	2023-03-07	2024-03-23
Pretty URL fast.comcast.demdex.net/dest5.html?d_nsid=0#http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0	7.4 kB	2023-03-10	2023-03-10
Pretty URL ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 IP 37.252.173.22 ASN #29990 ASN-APPNEX Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash bc83a0b797233b12402961e7c024d702 d2e01eed55979c7c9ed21f80393c8910e10e3c26 3395fbf6c5fd7106c8129bc79c60ffabc78e874380f86b9b81fe37e5c7e961e4 Loading...

	assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js	212 B	2023-03-07	2023-07-07
Pretty URL assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:08 Times Seen7 Hash b5834499509b419a0926487143b3976d 8c3ed288f679fcb2b3819b534397ec4571db27be 6dd667c9f0c814598df2b2a4335090f34adbc2008cc7dcb12727aa0540bfc29d Loading...

	assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js	1.9 kB	2023-03-07	2023-07-07
Pretty URL assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:08 Times Seen7 Hash 1cf26e862d696e4a210b77e9f506e652 5e9dc2ed06fe2899058c25d24cfc71db98362eec bb818d8b594a3d5dc87d5c81fdf604181653a6225b7f8d5e8b6f73904880652c Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js	1.6 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 1fb3947058db50b6b3d0487328e3f86e 471f8733093ede4b0e075751bb89e0678d06a4f1 0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js	15 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash d8c65cf89a55791f45cf6eba34c0a6e9 05bf019faf116dfd1a9811a806e5bd0639d83c45 d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2 Loading...

	assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js	99 kB	2023-03-07	2023-07-07
Pretty URL assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:08 Times Seen7 Hash 7c44e613d67e21f6a1c3afd5985988da 51e009cb54f025d9c8c41c3e5d0b169d6886a667 25b929df07cf5a58b7ffdb4b4bf3886b79c2e79034510720744cd845f251d003 Loading...

	assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js	130 B	2023-03-07	2023-07-07
Pretty URL assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js IP 23.38.200.237 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:08 Times Seen7 Hash 16dfb4bd56a82d8f8018ab2fa164856c 5dfe61c56f504c30552409937a6cc2bbb946baa4 14d14a623f62b6d7fbbf182ec50118a627518d9a49cab43e76f8f89d4e2310fa Loading...

	comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1	3.9 kB	2023-03-10	2023-03-10
Pretty URL comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1 IP 13.36.218.177 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash 3c51f82635404489cdc721e09b5449f6 80aaac7b275393807608a172db8b89021d8ae281 0b12ffa963fe928eb33b2a058e29d72f3da70a0d0d35eb5a4f889634bcf1d3d4 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22swancommunications.com%22,%22topUrl%22:%22www.swancommunications.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:30,%22requestId%22:%220.25712797489409056%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22swancommunications.com%22,%22topUrl%22:%22www.swancommunications.com%22,%22cw%22:true,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:30,%22requestId%22:%220.25712797489409056%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	943 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash 490357b1920d016b7e98f083836cfb4a 524b3aca4d556e8db09114b2f625de5325b2d193 43b2e07591d890d006de29a9d1229113685941c3129a343eed611302792525ae Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	72 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash c5cd285897e59f478937bc100f6188e4 60ae7ee31fa595500d835f062f8280d770c67175 1c60ba25d564ffe32df8ef4998f300555865d8af87bccbf660640f6d63e348ae Loading...

	gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a	30 kB	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a IP 178.250.0.157 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:07:14 Last Seen2023-03-17 12:28:45 Times Seen1 Hash bdaa5c8c1e71698932d808e019d6fd83 5132a55533b548a0a7b4738444f8db1f950d17aa b71529be4e90b3352b8572ba193af07c9ad8b0c3534939c75e2c659cb15a3b5b Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js	276 kB	2023-03-07	2023-03-17
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:15 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 62628dc07dedc3f2a479575c2de3c899 a2e5f0a77a4df50476072170a47af42b28bcba02 2a150284ec831c47369e543eaaf6b57e2cbfc5102ff7d147efd3e12f26d53eaa Loading...

	www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06	23 B	2023-03-07	2023-07-07
Pretty URL www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 IP 66.84.30.17 ASN #11989 WEBINT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2023-07-07 13:05:07 Times Seen4 Hash d34903a901962c25d334f9c72600aedd 95b119c62a8f8e83424221753eac08d6ecd08186 fc6fb6a278162fbc5588b3e9ba6f35cf39c5059694d8218a02c2d6cde55ba8f3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - c55378d3965e9cc1cdd3b346a36f84a4	1.4 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash c55378d3965e9cc1cdd3b346a36f84a4 36b9de5f324afe83f271d2976b05f05b67e5aaa2 a3a3824427ce14633950990f664e968c67f37a32185cc75db9f7d4b8c6a61eb2 Loading...

	#2 Eval - 31f0f53f54fab9169f4e588b8ec45fe0	50 B	2023-03-07	2023-07-06
Pretty Observations First Seen2023-03-07 01:02:52 Last Seen2023-07-06 20:44:03 Times Seen146 Hash 31f0f53f54fab9169f4e588b8ec45fe0 109e2d77b5d665103edd94831735cccdf338e676 9fda12704d141686ffade43cfc0269f3533ed4cbbdbda7ad8d37bf9e80391f9a Loading...

	#3 Eval - 8526432ffbadeb493606721105c438a3	63 B	2023-03-07	2023-05-22
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-05-22 09:03:44 Times Seen13 Hash 8526432ffbadeb493606721105c438a3 59103d3d062da3f83474ccc21667b08ce526d347 69714ac25497684ab944f5ab015751a4e911749caa5fe3682dc5a1e8311ba458 Loading...

	#4 Eval - c3582e14118eabfe62c57b2aa5ccaabc	213 B	2023-03-07	2023-05-22
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-05-22 09:03:44 Times Seen13 Hash c3582e14118eabfe62c57b2aa5ccaabc 1472445d92651235f88bdfbfe3f61b4013327101 930c6bad7dca98c2d55d564d9df46c283223f18ed35d30686108e6bbe3f660bd Loading...

	#5 Eval - f720efba84d5f908efe883c2001ffc4c	85 B	2023-03-07	2023-05-22
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-05-22 09:03:44 Times Seen13 Hash f720efba84d5f908efe883c2001ffc4c c3cba72a4ae9b7d24c7db0fb578b72946bd79134 45f73c8d2a08890db58f56b3c230b719caf0ab7ed54bebec1ebda5d72236a95a Loading...

		Size	First Seen	Last Seen
	#1 Write - 5cd1a1ea6e8bb3640cc8900130f817da	412 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 5cd1a1ea6e8bb3640cc8900130f817da 027f27256c93c37a25ddec8881d63e02d0ad177a bab844caa2cf1a477488564869db7d4627317681cf30ab54f5dbf3d4b3e98b94 Loading...

	#2 Write - 77bf7c175dfd14b2412ddfb8fefb37b5	9 B	2023-03-07	2024-01-22
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-01-22 08:04:51 Times Seen71 Hash 77bf7c175dfd14b2412ddfb8fefb37b5 fa865452cf611c802a8e25b97dfe85bffeee1bed cf14a32120c034eafc76d4138166beb8c7a968a3633a0008e74f406dd9d2126d Loading...

	#3 Write - 06fb492bfa566de320e77ad9e80bcfdf	5 B	2023-03-07	2024-01-06
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-01-06 03:38:57 Times Seen43 Hash 06fb492bfa566de320e77ad9e80bcfdf d6f1bd2569b71bd5737db1208f8eb863db3bd195 0dd4d955accc30fd912938e3f7bbb0325a19550e0b9f37348481204a78ae5b10 Loading...

	#4 Write - 311bfbf8b1c9ff174e3b5e8fa10c1e93	10 B	2023-03-07	2024-01-22
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-01-22 08:04:50 Times Seen95 Hash 311bfbf8b1c9ff174e3b5e8fa10c1e93 dfb137baa7b14801cad73453394a05c9329037d0 2f358f0371a6e732c4340332235199dcd91ebc46239a5ddcfe6f9a63e6ebecfe Loading...

	#5 Write - 0babd91430fdd8a674b1e35806a90dfb	1.2 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash 0babd91430fdd8a674b1e35806a90dfb 81bda638f217022c49f7a5d68d6326f98fb7401a b80d040aa06ee234c3677d5ad024f0dd1c21d39a0a12d462fb8fb469b200e385 Loading...

	#6 Write - 1c10df4e6148374b8b36d9234eeb0899	132 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 1c10df4e6148374b8b36d9234eeb0899 bd43bf0d9ed5f2d2fcaca6b84f01b392fe01ced8 cae8a199cc080afb41d4dc1fe2ddbf9c4dfcd3a8cb90a73ef5aacf0cdc8896f8 Loading...

	#7 Write - f19c2946bab342f3538e281edaa9b327	77 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash f19c2946bab342f3538e281edaa9b327 63c8d9c46d1fea512c59cc2452e90caac8d1bfcf d73fa7e3772cd00dcafe59e592a02c6c8eb7d87b64b0b50a8ce7c4075308f2ba Loading...

	#8 Write - 7d9d25f71cb8a5aba86202540a20d405	2 B	2023-03-07	2024-01-06
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-01-06 03:38:56 Times Seen71 Hash 7d9d25f71cb8a5aba86202540a20d405 b3127725f678ca5b1038b1df45a06f2ff4e1f544 412ca345ccf75bf9c0806bce695be8de808b79984251a7a54d202cf6101dd451 Loading...

	#9 Write - e15a282f3be27ae5c0ddeb353a49d0b6	843 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash e15a282f3be27ae5c0ddeb353a49d0b6 3eca0752c4b29707beb281ca2b81693bdabf16e9 09f39c3a1bdc393398aa0948db073d1eb83251dc0df8754ec1f91bbcce904bf3 Loading...

	#10 Write - e62c176584df103eae11bd69f896a612	841 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash e62c176584df103eae11bd69f896a612 5c55c93dead71edbbfb5b55327f347c60aa4ba49 1e6d54ae171a44c154a79b3229747ca6cbf8cf1dfc8cf27f1754ac50fe977263 Loading...

	#11 Write - c4449d285c6fb8ff5539ef6f777087c3	261 B	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 11:32:46 Last Seen2023-03-10 11:32:46 Times Seen1 Hash c4449d285c6fb8ff5539ef6f777087c3 5d429fe7685a1576e5e6f021af0bba8a789d18aa caa7af4c59652c35d995246706de8592655b843fe86986caae6fd1a513f00976 Loading...

	#12 Write - 76e2e8ea77acfbd623fa4afc3049bdb3	11 B	2023-03-07	2024-01-06
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-01-06 03:38:57 Times Seen43 Hash 76e2e8ea77acfbd623fa4afc3049bdb3 f3d48d8655841ad0e68dbfa993ed6a01c9ffd34e 742c800c05fd69a5f2237dea34dc68f8c7e67f737212bd98fdba8adc476c667a Loading...

	#13 Write - 1545e945d5c3e7d9fa642d0a57fc8432	5 B	2023-03-07	2024-04-14
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2024-04-14 03:26:46 Times Seen101 Hash 1545e945d5c3e7d9fa642d0a57fc8432 b12d07c4786afb687b82ccef63db4df16da8952c 7879981d4f226a8f0191d36730c07205d7a5ff1c780fca9b2f905f25264cf636 Loading...

	#14 Write - 19236c4a1863ca662fd2a37d2ea503f5	89 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 19236c4a1863ca662fd2a37d2ea503f5 07351f7e9dca7278e8fbfa7e2605826c6577b7f9 e56b449633d4bdfb036dc90720cf7e45ff0460c5d412c4870170461538747fff Loading...

	#15 Write - 7066f1253b50750cf1fba16888b2b72a	303 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash 7066f1253b50750cf1fba16888b2b72a b04858e7bd3de9872a4bb7ae3351d07e48cb4493 9d080974d0acde6c7368b860c1d83c8e3d85a6f8024fb9b91cf26b5f4a3df7ed Loading...

	#16 Write - c0f4a682ed051cf240507be0f014ad5a	324 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash c0f4a682ed051cf240507be0f014ad5a a39cdd55f25bfa96acde8ef7d3f3071b06c30eb1 929e0e21608727cde8bde4832a4d570eaacfd67031af368dd04174ce3f610d55 Loading...

	#17 Write - f7af1ac3bfd5ebfa9634702ed7641f42	59 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 01:03:45 Last Seen2023-03-17 12:28:45 Times Seen1 Hash f7af1ac3bfd5ebfa9634702ed7641f42 9fcc7521671058294472baf9f2665e80d6baf607 d44fe270278a68c0fc84fc8c3ed442c6c08eb556296c04b4a7d82348287279a4 Loading...

HTTP Transactions (98)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 19 Oct 2022 10:51:34 GMT
Expires: Wed, 19 Oct 2022 11:46:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h9NjbHxXzHFIzxB-p1hmYFChERXnBhzyWV_BaAOr2BlAIfuNhnv4ZA==
Age: 2453

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9622
Expires: Wed, 19 Oct 2022 14:12:49 GMT
Date: Wed, 19 Oct 2022 11:32:27 GMT
Connection: keep-alive

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

66.84.30.17

200 OK

17 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1920), with CRLF line terminators
Size
17 kB (16803 bytes)
Hash
93725c706eda8c42b41bcca4d3e64969
72011789b5cc39176eebb2fe5eeeefc1fbcf362b
5668f66541c53b709dc5b04fc475dab7bb8251b3ebf7a2274a2eaa0db53992ef

Detections

Analyzer	Verdict	Alert
openphish	Comcast Corporation

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 16803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13387
Expires: Wed, 19 Oct 2022 15:15:34 GMT
Date: Wed, 19 Oct 2022 11:32:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: YEvooU2RL2bb+Ws9yMV8VQTIMeIo44heeWmhb0z5+ErMdHw/ufQKCM0H4e3Eo0XlXrzAdyOqo7k=
x-amz-request-id: GZPJ7JX3HHNH451F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 19 Oct 2022 10:36:16 GMT
age: 3371
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 19 Oct 2022 11:32:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js

66.84.30.17

200 OK

23 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (1486)
Size
23 kB (23346 bytes)
Hash
542a4d4d47e89ca290d850a6a0ae09b4
56445e16057d5b725ae11f5e85db661120515299
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 23346
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js

66.84.30.17

200 OK

2.5 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (2546), with no line terminators
Size
2.5 kB (2546 bytes)
Hash
576b123770b3c1ada8d4260344726960
c8716f7d0fe73d9edf5ec333e9fc5500f7543fe9
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 2546
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js

66.84.30.17

200 OK

1.6 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (1624), with no line terminators
Size
1.6 kB (1624 bytes)
Hash
1fb3947058db50b6b3d0487328e3f86e
471f8733093ede4b0e075751bb89e0678d06a4f1
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 1624
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css

66.84.30.17

200 OK

3.2 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (3243), with no line terminators
Size
3.2 kB (3243 bytes)
Hash
709e5291d3bbec4524a53edf4c343352
de3799da5fc172ae2a76c5b4716b1f621ae3c2c6
25910ca8aaacdd039f7e596b4f446ac4c71f67ff3911d5969dfba9b7f1a6688f

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 3243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js

66.84.30.17

200 OK

8.8 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text
Size
8.8 kB (8775 bytes)
Hash
0318627f2adf5aafb9520d94f30749a4
643454397eddf53c58e6766f58a519b0b444592c
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 8775
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js

66.84.30.17

404 Not Found

315 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 404 Not Found
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json

66.84.30.17

200 OK

169 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with no line terminators
Size
169 B (169 bytes)
Hash
d64e6c5a8ce0f0383b88a1be77b053ee
a316ca3df9822a7e638623d92e5aeacb3f4e3a2e
c3d83128029acb4b1c9ae295ea823c9adb93e1cfa1e81d200e30adba82b3d4d3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js

66.84.30.17

200 OK

1.7 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433)
Size
1.7 kB (1723 bytes)
Hash
fa05120ba52f7ee87e3521b726d66fd0
d7ba5ed4796a436e942afac492ec02c4d9796e17
55b2a74a7498140a0e3d2e62e00a967fffac9a908c326d2294a1b37c0fb8b2f3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 1723
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj

66.84.30.17

200 OK

7.4 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
HTML document, ASCII text, with very long lines (7387), with no line terminators
Size
7.4 kB (7387 bytes)
Hash
89cf9988d16c15d5919e2efdeb341003
6554b529e37e27af64a11b0d3507073ca05fb822
0f108c7122c218a486594e6ddd029c00844979992aa9d7b00ea9d3816a3e5be5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 7387
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 19 Oct 2022 10:43:40 GMT
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 11:01:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0jnWYVO1tE1psqta1p3Nr6Y3LKBqryxD7bwKRgUSpzYahIdtEcMtIw==
Age: 2928

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js

66.84.30.17

200 OK

7.3 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (7303), with no line terminators
Size
7.3 kB (7303 bytes)
Hash
e98c1a1adf5539adda926dc57b56df92
3024e9e83dc44d9d9e6e7b1437110d68ca80e54f
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 7303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css

66.84.30.17

200 OK

45 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (45103), with no line terminators
Size
45 kB (45103 bytes)
Hash
0a0b49b52b3291d6b49b7713c4a4118d
8e720bff1874620ef556512d3c690c69da3c3255
e9838dd96e607f7db82a919db47ac8ead355133b2a0ac312517d76b1a9b47266

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 45103
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js

66.84.30.17

200 OK

15 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (14942)
Size
15 kB (14964 bytes)
Hash
d8c65cf89a55791f45cf6eba34c0a6e9
05bf019faf116dfd1a9811a806e5bd0639d83c45
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 14964
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js

66.84.30.17

200 OK

87 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js

66.84.30.17

200 OK

276 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (761)
Size
276 kB (275951 bytes)
Hash
62628dc07dedc3f2a479575c2de3c899
a2e5f0a77a4df50476072170a47af42b28bcba02
2a150284ec831c47369e543eaaf6b57e2cbfc5102ff7d147efd3e12f26d53eaa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 275951
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
62fc1aa250922e13956facbf8071aebb
111e2978b9e6931f7ba9ee3beac67d1af7bf8c92
1d0de3a88ad67da5ba748190f997994299058b77fff93caa24f4c611b3dec560

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3698
Cache-Control: max-age=164157
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:28 GMT
Etag: "634fb017-1d7"
Expires: Fri, 21 Oct 2022 09:08:25 GMT
Last-Modified: Wed, 19 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js

66.84.30.17

200 OK

129 kB

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
ASCII text, with very long lines (32748)
Size
129 kB (129056 bytes)
Hash
01221af4231ddeec15ca85739ffc766c
f61a3d6cf1fc6262b0c1e9b8bad2c9d56dca1702
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 129056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

104.110.1.60

200 OK

27 kB

URL HTTP/2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
IP
104.110.1.60:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 26768, version 0.0\012- data
Size
27 kB (26768 bytes)
Hash
e3e79cd377b28c1e7ffea64b194136cf
e67fb661f5d630ecc811e93d526065a680bf58d7
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

HTTP Headers

GET /fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff2
content-length: 26768
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "e3e79cd377b28c1e7ffea64b194136cf"
x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XTk1ZXdpqisLN4abManV2eERXXfdVDr6nw7IuuvYX00Zl-QVHJqL0A==
cache-control: max-age=1357485
date: Wed, 19 Oct 2022 11:32:28 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124

34.249.106.217

200 OK

1.2 kB

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124
IP
34.249.106.217:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (3454), with no line terminators
Size
1.2 kB (1166 bytes)
Hash
d2be63da6a559dcfdfaab2faef1af584
3f39fefe798affd83554a8883f6ef9fa3fe3e2ed
dc5efc7e23f4e788cceada7128d9ad16b87c58f85652e9ed6c377efaafc5ead3

HTTP Headers

GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-08a9bb06a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=33645873871924941980493758199878718051; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:28 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: ba7IoKjzTVU=
Content-Length: 1166
Connection: keep-alive

z.moatads.com/comcastapn56341864860/moatad.js

23.38.201.146

200 OK

0 B

URL HTTP/2
z.moatads.com/comcastapn56341864860/moatad.js
IP
23.38.201.146:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=41948
date: Wed, 19 Oct 2022 11:32:28 GMT
X-Firefox-Spdy: h2

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif

66.84.30.17

200 OK

42 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif

66.84.30.17

200 OK

43 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif

66.84.30.17

200 OK

42 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06

HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif

fast.comcast.demdex.net/dest5.html?d_nsid=0

23.36.76.163

200 OK

2.8 kB

URL HTTP/1.1
fast.comcast.demdex.net/dest5.html?d_nsid=0
IP
23.36.76.163:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2785 bytes)
Hash
b8a1b21bd0651935d53a7bff0c2479d6
31527c952669b6d1d06c537eb50c9043f576e607
80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd

HTTP Headers

GET /dest5.html?d_nsid=0 HTTP/1.1
Host: fast.comcast.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"

www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js

66.84.30.17

404 Not Found

315 B

URL HTTP/1.1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
IP
66.84.30.17:0
ASN
#11989 WEBINT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
Cookie: AMCV_DA11332E5321D0550A490D45%40AdobeOrg=1406116232%7CMCIDTS%7C19285%7CvVersion%7C2.5.0

HTTP/1.1 404 Not Found
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220

13.36.218.177

200 OK

2 B

URL HTTP/1.1
comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

HTTP Headers

GET /id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
access-control-allow-origin: http://www.swancommunications.com
access-control-allow-credentials: true
date: Wed, 19 Oct 2022 11:32:28 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0

37.252.173.22

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: d147eceb-941e-4620-8009-ba52a3976c19
Set-Cookie: uuid2=3550303017302041092; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: htEp8uScJWreauk5d9ccBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NPwpJ5m+U1l4pJD2uHCDaZ41k5Y=

ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0

37.252.173.22

200 OK

2.9 kB

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type
HTML document, ASCII text, with very long lines (7400), with no line terminators
Size
2.9 kB (2932 bytes)
Hash
d39fc0f1318b75ca9e9965efbfcf44bd
d3863dc1130c908b24afaeb28ae00317df48bed7
92dbbc5be0d4893a268aea8c654c2743d87c3bbe943ccd968b0bf7a9506a961e

HTTP Headers

GET /bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 1e437e0a-f7a9-4820-a915-dbd884ccb6b2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip

ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0

37.252.173.22

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: a54d39a4-62b3-466e-8230-5a4d165a56e3
Set-Cookie: uuid2=5791981576152699954; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0

37.252.173.22

200 OK

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 552c0752-a3d9-42dc-8ccb-3410e9cb19a7
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0

37.252.173.22

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: adca2c86-f1de-4cda-9a76-e3d604a311be
Set-Cookie: uuid2=9213141469887020538; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0

37.252.173.22

200 OK

3.1 kB

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type
HTML document, ASCII text, with very long lines (7764), with no line terminators
Size
3.1 kB (3117 bytes)
Hash
81431de9ecf8d631b2b13bf4852bdf8f
50bb502258fcd8fc1235f5b1846a8638329b2de6
4533d8597cb3815b7cecab124334513353a9534f4f89a667d8cd8fee9682e7b8

HTTP Headers

GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a4d0d908-a132-4e2f-bd84-27865b3f79e3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip

ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0

37.252.173.22

307 Redirection

0 B

URL HTTP/1.1
ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 2080f960-cae1-4b54-91be-9eb3a88688c2
Set-Cookie: uuid2=1435446543281507710; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0

37.252.173.22

200 OK

0 B

URL HTTP/1.1
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP
37.252.173.22:0
ASN
#29990 ASN-APPNEX

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: d50b66c3-5422-46b3-be1c-9749d4921477
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com

sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2

104.110.1.60

200 OK

27 kB

URL HTTP/2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
IP
104.110.1.60:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 27420, version 0.0\012- data
Size
27 kB (27420 bytes)
Hash
f05d3ebe80809d82ab14d62a79da544e
bf08410286fbadd57335dc63dbdd8169cd4e6d1e
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

HTTP Headers

GET /fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 27420
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "f05d3ebe80809d82ab14d62a79da544e"
x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _vpkqBlLETw4T6oH2cSnkktI4BxeLxas20IZvW788el8Nomx3bJ5ug==
cache-control: max-age=958887
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2

104.110.1.60

200 OK

27 kB

URL HTTP/2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
IP
104.110.1.60:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format (Version 2), TrueType, length 27152, version 0.0\012- data
Size
27 kB (27152 bytes)
Hash
13709eac065721ba8cd0e2d1b6fa8026
2fa86f3c0fbc94711d6c0ed32e3e03add756ba18
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

HTTP Headers

GET /fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: font/woff2
content-length: 27152
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "13709eac065721ba8cd0e2d1b6fa8026"
x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IzOfbbv8gz8w_604kyRw0cTtS-ry2VNjzzr5bNN0H7WL2BOGYFlCng==
cache-control: max-age=1802939
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js

23.38.200.237

200 OK

34 kB

URL HTTP/1.1
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (557)
Size
34 kB (34525 bytes)
Hash
953eadbd32b8680b37511cc683781aff
8ea7a5fb3bd5f727f3ec3366bc1d91b3a104043b
14dd417150683ce056827225bbf94a0f26e95a820b604f815021be49eb8c707b

HTTP Headers

GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7c44e613d67e21f6a1c3afd5985988da:1581368005.559228"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34525
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *

assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js

23.38.200.237

200 OK

134 B

URL HTTP/1.1
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
134 B (134 bytes)
Hash
26720501c4260c7cc5833d9e06f0af87
26ce9fe2fa65dcd91b1ff050a238892a70eaad6c
e23487c8456f551b44229fd881dd8c524922e7c4c68682028c245bf706820e62

HTTP Headers

GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "16dfb4bd56a82d8f8018ab2fa164856c:1581368006.307249"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 134
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *

assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js

23.38.200.237

200 OK

187 B

URL HTTP/1.1
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
187 B (187 bytes)
Hash
100e6bd0333d51a01c9e2bf4130cd5c9
b03e6b94b4c163de582e217f6e148f3b12df8f1f
481a6bc427ce8b7601db07e2387f5265db27e59a9a54abcb88f0e2497387912a

HTTP Headers

GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b5834499509b419a0926487143b3976d:1581368006.388159"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *

23.36.79.11

200 OK

184 B

URL HTTP/2
login.xfinity.com/static/images/favicon/favicon-16x16.png
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 16 x 16, 8-bit grayscale, non-interlaced\012- data
Size
184 B (184 bytes)
Hash
db142cad60d6acbf015835843f35071f
56261a4d35ff1ad9c210376f025f8762e608494f
1a819ccf88edbedbdce80f8f48844260c685edf389ba39ba92e42c7291522801

HTTP Headers

GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
cache-control: max-age=327
expires: Wed, 19 Oct 2022 11:37:56 GMT
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2

23.36.79.11

200 OK

2.6 kB

URL HTTP/2
login.xfinity.com/static/images/favicon/android-icon-192x192.png
IP
23.36.79.11:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Size
2.6 kB (2569 bytes)
Hash
4d5a72cfafe8a0e67a3a4e3684ae379f
2140780ff72470e5a9d63fdf950d7b816ce804be
b8bbda2990b5611317f747bf13de3a78e1de77fd7d864a27d845194988490375

HTTP Headers

GET /static/images/favicon/android-icon-192x192.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 2569
content-type: image/png
cache-control: max-age=1702
expires: Wed, 19 Oct 2022 12:00:51 GMT
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2

assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js

23.38.200.237

200 OK

15 kB

URL HTTP/1.1
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text, with very long lines (563)
Size
15 kB (14684 bytes)
Hash
4da5a7f7e67cf8d72d1238efbd4dac31
e8bf676f06b42529aa475c3d292acfa0f5b4a6b7
2c68577dc9e4226daf46cbcf1650a0e91a1841c67ecf5e4ecea749cbea7ed973

HTTP Headers

GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "dbef438e3fcd49bdc0ee4d74b97df080:1581368005.888342"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14684
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *

rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content

178.250.0.166

204 No Content

0 B

URL HTTP/1.1
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content
IP
178.250.0.166:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Wed, 19 Oct 2022 11:32:29 GMT
strict-transport-security: max-age=31536000; preload;

assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js

23.38.200.237

200 OK

681 B

URL HTTP/1.1
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
IP
23.38.200.237:0
ASN
#16625 AKAMAI-AS

File type
ASCII text
Size
681 B (681 bytes)
Hash
238e9ac366afc5ccb8ab193af21a3bdd
ccbe4cf829625b32aa2ecb714bc68c05c53de703
2f27f96e790c01c88b87af6a72d3d635b9bfc630d13bd43bd46a8be4ac5fac9f

HTTP Headers

GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "1cf26e862d696e4a210b77e9f506e652:1581368006.039768"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 681
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2375
Cache-Control: max-age=141621
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:52:50 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2375
Cache-Control: max-age=141621
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:52:50 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2425
Cache-Control: max-age=141671
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:53:40 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 312

dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810

34.249.106.217

200 OK

216 B

URL HTTP/1.1
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810
IP
34.249.106.217:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
216 B (216 bytes)
Hash
f8f5605b61768c2eec6f88304c5872e0
e214a628d248f6f3cb122fdfb4bf534c50f9986b
11612f1796b76f64bc86d6c7167d4c346e6ee94bdc0ab5042c5687bf187646e6

HTTP Headers

GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-055dce264.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14487394322346320910112654184551133288; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:29 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: nhOaGn/SRuo=
Content-Length: 216
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
27cb73faa30122c666bb2f5a7fe62ae0
7f43f2b588d2b78ed6c48217ca025f87d799f90e
a226eb2a00e56f75c7f20a015c3e2af31587abfa177ee636ecd300b0af60ada3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3373
Cache-Control: max-age=153037
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f85ed-1d7"
Expires: Fri, 21 Oct 2022 06:03:06 GMT
Last-Modified: Wed, 19 Oct 2022 05:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471

comcastathena.demdex.net/event?_ts=1666179157837

34.242.80.80

200 OK

119 B

URL HTTP/1.1
comcastathena.demdex.net/event?_ts=1666179157837
IP
34.242.80.80:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
afeec23f2ace1ffcf5d0fd11ab13d1bb
7d6a7e76384df9e35b6d2011422d1681f39eb543
7295d1faec788b1df61260a872fd4abf0cbdeecba8d63df3d7ede4f741a50a81

HTTP Headers

POST /event?_ts=1666179157837 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 637
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-00b67553b.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14487394322346320910112654184551133288; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: rTuUc6MKRHI=
Content-Length: 119
Connection: keep-alive

dl.cws.xfinity.com/event/

184.86.58.27

200 OK

0 B

URL HTTP/2
dl.cws.xfinity.com/event/
IP
184.86.58.27:0
ASN
#16625 AKAMAI-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Referer: http://www.swancommunications.com/
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 0
x-amzn-requestid: 7bc76f90-7685-40bd-bcca-ca3203f2f879
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: aP_8IHOWCYcFniw=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ra_mqertSMoMfJ2GVcFrDY4ydWHmbMCSWU4dygRvEFOYuP7Vr8PqFA==
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2

comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1

13.36.218.177

200 OK

3.9 kB

URL HTTP/1.1
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3890)
Size
3.9 kB (3891 bytes)
Hash
3c51f82635404489cdc721e09b5449f6
80aaac7b275393807608a172db8b89021d8ae281
0b12ffa963fe928eb33b2a058e29d72f3da70a0d0d35eb5a4f889634bcf1d3d4

HTTP Headers

GET /b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/

HTTP/1.1 200 OK
access-control-allow-origin: *
date: Wed, 19 Oct 2022 11:32:29 GMT
expires: Tue, 18 Oct 2022 11:32:29 GMT
last-modified: Thu, 20 Oct 2022 11:32:29 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3578092479239651328-4619807516666870280
vary: *
dcs: dcs-prod-irl1-1-v044-038a43fef.edge-irl1.demdex.com 6 ms
x-aam-tid: ihUR8mO2Rxg=
content-type: application/x-javascript;charset=utf-8
content-length: 3891
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

comcastathena.demdex.net/dest5.html?d_nsid=1

34.242.80.80

200 OK

2.8 kB

URL HTTP/1.1
comcastathena.demdex.net/dest5.html?d_nsid=1
IP
34.242.80.80:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Size
2.8 kB (2791 bytes)
Hash
ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12

HTTP Headers

GET /dest5.html?d_nsid=1 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 19 Oct 2022 11:32:29 GMT
DCS: dcs-prod-irl1-1-v044-0c37eeeb2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 17 Oct 2022 12:31:03 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: je0CPuU4Rfs=
Content-Length: 2791
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7ce1a0e79d7686df60fa05c21e50b082
a7f23b5a8f94a5aee702bf4949e1f51879029cd3
eff1fdda9cb412eec2c01cf4151db60890fa621d4d3c24077866b628fc205b9f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0

142.250.74.162

302 Found

42 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&amp;guid=ON&amp;script=0 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fast.comcast.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 19-Oct-2022 11:47:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
660d838245148faa880003d30cb39244
973f9e2ccd0f7cba61764c940507a9da714c4268
a821003dcb9713c6ac3ee611ad354f21f0bea20264e865914415e7184ae6beed

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5340
Cache-Control: max-age=147793
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f69c2-13a"
Expires: Fri, 21 Oct 2022 04:35:42 GMT
Last-Modified: Wed, 19 Oct 2022 03:06:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7ce1a0e79d7686df60fa05c21e50b082
a7f23b5a8f94a5aee702bf4949e1f51879029cd3
eff1fdda9cb412eec2c01cf4151db60890fa621d4d3c24077866b628fc205b9f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=9EJM2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkZqWFFGcThqcCUyQkUlMkY1JTJGcmx1NUxpeHU; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 241466
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d5fb2bb3183bdfca2229aed607409df3
38a419a7a186a78ff8a07be3321947f846ebf958
7ed2d84b138292743f14fa88fd204c5bb02155cba62bbc59ee4358f27f9b96a1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079

142.250.74.164

302 Found

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
f338f0dd5f9efae71646d0eb69dabec1
bd21175384910091626e64c4067e77a630a4518b
a083fa6e737d6180530fd87d51a831bacb964307fab6933ae425a81dcfb0d9d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 681
Cache-Control: max-age=164385
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634fbcc5-139"
Expires: Fri, 21 Oct 2022 09:12:14 GMT
Last-Modified: Wed, 19 Oct 2022 09:00:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
f338f0dd5f9efae71646d0eb69dabec1
bd21175384910091626e64c4067e77a630a4518b
a083fa6e737d6180530fd87d51a831bacb964307fab6933ae425a81dcfb0d9d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 616
Cache-Control: max-age=164320
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634fbcc5-139"
Expires: Fri, 21 Oct 2022 09:11:09 GMT
Last-Modified: Wed, 19 Oct 2022 09:00:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cc71911d4c07bede48cfda542aba33f0
6332e65663215375ab3a4fd4e02d9557ef739b0d
c9078ff8f478fa763f2521bc0d1db2c4d4d48aa21c6f249331e236b6b53a0ecb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53525ef52571dae72e22128ebd6b8502
610d1a353bd94f2a38703e8770f8fe67300f6f3e
14ac3d4e3f9ccc62c3bc67698d4f88b217834bff67eea4f7d01c024ca48d9e4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

dl.cws.xfinity.com/event/

184.86.58.27

200 OK

110 B

URL HTTP/2
dl.cws.xfinity.com/event/
IP
184.86.58.27:0
ASN
#16625 AKAMAI-AS

File type
JSON data\012- , ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
57289efba30f7770d950f28c195ead82
53b4315fc9963bc807f16f446ec9f64e0088fdca
8dee7c0d5e1519e45851beca7c77b39830d0eae0bda209a6504ce1b9e9b2ed46

HTTP Headers

PUT /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3811
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 110
x-amzn-requestid: 48cd90e8-325f-43c1-bcf9-6cb2f2ff9bd1
x-amz-apigw-id: aP_8LG_tiYcFjng=
x-amzn-trace-id: Root=1-634fe04d-48b4435b4ced54cd4fa80264
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: GcaVKM02qoYpoRr9y3gnL89YUr6DFpo1_niKqOFPwMpp4qXVFC0CRg==
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive

dnacdn.net/dna

178.250.2.146

200 OK

635 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
635 B (635 bytes)
Hash
b2dc97bac9f1a62a852b1a2130a0e71c
af54f7269bd4b081bbecf7522db0211f911e1aab
d9fdc944a23b8097eaface0f0ac4103ac4651242ed2c3d23f1b6a62a7829721e

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=9EJM2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkZqWFFGcThqcCUyQkUlMkY1JTJGcmx1NUxpeHU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 299184
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive

www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9623 bytes)
Hash
440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 06:19:40 GMT
age: 18769
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd863b0-94dc-48ab-a768-cb25fea284e7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10168 bytes)
Hash
ae2bf42f05c120363dd9c8bc320cbdf9
3e9d928edb29f9d39feda401519dd82e2e509f1e
78985912f0d45719ebcf303e3056f422390ea79b2a5ab47b19cba87f4f11b8ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd863b0-94dc-48ab-a768-cb25fea284e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: a52a1462-c23f-47a3-a71d-461f70f07dd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFokG7MoAMFsgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1c9d-28faabe059a668aa610da199;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4DfiNiPIw_62F56id7SQKej951QrFk8flz1iAU3y4FJ6B9lrYD16Tw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:42:35 GMT
age: 49794
etag: "3e9d928edb29f9d39feda401519dd82e2e509f1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05c7bc81-316c-4f0d-bb3e-28d892d65e29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9070 bytes)
Hash
ccb0f6ae2ffc84b77d6048ab25ab3c91
4cbe904deab4f29866b499d55c0cd646de67fdb8
743c9908b18412433934d58665bd5c5aeded03cc48be57e916a43f79e2c664b0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05c7bc81-316c-4f0d-bb3e-28d892d65e29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9070
x-amzn-requestid: 3f5c3e27-e6e2-45b1-a986-853dbfbe2813
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFBfEbJoAMF-iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1ba2-6a359b2847d892f12bb2b9a4;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gY1ENXcOS8zArDSAuvM-REaJzgJo3vP9BiSbDR92MGN40JQwfE6Wxw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:58:37 GMT
age: 48832
etag: "4cbe904deab4f29866b499d55c0cd646de67fdb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fcbf6c7-2d66-4714-a0e0-01b757ccd392.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7075 bytes)
Hash
3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fcbf6c7-2d66-4714-a0e0-01b757ccd392.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: d488b43b-0bf2-4788-a087-fa1d0ae0270a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aCOTMF7xIAMF0tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a5dad-7c7563b8761a637c1828a5ff;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 07:13:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yu4JsLfxBHVL00QEgTL9SaoPGZDOJJaW7vzQvp9Zn_GOfrba9Gieiw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 06:35:06 GMT
age: 17843
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F930c4fbc-71e1-4a9f-9906-859379701be9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9129 bytes)
Hash
40f819b2d90eea9b4a6de0a7bf764cce
6528d63d04c30638fa11328d2145c3e36661f11e
998ca60b05b85d184d590a4b1ecc430395249f7bd134a2fbf2fa7e4232f89bd5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F930c4fbc-71e1-4a9f-9906-859379701be9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9129
x-amzn-requestid: eed778be-9b5d-4ebe-b503-f7048da1e311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFouGyMoAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1c9e-19e09ede0124e0ab212167fd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gygx3w7s9mvtFr_A776VyQc3Zx-G_xPbpJeqWOt_DTHvTtoc64H1-w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:43:24 GMT
age: 49745
etag: "6528d63d04c30638fa11328d2145c3e36661f11e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fade655c6-f6d3-4069-b1f3-12ccc9ea828e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11105 bytes)
Hash
86dce0f2221a313cc9f28523aa8b093f
e8fad92b792ad8fe6aaadf4f85954811fcb27ac5
9711e437d64bcbb5ecee8f6f40526223bebed07fdbbddf132819bbc740edf073

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fade655c6-f6d3-4069-b1f3-12ccc9ea828e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11105
x-amzn-requestid: be74b62f-0687-43a7-8d76-2a6fcd070056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-6QUHodIAMFZjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63490a68-037c07ae63ed8a7471347f0a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 07:06:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mnMxBn69TskkKxU90tDs4QKlfcOKt7RzZY_SBZJmczWIatzEVhNYKw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 07:18:38 GMT
age: 15231
etag: "e8fad92b792ad8fe6aaadf4f85954811fcb27ac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: http://www.swancommunications.com/
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: http://www.swancommunications.com
server-processing-duration-in-ticks: 345266
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
53525ef52571dae72e22128ebd6b8502
610d1a353bd94f2a38703e8770f8fe67300f6f3e
14ac3d4e3f9ccc62c3bc67698d4f88b217834bff67eea4f7d01c024ca48d9e4a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ag.gbc.criteo.com/newidsd

178.250.6.169

200 OK

350 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
178.250.6.169:0
ASN
#44788 Criteo SA

File type
data
Size
350 B (350 bytes)
Hash
10e3ce352621e93e84e36b5f43720895
1a48de80057bcd0a80e1a05fc742055a6dbe142d
33d4c43e0cc08b37b8348064409cd3f7b23bad48c67995e6a958e2906d7e9e7a

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 141132
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1

178.250.0.162

200 OK

43 B

URL HTTP/2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1
IP
178.250.0.162:0
ASN
#44788 Criteo SA

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:30 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 574978
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OMRtcV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85Nm9vdE9NSmRtbTZOJTJGS2hpYlJOcnQ; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 235384
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.48

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.48:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91413
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 176631
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

178.250.6.169

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
178.250.6.169:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 105680
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=rtus&topUrl=www.swancommunications.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d2a2f272-0f8c-4502-88d8-91ec9d34613c; expires=Mon, 13 Nov 2023 11:32:28 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 580770
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
x-crto-bundle: 8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: http://www.swancommunications.com
server-processing-duration-in-ticks: 1832979
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.48

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.48:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 70290
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.48

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.48:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 120966
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 768007
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (57)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations