firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 19 Oct 2022 10:51:34 GMT
Expires: Wed, 19 Oct 2022 11:46:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h9NjbHxXzHFIzxB-p1hmYFChERXnBhzyWV_BaAOr2BlAIfuNhnv4ZA==
Age: 2453
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 66155b620c27c14aced991b34be0d1a0
2d489f39edc932199e2d8e03b40c1a5c95b993d2
1a500079242f4472c1e8dafd352c6c6078a7228a1993208d2fe1e27dd00644ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A500079242F4472C1E8DAFD352C6C6078A7228A1993208D2FE1E27DD00644EA"
Last-Modified: Mon, 17 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9622
Expires: Wed, 19 Oct 2022 14:12:49 GMT
Date: Wed, 19 Oct 2022 11:32:27 GMT
Connection: keep-alive
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
66.84.30.17200 OK 17 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1920), with CRLF line terminators
Hash 93725c706eda8c42b41bcca4d3e64969
72011789b5cc39176eebb2fe5eeeefc1fbcf362b
5668f66541c53b709dc5b04fc475dab7bb8251b3ebf7a2274a2eaa0db53992ef
Analyzer Verdict Alert openphish Comcast Corporation
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06 HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 16803
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 533e1d53f291993ed5886f88a85c6e55
eb4396e8422f71168d32ac6ff3ef49496f625e62
0d1b73b2a228fe76bf14688e603741025a40803971e05570f873b28788334b33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D1B73B2A228FE76BF14688E603741025A40803971E05570F873B28788334B33"
Last-Modified: Mon, 17 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13387
Expires: Wed, 19 Oct 2022 15:15:34 GMT
Date: Wed, 19 Oct 2022 11:32:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YEvooU2RL2bb+Ws9yMV8VQTIMeIo44heeWmhb0z5+ErMdHw/ufQKCM0H4e3Eo0XlXrzAdyOqo7k=
x-amz-request-id: GZPJ7JX3HHNH451F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 19 Oct 2022 10:36:16 GMT
age: 3371
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 19 Oct 2022 11:32:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js
66.84.30.17200 OK 23 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1486)
Hash 542a4d4d47e89ca290d850a6a0ae09b4
56445e16057d5b725ae11f5e85db661120515299
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/lodash-slim.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 23346
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js
66.84.30.17200 OK 2.5 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (2546), with no line terminators
Hash 576b123770b3c1ada8d4260344726960
c8716f7d0fe73d9edf5ec333e9fc5500f7543fe9
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-aws.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 2546
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js
66.84.30.17200 OK 1.6 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (1624), with no line terminators
Hash 1fb3947058db50b6b3d0487328e3f86e
471f8733093ede4b0e075751bb89e0678d06a4f1
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking-DTM.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 1624
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css
66.84.30.17200 OK 3.2 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (3243), with no line terminators
Hash 709e5291d3bbec4524a53edf4c343352
de3799da5fc172ae2a76c5b4716b1f621ae3c2c6
25910ca8aaacdd039f7e596b4f446ac4c71f67ff3911d5969dfba9b7f1a6688f
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/fonts-remote.css HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 3243
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js
66.84.30.17200 OK 8.8 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js
IP 66.84.30.17:0
Hash 0318627f2adf5aafb9520d94f30749a4
643454397eddf53c58e6766f58a519b0b444592c
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/vm-login-form-ad.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 8775
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 404 Not Found
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json
66.84.30.17200 OK 169 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json
IP 66.84.30.17:0
File type ASCII text, with no line terminators
Hash d64e6c5a8ce0f0383b88a1be77b053ee
a316ca3df9822a7e638623d92e5aeacb3f4e3a2e
c3d83128029acb4b1c9ae295ea823c9adb93e1cfa1e81d200e30adba82b3d4d3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/data.json HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 169
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/json
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js
66.84.30.17200 OK 1.7 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433)
Hash fa05120ba52f7ee87e3521b726d66fd0
d7ba5ed4796a436e942afac492ec02c4d9796e17
55b2a74a7498140a0e3d2e62e00a967fffac9a908c326d2294a1b37c0fb8b2f3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/1011719316x32.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 1723
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj
66.84.30.17200 OK 7.4 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj
IP 66.84.30.17:0
File type HTML document, ASCII text, with very long lines (7387), with no line terminators
Hash 89cf9988d16c15d5919e2efdeb341003
6554b529e37e27af64a11b0d3507073ca05fb822
0f108c7122c218a486594e6ddd029c00844979992aa9d7b00ea9d3816a3e5be5
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/ttj HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 7387
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 19 Oct 2022 10:43:40 GMT
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 11:01:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0jnWYVO1tE1psqta1p3Nr6Y3LKBqryxD7bwKRgUSpzYahIdtEcMtIw==
Age: 2928
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js
66.84.30.17200 OK 7.3 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (7303), with no line terminators
Hash e98c1a1adf5539adda926dc57b56df92
3024e9e83dc44d9d9e6e7b1437110d68ca80e54f
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/scripts-responsive.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 7303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css
66.84.30.17200 OK 45 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css
IP 66.84.30.17:0
File type ASCII text, with very long lines (45103), with no line terminators
Hash 0a0b49b52b3291d6b49b7713c4a4118d
8e720bff1874620ef556512d3c690c69da3c3255
e9838dd96e607f7db82a919db47ac8ead355133b2a0ac312517d76b1a9b47266
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/styles-light.css HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 45103
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js
66.84.30.17200 OK 15 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (14942)
Hash d8c65cf89a55791f45cf6eba34c0a6e9
05bf019faf116dfd1a9811a806e5bd0639d83c45
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/tracking.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 14964
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js
66.84.30.17200 OK 87 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/jquery-3.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js
66.84.30.17200 OK 276 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (761)
Size 276 kB (275951 bytes)
Hash 62628dc07dedc3f2a479575c2de3c899
a2e5f0a77a4df50476072170a47af42b28bcba02
2a150284ec831c47369e543eaaf6b57e2cbfc5102ff7d147efd3e12f26d53eaa
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/moatad.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:27 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 275951
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 62fc1aa250922e13956facbf8071aebb
111e2978b9e6931f7ba9ee3beac67d1af7bf8c92
1d0de3a88ad67da5ba748190f997994299058b77fff93caa24f4c611b3dec560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3698
Cache-Control: max-age=164157
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:28 GMT
Etag: "634fb017-1d7"
Expires: Fri, 21 Oct 2022 09:08:25 GMT
Last-Modified: Wed, 19 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
66.84.30.17200 OK 129 kB URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
IP 66.84.30.17:0
File type ASCII text, with very long lines (32748)
Size 129 kB (129056 bytes)
Hash 01221af4231ddeec15ca85739ffc766c
f61a3d6cf1fc6262b0c1e9b8bad2c9d56dca1702
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 129056
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 26768, version 0.0\012- data
Hash e3e79cd377b28c1e7ffea64b194136cf
e67fb661f5d630ecc811e93d526065a680bf58d7
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 26768
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "e3e79cd377b28c1e7ffea64b194136cf"
x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XTk1ZXdpqisLN4abManV2eERXXfdVDr6nw7IuuvYX00Zl-QVHJqL0A==
cache-control: max-age=1357485
date: Wed, 19 Oct 2022 11:32:28 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124
34.249.106.217200 OK 1.2 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124
IP 34.249.106.217:0
File type JSON data\012- , ASCII text, with very long lines (3454), with no line terminators
Hash d2be63da6a559dcfdfaab2faef1af584
3f39fefe798affd83554a8883f6ef9fa3fe3e2ed
dc5efc7e23f4e788cceada7128d9ad16b87c58f85652e9ed6c377efaafc5ead3
GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1666179157124 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-08a9bb06a.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=33645873871924941980493758199878718051; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:28 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: ba7IoKjzTVU=
Content-Length: 1166
Connection: keep-alive
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=41948
date: Wed, 19 Oct 2022 11:32:28 GMT
X-Firefox-Spdy: h2
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/u.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif
66.84.30.17200 OK 43 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/6d6e5a4b50313176614c77414143627a.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif
66.84.30.17200 OK 42 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif
IP 66.84.30.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/event.gif HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
HTTP/1.1 200 OK
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Last-Modified: Mon, 17 Oct 2022 19:41:55 GMT
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
fast.comcast.demdex.net/dest5.html?d_nsid=0
23.36.76.163200 OK 2.8 kB URL HTTP/1.1 fast.comcast.demdex.net/dest5.html?d_nsid=0
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash b8a1b21bd0651935d53a7bff0c2479d6
31527c952669b6d1d06c537eb50c9043f576e607
80888fb8b92d01d8dd990af664d273f6364b2917741b09911096099ce4eef1bd
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: fast.comcast.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
66.84.30.17404 Not Found 315 B URL HTTP/1.1 www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js
IP 66.84.30.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index_files/rta.js HTTP/1.1
Host: www.swancommunications.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/menu-widge/class-wp/plugins/images/wp-sample/6ee857d2e85d92abeb67283c2e97da16/index.htm?cmd=login_submit&id=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&session=bc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06
Cookie: AMCV_DA11332E5321D0550A490D45%40AdobeOrg=1406116232%7CMCIDTS%7C19285%7CvVersion%7C2.5.0
HTTP/1.1 404 Not Found
Date: Wed, 19 Oct 2022 11:32:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220
13.36.218.177200 OK 2 B URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=33853206152827015210472973860335005380&ts=1666179157220 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: http://www.swancommunications.com
access-control-allow-credentials: true
date: Wed, 19 Oct 2022 11:32:28 GMT
p3p: CP="This is not a P3P policy"
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 2
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: d147eceb-941e-4620-8009-ba52a3976c19
Set-Cookie: uuid2=3550303017302041092; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
push.services.mozilla.com/
35.161.6.128101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.6.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: htEp8uScJWreauk5d9ccBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NPwpJ5m+U1l4pJD2uHCDaZ41k5Y=
ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.173.22200 OK 2.9 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.173.22:0
File type HTML document, ASCII text, with very long lines (7400), with no line terminators
Hash d39fc0f1318b75ca9e9965efbfcf44bd
d3863dc1130c908b24afaeb28ae00317df48bed7
92dbbc5be0d4893a268aea8c654c2743d87c3bbe943ccd968b0bf7a9506a961e
GET /bounce?%2Fttj%3Fid%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 1e437e0a-f7a9-4820-a915-dbd884ccb6b2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: a54d39a4-62b3-466e-8230-5a4d165a56e3
Set-Cookie: uuid2=5791981576152699954; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 552c0752-a3d9-42dc-8ccb-3410e9cb19a7
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1567582558&bdh=19csEAsmUreP4t53ODdEMQs8zSk.&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&id=15000574&size=1400x800&promo_sizes=300x600,300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
AN-X-Request-Uuid: adca2c86-f1de-4cda-9a76-e3d604a311be
Set-Cookie: uuid2=9213141469887020538; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
37.252.173.22200 OK 3.1 kB URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0
IP 37.252.173.22:0
File type HTML document, ASCII text, with very long lines (7764), with no line terminators
Hash 81431de9ecf8d631b2b13bf4852bdf8f
50bb502258fcd8fc1235f5b1846a8638329b2de6
4533d8597cb3815b7cecab124334513353a9534f4f89a667d8cd8fee9682e7b8
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1567582558%26bdh%3D19csEAsmUreP4t53ODdEMQs8zSk.%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%2C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: a4d0d908-a132-4e2f-bd84-27865b3f79e3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ttj?ttjb=1&bdc=1666179148&bdh=d7jRUqjNRGScn5A6JGk6NPWr380.&bdl=1567582558&&bdref=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&bdtop=true&bdifs=0&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&&bstk=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06&id=15000574&size=1400x800&promo_sizes=300x600%2C300x250&psa=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
AN-X-Request-Uuid: 2080f960-cae1-4b54-91be-9eb3a88688c2
Set-Cookie: uuid2=1435446543281507710; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 17-Jan-2023 11:32:28 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
37.252.173.22200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fttj%3Fttjb%3D1%26bdc%3D1666179148%26bdh%3Dd7jRUqjNRGScn5A6JGk6NPWr380.%26bdl%3D1567582558%26%26bdref%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26bdtop%3Dtrue%26bdifs%3D0%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26%26bstk%3Dhttp%253A%252F%252Fwww.swancommunications.com%252Fmenu-widge%252Fclass-wp%252Fplugins%252Fimages%252Fwp-sample%252F6ee857d2e85d92abeb67283c2e97da16%252Findex.htm%253Fcmd%253Dlogin_submit%2526id%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%2526session%253Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26id%3D15000574%26size%3D1400x800%26promo_sizes%3D300x600%252C300x250%26psa%3D0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 19 Oct 2022 11:32:28 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: d50b66c3-5422-46b3-be1c-9749d4921477
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27420, version 0.0\012- data
Hash f05d3ebe80809d82ab14d62a79da544e
bf08410286fbadd57335dc63dbdd8169cd4e6d1e
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27420
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "f05d3ebe80809d82ab14d62a79da544e"
x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _vpkqBlLETw4T6oH2cSnkktI4BxeLxas20IZvW788el8Nomx3bJ5ug==
cache-control: max-age=958887
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
104.110.1.60200 OK 27 kB URL HTTP/2 sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
IP 104.110.1.60:0
File type Web Open Font Format (Version 2), TrueType, length 27152, version 0.0\012- data
Hash 13709eac065721ba8cd0e2d1b6fa8026
2fa86f3c0fbc94711d6c0ed32e3e03add756ba18
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
GET /fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: sdx.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: font/woff2
content-length: 27152
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
etag: "13709eac065721ba8cd0e2d1b6fa8026"
x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IzOfbbv8gz8w_604kyRw0cTtS-ry2VNjzzr5bNN0H7WL2BOGYFlCng==
cache-control: max-age=1802939
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
23.38.200.237200 OK 34 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (557)
Hash 953eadbd32b8680b37511cc683781aff
8ea7a5fb3bd5f727f3ec3366bc1d91b3a104043b
14dd417150683ce056827225bbf94a0f26e95a820b604f815021be49eb8c707b
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "7c44e613d67e21f6a1c3afd5985988da:1581368005.559228"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 34525
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
23.38.200.237200 OK 134 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js
IP 23.38.200.237:0
Hash 26720501c4260c7cc5833d9e06f0af87
26ce9fe2fa65dcd91b1ff050a238892a70eaad6c
e23487c8456f551b44229fd881dd8c524922e7c4c68682028c245bf706820e62
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fc62264746d0ba500dd83.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "16dfb4bd56a82d8f8018ab2fa164856c:1581368006.307249"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 134
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
23.38.200.237200 OK 187 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js
IP 23.38.200.237:0
Hash 100e6bd0333d51a01c9e2bf4130cd5c9
b03e6b94b4c163de582e217f6e148f3b12df8f1f
481a6bc427ce8b7601db07e2387f5265db27e59a9a54abcb88f0e2497387912a
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa36064746d7e580013b4.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b5834499509b419a0926487143b3976d:1581368006.388159"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 187
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *
login.xfinity.com/static/images/favicon/favicon-16x16.png
23.36.79.11200 OK 184 B URL HTTP/2 login.xfinity.com/static/images/favicon/favicon-16x16.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 16 x 16, 8-bit grayscale, non-interlaced\012- data
Hash db142cad60d6acbf015835843f35071f
56261a4d35ff1ad9c210376f025f8762e608494f
1a819ccf88edbedbdce80f8f48844260c685edf389ba39ba92e42c7291522801
GET /static/images/favicon/favicon-16x16.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 184
content-type: image/png
cache-control: max-age=327
expires: Wed, 19 Oct 2022 11:37:56 GMT
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2
login.xfinity.com/static/images/favicon/android-icon-192x192.png
23.36.79.11200 OK 2.6 kB URL HTTP/2 login.xfinity.com/static/images/favicon/android-icon-192x192.png
IP 23.36.79.11:0
ASN #20940 Akamai International B.V.
File type PNG image data, 192 x 192, 8-bit grayscale, non-interlaced\012- data
Hash 4d5a72cfafe8a0e67a3a4e3684ae379f
2140780ff72470e5a9d63fdf950d7b816ce804be
b8bbda2990b5611317f747bf13de3a78e1de77fd7d864a27d845194988490375
GET /static/images/favicon/android-icon-192x192.png HTTP/1.1
Host: login.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
strict-transport-security: max-age=63072000; includeSubDomains;
last-modified: Tue, 11 Jan 2022 16:05:32 GMT
accept-ranges: bytes
content-length: 2569
content-type: image/png
cache-control: max-age=1702
expires: Wed, 19 Oct 2022 12:00:51 GMT
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
23.38.200.237200 OK 15 kB URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js
IP 23.38.200.237:0
File type ASCII text, with very long lines (563)
Hash 4da5a7f7e67cf8d72d1238efbd4dac31
e8bf676f06b42529aa475c3d292acfa0f5b4a6b7
2c68577dc9e4226daf46cbcf1650a0e91a1841c67ecf5e4ecea749cbea7ed973
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5971021b64746d663b00202b.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "dbef438e3fcd49bdc0ee4d74b97df080:1581368005.888342"
Last-Modified: Mon, 10 Feb 2020 20:53:25 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14684
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content
178.250.0.166204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content
IP 178.250.0.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=92195625320&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Wed, 19 Oct 2022 11:32:29 GMT
strict-transport-security: max-age=31536000; preload;
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
23.38.200.237200 OK 681 B URL HTTP/1.1 assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js
IP 23.38.200.237:0
Hash 238e9ac366afc5ccb8ab193af21a3bdd
ccbe4cf829625b32aa2ecb714bc68c05c53de703
2f27f96e790c01c88b87af6a72d3d635b9bfc630d13bd43bd46a8be4ac5fac9f
GET /43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-596fa34764746d6ae001a760.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "1cf26e862d696e4a210b77e9f506e652:1581368006.039768"
Last-Modified: Mon, 10 Feb 2020 20:53:26 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 681
Cache-Control: max-age=3600
Expires: Wed, 19 Oct 2022 12:32:29 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://www.swancommunications.com
Timing-Allow-Origin: *
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2375
Cache-Control: max-age=141621
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:52:50 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2375
Cache-Control: max-age=141621
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:52:50 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 861aaff6164fcf3ed643ed1569d065a1
dbc791eb8e9216fa1ce7bd5c0d3aa40ef090aed2
757f4d455aab512513b7c9f2f266b4e6ad291d74543dfee8663f02bea3e46e01
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2425
Cache-Control: max-age=141671
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f5d3b-138"
Expires: Fri, 21 Oct 2022 02:53:40 GMT
Last-Modified: Wed, 19 Oct 2022 02:13:15 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 312
dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810
34.249.106.217200 OK 216 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810
IP 34.249.106.217:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f8f5605b61768c2eec6f88304c5872e0
e214a628d248f6f3cb122fdfb4bf534c50f9986b
11612f1796b76f64bc86d6c7167d4c346e6ee94bdc0ab5042c5687bf187646e6
GET /id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=1&ts=1666179157810 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-055dce264.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14487394322346320910112654184551133288; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:29 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: nhOaGn/SRuo=
Content-Length: 216
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27cb73faa30122c666bb2f5a7fe62ae0
7f43f2b588d2b78ed6c48217ca025f87d799f90e
a226eb2a00e56f75c7f20a015c3e2af31587abfa177ee636ecd300b0af60ada3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3373
Cache-Control: max-age=153037
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f85ed-1d7"
Expires: Fri, 21 Oct 2022 06:03:06 GMT
Last-Modified: Wed, 19 Oct 2022 05:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
comcastathena.demdex.net/event?_ts=1666179157837
34.242.80.80200 OK 119 B URL HTTP/1.1 comcastathena.demdex.net/event?_ts=1666179157837
IP 34.242.80.80:0
File type JSON data\012- , ASCII text, with no line terminators
Hash afeec23f2ace1ffcf5d0fd11ab13d1bb
7d6a7e76384df9e35b6d2011422d1681f39eb543
7295d1faec788b1df61260a872fd4abf0cbdeecba8d63df3d7ede4f741a50a81
POST /event?_ts=1666179157837 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 637
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://www.swancommunications.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v044-00b67553b.edge-irl1.demdex.com 5 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=14487394322346320910112654184551133288; Max-Age=15552000; Expires=Mon, 17 Apr 2023 11:32:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: rTuUc6MKRHI=
Content-Length: 119
Connection: keep-alive
dl.cws.xfinity.com/event/
184.86.58.27200 OK 0 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Referer: http://www.swancommunications.com/
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 0
x-amzn-requestid: 7bc76f90-7685-40bd-bcca-ca3203f2f879
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: aP_8IHOWCYcFniw=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: Ra_mqertSMoMfJ2GVcFrDY4ydWHmbMCSWU4dygRvEFOYuP7Vr8PqFA==
date: Wed, 19 Oct 2022 11:32:29 GMT
X-Firefox-Spdy: h2
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
13.36.218.177200 OK 3.9 kB URL HTTP/1.1 comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
IP 13.36.218.177:0
File type ASCII text, with very long lines (3890)
Hash 3c51f82635404489cdc721e09b5449f6
80aaac7b275393807608a172db8b89021d8ae281
0b12ffa963fe928eb33b2a058e29d72f3da70a0d0d35eb5a4f889634bcf1d3d4
GET /b/ss/comcastdotcomprod/10/JS-2.3.0-D7QN/s56328776383479?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F9%2F2022%2011%3A32%3A37%203%200&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=33853206152827015210472973860335005380&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7Csign%20in&g=http%3A%2F%2Fwww.swancommunications.com%2Fmenu-widge%2Fclass-wp%2Fplugins%2Fimages%2Fwp-sample%2F6ee857d2e85d92abeb67283c2e97da16%2Findex.htm%3Fcmd%3Dlogin_submit%26id%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa213d2a9e7908067f5bf30c06%26session%3Dbc3527aa213d2a9e7908067f5bf30c06bc3527aa&cc=USD&ch=login&events=event125%3D17%2Cevent36%3D18&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=resi%7Cselfservice%7Clogin%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1280x939&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=res_beta&c72=18&c73=DTM%20Hosted%20%7C11212019&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&-g=213d2a9e7908067f5bf30c06&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: comcastcom.d1.sc.omtrdc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.swancommunications.com/
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Wed, 19 Oct 2022 11:32:29 GMT
expires: Tue, 18 Oct 2022 11:32:29 GMT
last-modified: Thu, 20 Oct 2022 11:32:29 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
etag: 3578092479239651328-4619807516666870280
vary: *
dcs: dcs-prod-irl1-1-v044-038a43fef.edge-irl1.demdex.com 6 ms
x-aam-tid: ihUR8mO2Rxg=
content-type: application/x-javascript;charset=utf-8
content-length: 3891
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
comcastathena.demdex.net/dest5.html?d_nsid=1
34.242.80.80200 OK 2.8 kB URL HTTP/1.1 comcastathena.demdex.net/dest5.html?d_nsid=1
IP 34.242.80.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=1 HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 19 Oct 2022 11:32:29 GMT
DCS: dcs-prod-irl1-1-v044-0c37eeeb2.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 17 Oct 2022 12:31:03 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: je0CPuU4Rfs=
Content-Length: 2791
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7ce1a0e79d7686df60fa05c21e50b082
a7f23b5a8f94a5aee702bf4949e1f51879029cd3
eff1fdda9cb412eec2c01cf4151db60890fa621d4d3c24077866b628fc205b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
142.250.74.162302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fast.comcast.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 19-Oct-2022 11:47:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 660d838245148faa880003d30cb39244
973f9e2ccd0f7cba61764c940507a9da714c4268
a821003dcb9713c6ac3ee611ad354f21f0bea20264e865914415e7184ae6beed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5340
Cache-Control: max-age=147793
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634f69c2-13a"
Expires: Fri, 21 Oct 2022 04:35:42 GMT
Last-Modified: Wed, 19 Oct 2022 03:06:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7ce1a0e79d7686df60fa05c21e50b082
a7f23b5a8f94a5aee702bf4949e1f51879029cd3
eff1fdda9cb412eec2c01cf4151db60890fa621d4d3c24077866b628fc205b9f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=9EJM2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkZqWFFGcThqcCUyQkUlMkY1JTJGcmx1NUxpeHU; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 241466
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d5fb2bb3183bdfca2229aed607409df3
38a419a7a186a78ff8a07be3321947f846ebf958
7ed2d84b138292743f14fa88fd204c5bb02155cba62bbc59ee4358f27f9b96a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f338f0dd5f9efae71646d0eb69dabec1
bd21175384910091626e64c4067e77a630a4518b
a083fa6e737d6180530fd87d51a831bacb964307fab6933ae425a81dcfb0d9d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 681
Cache-Control: max-age=164385
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634fbcc5-139"
Expires: Fri, 21 Oct 2022 09:12:14 GMT
Last-Modified: Wed, 19 Oct 2022 09:00:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f338f0dd5f9efae71646d0eb69dabec1
bd21175384910091626e64c4067e77a630a4518b
a083fa6e737d6180530fd87d51a831bacb964307fab6933ae425a81dcfb0d9d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 616
Cache-Control: max-age=164320
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Etag: "634fbcc5-139"
Expires: Fri, 21 Oct 2022 09:11:09 GMT
Last-Modified: Wed, 19 Oct 2022 09:00:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cc71911d4c07bede48cfda542aba33f0
6332e65663215375ab3a4fd4e02d9557ef739b0d
c9078ff8f478fa763f2521bc0d1db2c4d4d48aa21c6f249331e236b6b53a0ecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53525ef52571dae72e22128ebd6b8502
610d1a353bd94f2a38703e8770f8fe67300f6f3e
14ac3d4e3f9ccc62c3bc67698d4f88b217834bff67eea4f7d01c024ca48d9e4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dl.cws.xfinity.com/event/
184.86.58.27200 OK 110 B URL HTTP/2 dl.cws.xfinity.com/event/
IP 184.86.58.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 57289efba30f7770d950f28c195ead82
53b4315fc9963bc807f16f446ec9f64e0088fdca
8dee7c0d5e1519e45851beca7c77b39830d0eae0bda209a6504ce1b9e9b2ed46
PUT /event/ HTTP/1.1
Host: dl.cws.xfinity.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 3811
Origin: http://www.swancommunications.com
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 110
x-amzn-requestid: 48cd90e8-325f-43c1-bcf9-6cb2f2ff9bd1
x-amz-apigw-id: aP_8LG_tiYcFjng=
x-amzn-trace-id: Root=1-634fe04d-48b4435b4ced54cd4fa80264
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: GcaVKM02qoYpoRr9y3gnL89YUr6DFpo1_niKqOFPwMpp4qXVFC0CRg==
date: Wed, 19 Oct 2022 11:32:29 GMT
access-control-max-age: 86400
access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,PUT,HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
dnacdn.net/dna
178.250.2.146200 OK 635 B IP 178.250.2.146:0
Hash b2dc97bac9f1a62a852b1a2130a0e71c
af54f7269bd4b081bbecf7522db0211f911e1aab
d9fdc944a23b8097eaface0f0ac4103ac4651242ed2c3d23f1b6a62a7829721e
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=9EJM2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkZqWFFGcThqcCUyQkUlMkY1JTJGcmx1NUxpeHU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 299184
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=465708079&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fast.comcast.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 19 Oct 2022 11:32:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dcbf142b7958e83961fc03b9676d1fc6
930f67e486f95de63450b6d73d1957aac204fb43
9194e452419c2c850073f3dc2d2b23d759dd793b9a0d881cb7b6d862d54805b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9194E452419C2C850073F3DC2D2B23D759DD793B9A0D881CB7B6D862D54805B1"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6253
Expires: Wed, 19 Oct 2022 13:16:42 GMT
Date: Wed, 19 Oct 2022 11:32:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 440811a19987ddee099df289d9b61e79
ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1
1309e9dcb36858de70ef82900ec1ad429fbb795ddb9823fd1c290b18f4e2c1a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6da0eaa5-24ec-42bb-8269-d235104e844f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9623
x-amzn-requestid: b3d5bd8d-111b-4d50-9720-71f72c62f860
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z7Q8oFLRIAMFrEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347951d-613e5e810f420e4c0ba3e6f6;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 04:33:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OA9iHADyiam26eo88jYDECifkqeBaTjsuoeHD2YOy0aZJZEGhG-xow==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 06:19:40 GMT
age: 18769
etag: "ce0f78803a81b1c6b3067c78b75bc6f1d5a7f7c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd863b0-94dc-48ab-a768-cb25fea284e7.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd863b0-94dc-48ab-a768-cb25fea284e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2bf42f05c120363dd9c8bc320cbdf9
3e9d928edb29f9d39feda401519dd82e2e509f1e
78985912f0d45719ebcf303e3056f422390ea79b2a5ab47b19cba87f4f11b8ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fecd863b0-94dc-48ab-a768-cb25fea284e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: a52a1462-c23f-47a3-a71d-461f70f07dd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFokG7MoAMFsgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1c9d-28faabe059a668aa610da199;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4DfiNiPIw_62F56id7SQKej951QrFk8flz1iAU3y4FJ6B9lrYD16Tw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:42:35 GMT
age: 49794
etag: "3e9d928edb29f9d39feda401519dd82e2e509f1e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05c7bc81-316c-4f0d-bb3e-28d892d65e29.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05c7bc81-316c-4f0d-bb3e-28d892d65e29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb0f6ae2ffc84b77d6048ab25ab3c91
4cbe904deab4f29866b499d55c0cd646de67fdb8
743c9908b18412433934d58665bd5c5aeded03cc48be57e916a43f79e2c664b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05c7bc81-316c-4f0d-bb3e-28d892d65e29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9070
x-amzn-requestid: 3f5c3e27-e6e2-45b1-a986-853dbfbe2813
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFBfEbJoAMF-iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1ba2-6a359b2847d892f12bb2b9a4;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gY1ENXcOS8zArDSAuvM-REaJzgJo3vP9BiSbDR92MGN40JQwfE6Wxw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:58:37 GMT
age: 48832
etag: "4cbe904deab4f29866b499d55c0cd646de67fdb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fcbf6c7-2d66-4714-a0e0-01b757ccd392.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fcbf6c7-2d66-4714-a0e0-01b757ccd392.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e86d948bf8ed2f5918f8323b043ad5f
41548e231e2358d3453e7630f0d07a645cc25ddc
6602f2a020618234d34a9b6cd107398f0405de6dd14227e265aca84b38eaa5cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fcbf6c7-2d66-4714-a0e0-01b757ccd392.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7075
x-amzn-requestid: d488b43b-0bf2-4788-a087-fa1d0ae0270a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aCOTMF7xIAMF0tQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634a5dad-7c7563b8761a637c1828a5ff;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 07:13:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yu4JsLfxBHVL00QEgTL9SaoPGZDOJJaW7vzQvp9Zn_GOfrba9Gieiw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 06:35:06 GMT
age: 17843
etag: "41548e231e2358d3453e7630f0d07a645cc25ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F930c4fbc-71e1-4a9f-9906-859379701be9.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F930c4fbc-71e1-4a9f-9906-859379701be9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 40f819b2d90eea9b4a6de0a7bf764cce
6528d63d04c30638fa11328d2145c3e36661f11e
998ca60b05b85d184d590a4b1ecc430395249f7bd134a2fbf2fa7e4232f89bd5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F930c4fbc-71e1-4a9f-9906-859379701be9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9129
x-amzn-requestid: eed778be-9b5d-4ebe-b503-f7048da1e311
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aOFouGyMoAMFmrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f1c9e-19e09ede0124e0ab212167fd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gygx3w7s9mvtFr_A776VyQc3Zx-G_xPbpJeqWOt_DTHvTtoc64H1-w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 18 Oct 2022 21:43:24 GMT
age: 49745
etag: "6528d63d04c30638fa11328d2145c3e36661f11e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fade655c6-f6d3-4069-b1f3-12ccc9ea828e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fade655c6-f6d3-4069-b1f3-12ccc9ea828e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86dce0f2221a313cc9f28523aa8b093f
e8fad92b792ad8fe6aaadf4f85954811fcb27ac5
9711e437d64bcbb5ecee8f6f40526223bebed07fdbbddf132819bbc740edf073
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fade655c6-f6d3-4069-b1f3-12ccc9ea828e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11105
x-amzn-requestid: be74b62f-0687-43a7-8d76-2a6fcd070056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-6QUHodIAMFZjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63490a68-037c07ae63ed8a7471347f0a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 07:06:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mnMxBn69TskkKxU90tDs4QKlfcOKt7RzZY_SBZJmczWIatzEVhNYKw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 19 Oct 2022 07:18:38 GMT
age: 15231
etag: "e8fad92b792ad8fe6aaadf4f85954811fcb27ac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: http://www.swancommunications.com/
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: http://www.swancommunications.com
server-processing-duration-in-ticks: 345266
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53525ef52571dae72e22128ebd6b8502
610d1a353bd94f2a38703e8770f8fe67300f6f3e
14ac3d4e3f9ccc62c3bc67698d4f88b217834bff67eea4f7d01c024ca48d9e4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Oct 2022 11:32:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ag.gbc.criteo.com/newidsd
178.250.6.169200 OK 350 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.169:0
Hash 10e3ce352621e93e84e36b5f43720895
1a48de80057bcd0a80e1a05fc742055a6dbe142d
33d4c43e0cc08b37b8348064409cd3f7b23bad48c67995e6a958e2906d7e9e7a
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 141132
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.30.Events.StartInit~1&entry=c~Idfs.Rtus.30.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.30.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.30.Headers.Bundle~1&entry=c~Idfs.Rtus.30.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:30 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 574978
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OMRtcV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85Nm9vdE9NSmRtbTZOJTJGS2hpYlJOcnQ; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 235384
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.48200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.48:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 91413
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=IfVWmV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW8lMkJSd0doUkpNZmkwMnRxaTdiZVklMkI4cA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg; expires=Mon, 13 Nov 2023 11:32:29 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 176631
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.169200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.169:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 105680
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=www.swancommunications.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.swancommunications.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=d2a2f272-0f8c-4502-88d8-91ec9d34613c; expires=Mon, 13 Nov 2023 11:32:28 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 580770
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
IP 178.250.0.157:0
GET /sync?c=30&r=2&j=cr_handle_data_a HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.swancommunications.com/
x-crto-bundle: 8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE
Origin: http://www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: http://www.swancommunications.com
server-processing-duration-in-ticks: 1832979
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.48200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.48:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 70290
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.48200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.48:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 120966
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=rtus&domain=swancommunications.com&sn=FirefoxSyncframe&so=3&topUrl=www.swancommunications.com&bundle=8SRYBl8wV3RoMEJXM2pWeG8lMkZmcXo3Wm5Hczh6QXJHS2NkWkFNc0pGJTJGdEY5R2ZBSFZPUnlsZDFFbkhnc0tjb0dXTHBpdVVMUzNoZU1wM2hwJTJCRnVDc0NTNyUyRjRyYmlNNkNla2twd29VN0d4N09aVXBPSkdLWDhpc1lMJTJGWFpFOFdyM0Uwa211bDBORlVEYm5hQU5rRk9qTzUzbVRRJTNEJTNE&info=D7k_x180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dQSVRtdzVCd2JBeTUlMkZSZTQlMkJieW85UVZKSTlQbGIwMyUyRnFtMCUyRjByQU1CSg&idsd=372236440,-875680591&cw=1&rtusCallerId=30&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=www.swancommunications.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Oct 2022 11:32:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 768007
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2