worldcommonjournal.com/4/3735488/
301 Moved Permanently 0 B URL HTTP/1.1 worldcommonjournal.com/4/3735488/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4/3735488/ HTTP/1.1
Host: worldcommonjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 01 Mar 2023 15:50:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 01 Mar 2023 16:50:53 GMT
Location: https://worldcommonjournal.com/4/3735488/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEHAyHZ7Fhz4ZHp57L1K2OQOg8jDYDXq2OpdAL%2BdmBIJk67CQ1PPdwbxAqxrzxkQaSaTahMaRZpoQ8vX1E6ZF14SO7G%2BQlT73pYNm2BqqP7%2BVeg1skzR9acgShWa2mliSGw9Vly%2BTnO2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a128ee8acd4fab4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b44b6d7bebf34d0393567b22a63a93fa
a1a85b268bc8073d8e4622ceb78b78a1b39af96a
4b69973af6e9c5a78d94e8661b08d9349176a515e7bfb3386b10ace4c6f1ae21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B69973AF6E9C5A78D94E8661B08D9349176A515E7BFB3386B10ACE4C6F1AE21"
Last-Modified: Tue, 28 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3964
Expires: Wed, 01 Mar 2023 16:56:57 GMT
Date: Wed, 01 Mar 2023 15:50:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5997f91ebc2eb50daf9983503bf68d86
9e173d1ec3154a6e77b673bc1ce382a531f01965
e2293a78d786cee4e424a86f17ffc821883a5da3628136dd3064c4c82ce68d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2293A78D786CEE4E424A86F17FFC821883A5DA3628136DD3064C4C82CE68D5A"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6947
Expires: Wed, 01 Mar 2023 17:46:40 GMT
Date: Wed, 01 Mar 2023 15:50:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Mar 2023 15:12:50 GMT
content-type: application/json
age: 2283
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1fc53096a9ed90534f34db55765fe755
00462323483a73d48261b8e8a0981bec58ef832a
bcfb9a09fd0882661e1eddc5bde947142897dfe816d535ed2cbfb1aa34823bd7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFB9A09FD0882661E1EDDC5BDE947142897DFE816D535ED2CBFB1AA34823BD7"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9913
Expires: Wed, 01 Mar 2023 18:36:06 GMT
Date: Wed, 01 Mar 2023 15:50:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xwWknTOJ+rjyMKfbEWqWG4aZxKxyW89TpS4UnLRu7FHQd/mn00aPtR39P4D+4pbwi1F5tuPiHmw=
x-amz-request-id: CS129N7XEMRM0RVN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Mar 2023 15:15:02 GMT
age: 2151
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash ef9e5ea6368fc8b605564f1413a06508
770299ec595b9cd8c51f59816da7f28d07089ec5
2f8eed4604b455641972466c952c5aa41356f31195a5bf505deb75c7cf60f2f6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2F8EED4604B455641972466C952C5AA41356F31195A5BF505DEB75C7CF60F2F6"
Last-Modified: Mon, 27 Feb 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2345
Expires: Wed, 01 Mar 2023 16:29:58 GMT
Date: Wed, 01 Mar 2023 15:50:53 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 15:50:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash ef9e5ea6368fc8b605564f1413a06508
770299ec595b9cd8c51f59816da7f28d07089ec5
2f8eed4604b455641972466c952c5aa41356f31195a5bf505deb75c7cf60f2f6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2F8EED4604B455641972466C952C5AA41356F31195A5BF505DEB75C7CF60F2F6"
Last-Modified: Mon, 27 Feb 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2344
Expires: Wed, 01 Mar 2023 16:29:58 GMT
Date: Wed, 01 Mar 2023 15:50:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 74367d6b19fce5fa907f5b42ed1a68d3
c6489eaa01839e946d0807bfa1955e495b38792f
86fafe94e9d7a2f5c14abf5e8cb9a0508729fff3c291e7f38a974b400a4211bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "86FAFE94E9D7A2F5C14ABF5E8CB9A0508729FFF3C291E7F38A974B400A4211BC"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7705
Expires: Wed, 01 Mar 2023 17:59:19 GMT
Date: Wed, 01 Mar 2023 15:50:54 GMT
Connection: keep-alive
my.rtmark.net/img.gif?f=merge&userId=ed891d823854484f80ab94f6b027fae1
200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=ed891d823854484f80ab94f6b027fae1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=ed891d823854484f80ab94f6b027fae1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 01 Mar 2023 15:50:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ed891d823854484f80ab94f6b027fae1; expires=Thu, 29 Feb 2024 15:50:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Last-Modified, Backoff, Alert, Cache-Control, ETag, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Mar 2023 15:12:25 GMT
age: 2309
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a518b418b3b845c6c4f61b595d07d29e
fa6b54344b3e4dfb5c6f16090825264152907bd6
b797e9b583b27d9c7288b67ecd1c8fc0da8a0ff8ac6d335f3d6e0bed653f2aed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B797E9B583B27D9C7288B67ECD1C8FC0DA8A0FF8AC6D335F3D6E0BED653F2AED"
Last-Modified: Mon, 27 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8200
Expires: Wed, 01 Mar 2023 18:07:34 GMT
Date: Wed, 01 Mar 2023 15:50:54 GMT
Connection: keep-alive
indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
200 OK 1.9 kB URL HTTP/1.1 indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2184)
Hash 9380e32e2c4d7106471813dbba2e2568
d2b2e8562e416bf1258fdcfe763d990a918077cf
47d3263c32e5e41378dd0e9ed5103e579026cb1152090cd3171188c23c973979
GET /click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=gxx92tzw; expires=Thu, 02-Mar-2023 15:50:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6; expires=Thu, 02-Mar-2023 15:50:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/9cc8f7eaec4aa7b5a3d8a1e8900acc0b.static.css?1643624258
200 OK 655 B URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/9cc8f7eaec4aa7b5a3d8a1e8900acc0b.static.css?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash 64836db20736f1e7995b43489b4bf0ac
a0db33db05acb39dd01d9f19f5eed634682b0ead
d4d21bac4b13cac53c0b921c3aa69d1e010a32ad3ccb7498821aa6e763e71c87
GET /landers/mcafeecleanlp1_noredirect/lp1/9cc8f7eaec4aa7b5a3d8a1e8900acc0b.static.css?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: text/css
Content-Length: 655
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-28f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/baa1d5d5027c5653452694f0f66ce039.static.css?1643624258
200 OK 2.1 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/baa1d5d5027c5653452694f0f66ce039.static.css?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash 4c9f09a9675607afbddf827aaeefcb61
c341d14ed81d4789d998b01d6afa2a7ed6c9607a
808e3f0ad00c29cb12bee57b3eef2e22b83847aba521b2c34c1400bfcc00509a
GET /landers/mcafeecleanlp1_noredirect/lp1/baa1d5d5027c5653452694f0f66ce039.static.css?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: text/css
Content-Length: 2054
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-806"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/4b3ac8adf00db4ad50528231b01fc05d.static.js?1643624258
200 OK 2.3 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/4b3ac8adf00db4ad50528231b01fc05d.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash 4794a3102f0351b663eb39ff6e35f2dc
4a5b15b20844e05e77ec9f209f0a26800d3e628f
27c3394abd8f7828961ee62fd1e725aa6837d61f457d50c7127625c9248a87c6
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/4b3ac8adf00db4ad50528231b01fc05d.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 2333
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-91d"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/e5cb773f86887726adf00544b772f96d.static.js?1643624258
200 OK 1.1 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/e5cb773f86887726adf00544b772f96d.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1074), with no line terminators
Hash b93c2e03ce7a45d313a6b7deba058cc5
27f22eb9c15e5e3671493517c56f9952c8a6ac09
6639d11ceed4d2c61a2522894f03122e3a147a627cb1c7a86fd9022cb62ac292
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/e5cb773f86887726adf00544b772f96d.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 1074
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-432"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/5b44b57497117d6121c213672ca3b15f.static.js?1643624258
200 OK 2.2 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/5b44b57497117d6121c213672ca3b15f.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash c9e9a54501fc6f6e8918b2c0f2a53981
3d530e6c830ccba6284e79c7245bb45d6f4f2197
491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/5b44b57497117d6121c213672ca3b15f.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 2198
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-896"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/56633b8b6c6c63e283fa74cf426bb4b7.static.js?1643624258
200 OK 1.2 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/56633b8b6c6c63e283fa74cf426bb4b7.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash fcd546809170dd574eb37b989529f69a
2e227e144e3b4bd68064354d8a7fbc61125f624c
350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/56633b8b6c6c63e283fa74cf426bb4b7.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 1157
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-485"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/fef12056a0c6ad0223d68d6b762dd7de.static.js?1643624258
200 OK 6.5 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/fef12056a0c6ad0223d68d6b762dd7de.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
Hash 469e121bb4c4fe159bbca2b4f5a88267
f0c66f226de28b324e4f1ecb766597938f984c60
4706b6d6c3e39cf2915a772595f2cc124e96d0919538b56aa817113e6482c416
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/fef12056a0c6ad0223d68d6b762dd7de.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 6502
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-1966"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/633d8c95262d5_v.css
200 OK 7.2 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/633d8c95262d5_v.css
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7048)
Hash 8d4fba5186f02a0c4458986b0cf91667
785579011ecdda9e4754ca41649fa2fc06453b52
1cfc73a6db9523c12b6b7f5d009bed19c8799eed001f607bd891a1fd838b7739
GET /landers/mcafeecleanlp1_noredirect/lp1/633d8c95262d5_v.css HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: text/css
Content-Length: 7208
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-1c28"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/3c7ab8eec6fffcd8d12633f39560a159.static.js?1643624258
200 OK 87 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/3c7ab8eec6fffcd8d12633f39560a159.static.js?1643624258
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/3c7ab8eec6fffcd8d12633f39560a159.static.js?1643624258 HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 86927
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-1538f"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/7de01cc5e3e9204e191bf3eed0608b3e.static.js?cb=googleTranslateElementInit
200 OK 78 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/7de01cc5e3e9204e191bf3eed0608b3e.static.js?cb=googleTranslateElementInit
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (560)
Hash fb0d9ac7c01bf99ea71aa98c30a48f1b
1b56d240057a5bfd63c9a92fb77f8a9c8e235d9e
3c6772a74ecd1f2cd06d35edf131707816f80282f1af89729ab07cce26f677fc
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/7de01cc5e3e9204e191bf3eed0608b3e.static.js?cb=googleTranslateElementInit HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 77854
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-1301e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/8dda384b688f7e78af5e906b98c2b337.static.css
200 OK 19 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/8dda384b688f7e78af5e906b98c2b337.static.css
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18692)
Hash 028abdb3c23e8b282b583083e56308ec
737f32630b6201cb407e59284ced7111e67060e8
24a7c26261729b65eb532c5572f7c2454e5f4a1a9a33568a409ab23ece261cba
GET /landers/mcafeecleanlp1_noredirect/lp1/8dda384b688f7e78af5e906b98c2b337.static.css HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: text/css
Content-Length: 18746
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-493a"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/2501256b80ce2b760a9aa1403be30d4e.static.js
200 OK 32 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/2501256b80ce2b760a9aa1403be30d4e.static.js
IP
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/2501256b80ce2b760a9aa1403be30d4e.static.js HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 31705
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-7bd9"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: myvEIbB53aMqcwuDgZB15Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I3+lAZAiuqp+l6/1GTOgz0inXFo=
ocsp.digicert.com/
200 OK 278 B IP
Hash e19393d1076db8353d69b068103ce8af
1586b2cfa175f2231b0843fc9cdfd7a24753414f
0971b23147124e6959cd43df45cf1af6ce6cebf676480649d8d0ceaffe93b879
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 74123
Cache-Control: max-age=129092
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Etag: "63fda818-116"
Expires: Fri, 03 Mar 2023 03:42:27 GMT
Last-Modified: Tue, 28 Feb 2023 07:07:04 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Mar 2023 15:49:54 GMT
expires: Wed, 01 Mar 2023 16:49:54 GMT
cache-control: public, max-age=3600
age: 61
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/5ae2bd8608573f29bfe3c426918be36a.static.js
200 OK 271 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/5ae2bd8608573f29bfe3c426918be36a.static.js
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1613)
Size 271 kB (271006 bytes)
Hash 36c0b0dc6a2b384defe57e55f520d051
6b87001d2420fd211212022945186b5d0d368f3f
0ac1b7e02a073dddc8f17e00df8b6651d40fcf8767f6c58a54bab047eb54cc5c
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/5ae2bd8608573f29bfe3c426918be36a.static.js HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:54 GMT
Content-Type: application/javascript
Content-Length: 271006
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-4229e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 075db557635793632d91c6d220714041
28fe9fa6377b2658fb1d90c6c81be80eb96874b2
9f225746c23128917d7f062d6c9db7822513922b73833d08645a78b83f137f9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/ee2d31e9b1142da00970eb0f5d9e6096.static.png
200 OK 846 B URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/ee2d31e9b1142da00970eb0f5d9e6096.static.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /landers/mcafeecleanlp1_noredirect/lp1/ee2d31e9b1142da00970eb0f5d9e6096.static.png HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:55 GMT
Content-Type: image/png
Content-Length: 846
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-34e"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/bff9f670213705f964ee2438e3c51d68.static.svg
200 OK 1.3 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/bff9f670213705f964ee2438e3c51d68.static.svg
IP
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1296), with no line terminators
Hash 6afb794723ba525f2c526c9899569924
8921668647cb2e4e8f689abd3f2bb8c9579432a8
e4aef0aba15680c1b745414a7c7bc39cdbeda17f1de0c7bf57bf90378b6a5d26
Analyzer Verdict Alert fortinet Phishing
GET /landers/mcafeecleanlp1_noredirect/lp1/bff9f670213705f964ee2438e3c51d68.static.svg HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:55 GMT
Content-Type: image/svg+xml
Content-Length: 1296
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-510"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/f03036d5c103eedbac3c581568b32269.static.png
200 OK 314 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/f03036d5c103eedbac3c581568b32269.static.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 934 x 885, 8-bit/color RGBA, non-interlaced\012- data
Size 314 kB (313991 bytes)
Hash eb5576f156132c190715b2f03f9173c3
cec31b87a0b1c7a49286be0c4caa8ba462d340a4
49970818ac9e72e7c2c3e0d029bcb7a20ccf64ddbc9b1dc62f5518c0ba7afd6e
GET /landers/mcafeecleanlp1_noredirect/lp1/f03036d5c103eedbac3c581568b32269.static.png HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:55 GMT
Content-Type: image/png
Content-Length: 313991
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-4ca87"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/941fa1e5bcd2700ef94edf077fe9fcf0.static.png
200 OK 4.1 kB URL HTTP/1.1 indexcontrol.online/landers/mcafeecleanlp1_noredirect/lp1/941fa1e5bcd2700ef94edf077fe9fcf0.static.png
IP
ASN #24940 Hetzner Online GmbH
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cdf3256cd7b8ec3917adb79d6bf457e
bc615337e9223183a126c8fb649774866fb53e69
fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /landers/mcafeecleanlp1_noredirect/lp1/941fa1e5bcd2700ef94edf077fe9fcf0.static.png HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/click.php?key=t1t9w0v99re7r2psk5ad&visitor_id=654824533450306216&cost=0.000808&zoneid=3735488&campaignid=6677852&device=desktop&browser=firefox&bannerid=16911470&osversion=win10&country=NO&language=en&isp=blix%20group%20as&8={t10}&rdk=rk1
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6; GoogleAccountsLocale_session=en; googtrans=/en/en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:55 GMT
Content-Type: image/png
Content-Length: 4103
Last-Modified: Mon, 14 Nov 2022 13:57:07 GMT
Connection: keep-alive
ETag: "63724933-1007"
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9441057dfd89bf829b682425aa22df2
003aa4b3c3c81786117a7d64bde556e9012fd5ef
d8eede4e2480852ecf426aa5bf9d5f6f1b07fb8336f69dff34a7e61a649a4553
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Mar 2023 03:45:02 GMT
expires: Thu, 29 Feb 2024 03:45:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
vary: Origin
age: 43553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3cb24a0e3d83f7099a7b771382b9a1c9
ad5b66f890a627410df36bc11e0c11de6b52a444
da7077c0f05e22fa87e7c4d0eb5c891e7a3c55fd86e36e0eeed400e3214a42f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d9441057dfd89bf829b682425aa22df2
003aa4b3c3c81786117a7d64bde556e9012fd5ef
d8eede4e2480852ecf426aa5bf9d5f6f1b07fb8336f69dff34a7e61a649a4553
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Mar 2023 15:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 103 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
File type ASCII text, with very long lines (2474)
Size 103 kB (102979 bytes)
Hash 15cd05aed3e8a58466d3812af6a0e39a
4aa9c06badde4eef2c3e542861832e5fc6c07367
55a32150a06c9837333576621c3313f9f1b2a36b8fd6886d60f8146d8ca125c6
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Mar 2023 15:50:55 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+353; expires=Fri, 28-Feb-2025 15:50:55 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.stfilecamp.com/fp.min.js
200 OK 32 kB URL HTTP/2 cdn.stfilecamp.com/fp.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (31370)
Hash 198f2f5b0a649f41fe890c59d37319aa
f24629687612889bb59f610df3879afcd766fb80
d2bc2cb800679f495a7731c105b2e2047965800515f98008867ab33edc940912
Analyzer Verdict Alert fortinet Phishing
GET /fp.min.js HTTP/1.1
Host: cdn.stfilecamp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://indexcontrol.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 15:50:55 GMT
cache-control: max-age=1074
content-length: 31705
content-type: text/javascript
last-modified: Mon, 13 Jun 2022 11:23:14 GMT
accept-ranges: bytes
x-rgw-object-type: Normal
etag: "198f2f5b0a649f41fe890c59d37319aa"
x-amz-request-id: tx00000000000000baf4ab2-0063ff6a81-30482482-sfo3a
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1677685855.dop219.sk1.t,1677685855.cds213.sk1.hn,1677685855.cds237.sk1.c
X-Firefox-Spdy: h2
indexcontrol.online/js/rt/service-worker.js
200 OK 20 B URL HTTP/1.1 indexcontrol.online/js/rt/service-worker.js
IP
ASN #24940 Hetzner Online GmbH
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
Analyzer Verdict Alert fortinet Phishing
GET /js/rt/service-worker.js HTTP/1.1
Host: indexcontrol.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uclick=gxx92tzw; uclickhash=gxx92tzw-gxx92tzw-gm3v-q5ft-qe1m-2ta03y-2ta06o-723ea6; GoogleAccountsLocale_session=en; googtrans=/en/en; fp_js=9e4947f35751465411fd1a4f5c358c78
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 01 Mar 2023 15:50:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5158
Expires: Wed, 01 Mar 2023 17:16:54 GMT
Date: Wed, 01 Mar 2023 15:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5158
Expires: Wed, 01 Mar 2023 17:16:54 GMT
Date: Wed, 01 Mar 2023 15:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5158
Expires: Wed, 01 Mar 2023 17:16:54 GMT
Date: Wed, 01 Mar 2023 15:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5158
Expires: Wed, 01 Mar 2023 17:16:54 GMT
Date: Wed, 01 Mar 2023 15:50:56 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5158
Expires: Wed, 01 Mar 2023 17:16:54 GMT
Date: Wed, 01 Mar 2023 15:50:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e9c53b037c590cde3ec26668342bb79c
18176b39b2888a4843a551dcf544e6ff42071635
77580642879580aab11f6c95763029fa58ed25f6cafb1fcee71facc573cf3cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F168e63b4-3ce9-4990-8cfe-f2f3645925e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 8bc468d2-5ab6-46dc-a4c3-f3243d455400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A36FeEMyoAMF2zA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f97089-1d978335370496ab14681c79;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 02:20:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: r-hzM4S6nM_lGc66saZHMGKbd4ZC9Piht_POBovptjDJ_PxnPhjeDA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 03:54:13 GMT
age: 43003
etag: "18176b39b2888a4843a551dcf544e6ff42071635"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b4bf4e-f145-4c9e-abad-1756e89c765f.jpeg
200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b4bf4e-f145-4c9e-abad-1756e89c765f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2eedbee19ad8b7fe24b5c3cda8d92825
1eaffe902658900d684f44e4c68234075f65cb87
e0c5964a97e0c292958c7ae074d6384bac147d13fb8daf900d2097b46092205c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b4bf4e-f145-4c9e-abad-1756e89c765f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4866
x-amzn-requestid: 31a47ad4-8fad-4775-b4d6-bdebe4b2cad1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BCPNsGvKoAMF9tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd9257-57f9393a4cfbedbb3cc3ac3e;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 05:34:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vOn3KLLGRgUecNwC9a0jr_-Z4WnjZgbGLLZESE-2cCu0PMRFCBbOxA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 15:41:02 GMT
age: 594
etag: "1eaffe902658900d684f44e4c68234075f65cb87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77ea2415-57a8-404d-8313-52c8cc6340fb.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77ea2415-57a8-404d-8313-52c8cc6340fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b436b88c2f5ba756bd02b66a47097f8
ebfceb33ae49f259314299bddf1be4a848c7203f
ad66d49fe3029b566548789beac637b92f7e52d6a53ef541243280260a69585d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77ea2415-57a8-404d-8313-52c8cc6340fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8862
x-amzn-requestid: 306d5a4c-cfec-464c-9cbc-f45b46d4795c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A38NHFSloAMFf2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f973ed-77dec03d03eecc6552fc5294;Sampled=0
x-amzn-remapped-date: Sat, 25 Feb 2023 02:35:25 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WWToiE4ea0lAf7QEA0_N4RbRV2btXiHuT3Kzb1E7TxSdbmWoio5Piw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Mar 2023 13:08:16 GMT
age: 9760
etag: "ebfceb33ae49f259314299bddf1be4a848c7203f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454b494a-f626-4262-88e4-90cf9ec0fea3.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454b494a-f626-4262-88e4-90cf9ec0fea3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0e69b21d6ceadd5629ece699952e2d4
29629c3d19c228fa6ab9b93730c7047f8c3b8006
28dfd647550631617215d67106bacf950b2d1a512da8758bc5cc3ebcac89e374
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F454b494a-f626-4262-88e4-90cf9ec0fea3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7792
x-amzn-requestid: 2f0b8107-e9f2-46ac-b598-4aa69d5850b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BEbs0GPeIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fe731e-3e2cbcbf7e2fbb102698707c;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: HKqW5yCe3RxkNC16xZNe7eqlm2fSkxvqcYpDGtkvW9Qv97Umudr1aw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6af3b573d8970d5db2a4d03354335b84.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 21:36:30 GMT
age: 65666
etag: "29629c3d19c228fa6ab9b93730c7047f8c3b8006"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3874c3a95ebd4b7fe922878cf7d818ac
d2f74c496308d92082e9499ebde79b65226c63ee
53ca673869045cde8b0c7ad37ecae0583f60545215b86d3197cffd93323a177a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59ab132e-e9ad-4556-83de-990c4d390aef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10391
x-amzn-requestid: 3b126435-0e9d-4688-84d3-dedea6fc024f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BEbroFO8oAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fe7316-630925bc14685ec8593eb2ee;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IxeAET6uxzcr1cUTdoUPp6Vc6vvFMDMTQRU3eftq36GS02eKiy13Eg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 21:38:44 GMT
age: 65532
etag: "d2f74c496308d92082e9499ebde79b65226c63ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a5f3d376fe6a3a78a5d1fe136f962fb
3e9b03cc296e954d63526a4e7e75beea3130fc3b
c8cf4f1c0352102764247e4dc5a2076921e0eaa18bfd110e5b0b97a55c706690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97e8f2e-6da0-4f8b-b12c-1af676e3e4da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: f160a6a5-c245-40ab-9e03-ca03ba05863a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBNUOGorIAMFTlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd28e7-74bb8ca33cc8d5ee7e48ad3a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 22:04:23 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OAXdgPPPK_4LyHpQ-v3GLo2UhBtMS9SwSM95pdWa4jhnlB9JzqBSvw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Feb 2023 22:17:40 GMT
age: 63196
etag: "3e9b03cc296e954d63526a4e7e75beea3130fc3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Findexcontrol.online%2Fclick.php%3Fkey%3Dt1t9w0v99re7r2psk5ad%26visitor_id%3D654824533450306216%26cost%3D0.000808%26zoneid%3D3735488%26campaignid%3D6677852%26device%3Ddesktop%26browser%3Dfirefox%26bannerid%3D16911470%26osversion%3Dwin10%26country%3DNO%26language%3Den%26isp%3Dblix%2520group%2520as%268%3D%7Bt10%7D%26rdk%3Drk1
200 OK 0 B URL HTTP/2 stormtrk.com/api/1.0/ping/pong?location=https%3A%2F%2Findexcontrol.online%2Fclick.php%3Fkey%3Dt1t9w0v99re7r2psk5ad%26visitor_id%3D654824533450306216%26cost%3D0.000808%26zoneid%3D3735488%26campaignid%3D6677852%26device%3Ddesktop%26browser%3Dfirefox%26bannerid%3D16911470%26osversion%3Dwin10%26country%3DNO%26language%3Den%26isp%3Dblix%2520group%2520as%268%3D%7Bt10%7D%26rdk%3Drk1
IP
GET /api/1.0/ping/pong?location=https%3A%2F%2Findexcontrol.online%2Fclick.php%3Fkey%3Dt1t9w0v99re7r2psk5ad%26visitor_id%3D654824533450306216%26cost%3D0.000808%26zoneid%3D3735488%26campaignid%3D6677852%26device%3Ddesktop%26browser%3Dfirefox%26bannerid%3D16911470%26osversion%3Dwin10%26country%3DNO%26language%3Den%26isp%3Dblix%2520group%2520as%268%3D%7Bt10%7D%26rdk%3Drk1 HTTP/1.1
Host: stormtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://indexcontrol.online
Connection: keep-alive
Referer: https://indexcontrol.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 01 Mar 2023 15:50:55 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQlIERhiGiCyjSPP1ay5iE4H7OC0YrCk34MDG1MYfpMTWYZaUmcFgc%2Bqsc2HpsGRMO2YsxcsDowzAwMFz%2BCU08YwO4IdR7eQo9E%2F5myAMmIZPJcaZC37QwYts0VyPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a128ef22827b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2
worldcommonjournal.com/4/3735488/
200 OK 0 B URL HTTP/2 worldcommonjournal.com/4/3735488/
IP
GET /4/3735488/ HTTP/1.1
Host: worldcommonjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Mar 2023 15:50:53 GMT
content-type: text/html; charset=utf8
vary: Accept-Encoding
x-trace-id: ff9f64e6a64241ad0f06af42e41b7ebf
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://indexcontrol.online>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
set-cookie: OAID=ed891d823854484f80ab94f6b027fae1; expires=Thu, 29 Feb 2024 15:50:53 GMT; path=/
oaidts=1677685853; expires=Thu, 29 Feb 2024 15:50:53 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2EY9V0HPdYBxxRtOD%2FFbZnqm7HH6A09OrmLObz5rRz4T1EYWBU5y6dy5wzrMw7wmQ19Yd91pWPE06PVOhkZuZCV%2BI4YGoYqUFdyMpmORDZoFZ1WKS3oZkIIgjbpPkuW%2F2QLmd1w5b8M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a128eeadd8cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
188.114.96.1
23.36.76.249
216.58.211.3
139.45.195.8
157.90.254.169
0.0.0.0