r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8377
Expires: Sat, 28 Jan 2023 05:18:35 GMT
Date: Sat, 28 Jan 2023 02:58:58 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13346
Expires: Sat, 28 Jan 2023 06:41:24 GMT
Date: Sat, 28 Jan 2023 02:58:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 02:43:03 GMT
content-type: application/json
age: 955
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8522
Expires: Sat, 28 Jan 2023 05:21:00 GMT
Date: Sat, 28 Jan 2023 02:58:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g85dcOwawFrjQKpcQLDQczR/Ax/HcZ2/Bs4C283TZC1e320jn+cSIPJCBtJYe0VA301Nazh/6cs=
x-amz-request-id: 1PZ10RHZNKJ3RT7J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 02:49:39 GMT
age: 559
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 02:58:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 02:49:03 GMT
age: 595
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12019
Expires: Sat, 28 Jan 2023 06:19:17 GMT
Date: Sat, 28 Jan 2023 02:58:58 GMT
Connection: keep-alive
ens-sup-ertos-ex-rzea.builderallwppro.com/updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station
200 OK 16 kB URL HTTP/1.1 ens-sup-ertos-ex-rzea.builderallwppro.com/updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3410)
Hash 98263c8f9d4cd38ab758148d9e5c9a59
089f5eabde67c503d2c00bfb972632d80ddad2e8
d7d86ea1f8f8653514bd9e34243507dcc12068b766b8fe590f2f9d5d32d37241
Analyzer Verdict Alert quad9 Sinkholed
GET /updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station HTTP/1.1
Host: ens-sup-ertos-ex-rzea.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 02:58:58 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 02:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +C30bng8wPMxhPgnoSZ2sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SzjHER7yDQSxgK+WIEZpzxnLMRE=
ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
IP
File type ASCII text, with very long lines (32089)
Hash bf899cc5ba60c522341e4d712a5246bf
2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a
4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 15:42:19 GMT
expires: Tue, 23 Jan 2024 15:42:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 386200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 02:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 15d25dff72c4b934ed991add4ccde248
6128147740374605b39aff16e1f051e625c04633
bcc65804f4d56566997962f477afc0b034d621901e766bbbd4be92f2f90a87da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5310
Cache-Control: max-age=122449
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 02:58:59 GMT
Etag: "63d3b606-1d7"
Expires: Sun, 29 Jan 2023 12:59:48 GMT
Last-Modified: Fri, 27 Jan 2023 11:31:18 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 15d25dff72c4b934ed991add4ccde248
6128147740374605b39aff16e1f051e625c04633
bcc65804f4d56566997962f477afc0b034d621901e766bbbd4be92f2f90a87da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3008
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 02:58:59 GMT
Etag: "63d3b606-1d7"
Last-Modified: Sat, 28 Jan 2023 02:08:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ens-sup-ertos-ex-rzea.builderallwppro.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c
404 Not Found 196 B URL HTTP/1.1 ens-sup-ertos-ex-rzea.builderallwppro.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c HTTP/1.1
Host: ens-sup-ertos-ex-rzea.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 02:58:59 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
200 OK 256 B URL HTTP/2 siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png
IP
File type PNG image data, 36 x 36, 8-bit gray+alpha, non-interlaced\012- data
Hash fd495ca24c74d95ea3d5566a7cb25112
24682c91808ce607ab93b59c3bf7f343eba37e73
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
GET /WRQualtricsShared/Graphics/siteintercept/wr-dialog-close-btn-black.png HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 28 Jan 2023 02:58:59 GMT
content-type: image/png
content-length: 256
cf-ray: 79067830adccb503-OSL
accept-ranges: bytes
age: 54521043
cache-control: max-age=315360000, public
expires: Mon, 21 Apr 2031 04:55:13 GMT
last-modified: Tue, 20 Apr 2021 18:30:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
cf-polished: origSize=757
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
servershortname:
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
server: cloudflare
X-Firefox-Spdy: h2
www.ups.com/assets/resources/images/UPS_logo.svg
200 OK 1.1 kB URL HTTP/2 www.ups.com/assets/resources/images/UPS_logo.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2162), with no line terminators
Hash 849a64e3cfc9bd0836d231c06d7cc6d8
7bafabde4eadb7df3ea41496eaa2d65cc9e87e18
4d1179bcf986517d857c727b5d0e98acef24cba72b9eeba59309c4631e1aa75d
GET /assets/resources/images/UPS_logo.svg HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
accept-ranges: bytes
content-encoding: gzip
last-modified: Tue, 24 Jan 2023 04:54:15 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 1086
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.vendor.54f3c2d83b58.css
200 OK 18 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.vendor.54f3c2d83b58.css
IP
File type ASCII text, with very long lines (65352)
Hash 178b0b6f886a4f18aa186418933c57d2
54478a1a45ce61e6645d9cb2e62e64235688941d
1cfd9397b0f1a2f9d000e7353ec834b2b38bd2ea2da23f53ce7027088f02fea9
GET /assets/resources/styles/ups.vendor.54f3c2d83b58.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Wed, 04 Jan 2023 13:08:57 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 18438
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.modules.621ddd669ef2.css
200 OK 62 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.modules.621ddd669ef2.css
IP
File type Unicode text, UTF-8 text, with very long lines (65465), with CRLF line terminators
Hash dafa3c0ac41d37121473e51f2d6c173a
c6e06f244f65b705d440aff2b415d777c485b2da
ea0ed2a40a8edd6eabab57a1819542b36a7df0e7af63ed5177b6d9f1cb3bddf3
GET /assets/resources/styles/ups.modules.621ddd669ef2.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Wed, 25 Jan 2023 00:23:36 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 62100
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.apps-simplified_tracking.65f764049554.css
200 OK 12 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.apps-simplified_tracking.65f764049554.css
IP
File type ASCII text, with very long lines (65472)
Hash fd9591c01d085a6f7ac43411e60e431f
ee0d383911e4e1db08f6d24fb6dcb801f69bcdc2
033afdefc00446e93a0cba222afaaeb0e26d829de097a45ad255ad5b00078bdf
GET /assets/resources/styles/ups.apps-simplified_tracking.65f764049554.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Fri, 09 Dec 2022 07:33:39 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 11851
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.styles.eb36c144b5fd.css
200 OK 91 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.styles.eb36c144b5fd.css
IP
File type ASCII text, with very long lines (65472)
Hash cf6233bba9b669a9de99d6dc3eee56cd
871d71457e60293d100027c3f7f8d8a30fe4b2d6
2003c9162717abb08c20f8e6542ffcff226a52a36a3ec6f2f4f89e738dd38501
GET /assets/resources/styles/ups.styles.eb36c144b5fd.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Tue, 24 Jan 2023 05:45:03 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 91017
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.widgets.6611168e8d14.css
200 OK 7.4 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.widgets.6611168e8d14.css
IP
File type ASCII text, with very long lines (65472)
Hash 4516aa9a8eb92d7b19430c5c5f3a58d2
6697e3369e8899f7098ff712e3d82a39cdec6583
7333eb7bf92506824bdd6f085d406e056fa698f90a90b225edbe93e2dc70d44e
GET /assets/resources/styles/ups.widgets.6611168e8d14.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Wed, 30 Nov 2022 15:04:30 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 7388
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/scripts/ups.scripts.657f3e.js
200 OK 62 kB URL HTTP/2 www.ups.com/assets/resources/scripts/ups.scripts.657f3e.js
IP
File type ASCII text, with very long lines (31980)
Hash 87dc7d92069fb0e6ba7c551f017fcc44
17a07abfa60df1ec499c6fab4859120eac56a9b0
bb926acaaee9cbbee8a6d2896dcfe490489037aa1923ab668081abd7a06d59b7
GET /assets/resources/scripts/ups.scripts.657f3e.js HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
last-modified: Mon, 05 Dec 2022 03:18:54 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 62408
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=22
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
www.ups.com/assets/resources/styles/ups.apps-utrk.de2c674dbb95.css
200 OK 9.4 kB URL HTTP/2 www.ups.com/assets/resources/styles/ups.apps-utrk.de2c674dbb95.css
IP
File type ASCII text, with very long lines (65471), with CRLF line terminators
Hash 806c15c92b829579f9463b4efdd10ac9
2ff5a550df0af5baef36f44a6388ac4c6cb0d7c0
040e03aecbc073fd6930742a485f77521f5559a73abbf8756bf981e48a6cb74e
GET /assets/resources/styles/ups.apps-utrk.de2c674dbb95.css HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
content-encoding: br
last-modified: Thu, 19 Jan 2023 04:06:42 GMT
referrer-policy: same-origin
server: Akamai Resource Optimizer
content-length: 9418
expires: Sat, 28 Jan 2023 02:58:59 GMT
pragma: no-cache
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=21
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
ens-sup-ertos-ex-rzea.builderallwppro.com/img/icp.gif
404 Not Found 196 B URL HTTP/1.1 ens-sup-ertos-ex-rzea.builderallwppro.com/img/icp.gif
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert quad9 Sinkholed
GET /img/icp.gif HTTP/1.1
Host: ens-sup-ertos-ex-rzea.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 02:58:59 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.ups.com/assets/resources/images/social.jpg
200 OK 876 B URL HTTP/2 www.ups.com/assets/resources/images/social.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 20x120, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b6f0390de9bb1612440ef28b59fc1ab
ec771f86c9845b78d459d4e095d2f15112d056e2
f58100f6119cb35d26e4e8fc3775499feef71ae7a1c75feebc8e5d7c575ebdf2
GET /assets/resources/images/social.jpg HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ups.com/assets/resources/styles/ups.modules.621ddd669ef2.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Sep 2022 13:36:35 GMT
server: Akamai Image Manager
content-length: 876
content-type: image/webp
expires: Sat, 28 Jan 2023 14:58:59 GMT
date: Sat, 28 Jan 2023 02:58:59 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-cache="Set-Cookie"
X-Firefox-Spdy: h2
ens-sup-ertos-ex-rzea.builderallwppro.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c
404 Not Found 196 B URL HTTP/1.1 ens-sup-ertos-ex-rzea.builderallwppro.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c HTTP/1.1
Host: ens-sup-ertos-ex-rzea.builderallwppro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/updates2022/?utm_campaign=duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_duplicado_de_xazer&utm_medium=email&utm_source=RD+Station
HTTP/1.1 404 Not Found
Date: Sat, 28 Jan 2023 02:58:59 GMT
Server: Apache/2.4.38 (Debian)
Strict-Transport-Security: max-age=15768000
Content-Length: 196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash f9f08a5073a4893d35155223667ee416
6fae43be79bf9d159005008bb7b3e80131ad5583
c93598783e5029dcdb81cacc4ca028511dcf2756b053333d0d54b2228bcfb599
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 02:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 01 Feb 2023 00:13:10 GMT
ETag: "6fae43be79bf9d159005008bb7b3e80131ad5583"
Last-Modified: Sat, 28 Jan 2023 00:13:11 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2603
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79067835cca60b45-OSL
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1673486008077
200 OK 6.9 kB URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1673486008077
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7dff854551b24859cac0c74bb33bbe56
88e4f78433ac498532ede97a2bc9755ec9189c5a
517a3d0dd96216e612a28abf1efb18a73bb572a1011424f3f91253a08525a90f
GET /media/launch/chatLoader.min.js?codeVersion=1673486008077 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 01:07:42 GMT
accept-ranges: bytes
etag: W/"22376-1670548062000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 03IjUYwAAAAB+Su3f+QXHSqV1Xb3LrXMbRlJBMjMxMDUwNDE4MDMxAGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-azure-ref: 0dI/UYwAAAACdpvyrLrt+TL7WcfxckHheQ1BIMzBFREdFMDQwNwBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Sat, 28 Jan 2023 02:59:00 GMT
X-Firefox-Spdy: h2
www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
200 OK 1.8 kB URL HTTP/2 www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4156), with CRLF, LF line terminators
Hash 48ac04107c9f1fe8ec05bd7b9f6c3d88
139f0398172ec2dcd0a3cfd32e8c58e0249ff9db
f380d47acd816485aa70e77dfe79cfbf6f840307404a1f53c86169dfd35f92c9
GET /nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0 HTTP/1.1
Host: www.ups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
referrer-policy: same-origin
cache-control: no-store, no-cache
pragma: no-cache
accept-ranges: bytes
content-type: text/html
x-akamai-transformed: 9 236 0 pmb=mNONE,1mTOE,3
content-encoding: gzip
date: Sat, 28 Jan 2023 02:59:00 GMT
content-length: 1835
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
link: <https://www.ups.com/assets/resources/styles/fonts/Roboto-Regular.woff>;rel="preload";as="font";type="font/woff";crossorigin,<https://www.ups.com/assets/resources/styles/fonts/Roboto-Medium.woff>;rel="preload";as="font";type="font/woff";crossorigin, <https://tags.tiqcdn.com>;rel="preconnect",<https://akamai.tiqcdn.com>;rel="preconnect"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
set-cookie: AKA_A2=A; expires=Sat, 28-Jan-2023 03:59:00 GMT; path=/; domain=ups.com; secure; HttpOnly
_abck=ECD2A456D7DC848F9283E4D9C93E25D2~-1~YAAQJ08kFwMG5t+FAQAA5F1Q9gmKcgfOeKyHqi0BWmz59xF3dYv6QcayRQnwD8ubLphjgpTyLFXi3lNQ5jgRvwWs4i6ndzYTHNG0mE4AIHbLkGQHxuamSzib81Bbs1StccUa++1cCjiUaqCL5h4vin6sp1V3UFxUs+T03DP/24tuBhBSQCC18LvGYYWv3iU+B+wHA+WagmXl0e5l/FjMdSjtgfKBnrBF9ggUZzP8eAEDDnsbw1Wh83NCTSoshJ5H42Y+TaIQY/mO8E/yPGqwHoAreiO0NN/N2M+n33ldzzR/WFUoDEXk8kktIfGe93I4usSSPRwj/jps2AtnZKrufXFIsSs+16TpSGR4mBiveF8emgJOLjb6SEh4~-1~-1~1674878264; Domain=.ups.com; Path=/; Expires=Sun, 28 Jan 2024 02:59:00 GMT; Max-Age=31536000; Secure
ak_bmsc=92075AC9CA345B2070F941CB65181463~000000000000000000000000000000~YAAQJ08kFwQG5t+FAQAA5V1Q9hKA9/DsGwFqYaXXE6PVpqI3mMBue1z4Aoc9qGtkFjj70tEAze6VUqTw6Sr2y7cHu4v4u+sNxSSluuHJAN3vFz3PaXijcgSAY+D0pckh+RGsbAQjnQhfNtQZvmlToupNbXSarEDO3vgja3V+kD1hnMguYfWZlid8tpeMEAjNVZhG+mmoW5mY7K714Eaqjc3YwDrCS+wfhdEVwKC3eyqy4ePx17rjXz7HWQkRVZqXSTG3/5hIEvSASF5R1QmPMXkPfxZ2FiwZKKYRZpHdV5H7LWcTa1W18yqMAKePtv3EAImYXJvWCv+w1CJlPsgZvITlJfE4kg02gSmwZVtlmU1uFKL6NViSbIPht9rs6GItyGtJk/gy; Domain=.ups.com; Path=/; Expires=Sat, 28 Jan 2023 04:59:00 GMT; Max-Age=7200; HttpOnly
bm_sz=ED86421150B7B597E59BAD0233E2413A~YAAQJ08kFwUG5t+FAQAA5V1Q9hL3Df58iwAd/QE4Evcni1v1hTcyrDQoANcAUsVq3b+rqr5814rlPFyRi6Nd2k7hUFjxZeaMkiY0ESAMvYakCP4wo7JIqCDy3tcezaJ657vldBgila/4xY3g+FfYpEDT7/K8YNeAb/AU7MT13/PbsOgIr4ABb0XccWd9vMI0yDsKZZiRmQGW/Zt2DrpTd62XZO2iDUlunn7XTNUc0C410yW6GaYR9kHfMCXO+GyL+pM5z34SarB7+mbm0/P0CLjd8B0ZSwJ8oNr2vNx52Bg=~3289668~3748144; Domain=.ups.com; Path=/; Expires=Sat, 28 Jan 2023 06:59:00 GMT; Max-Age=14400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 9dca30eedfac46ba9a042151aef817f9
cdf1a151322e64458e9a368bc83254880bff08af
bd3f869d7dd868b3005e70cf696e437187144ee855f0654d1614e2f45459c948
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 02:59:00 GMT
Last-Modified: Sat, 28 Jan 2023 02:57:35 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: cG7MYkpf8NH9BfeSciCAaedPfOyjMHU4mV16IsCTNChi13eKhUMI5Q==
Age: 85
match.prod.bidr.io/cookie-sync/demandbase
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 02:59:00 GMT
location: https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 28 Jan 2023 03:09:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
200 OK 471 B IP
Hash b139ef842e1ece23a2fb6810cbb79f0b
75eb76995244c2e1841e0f3283f126cf13a77b04
7287866e126fff5e98015a2750cfe2889271f4f7e4084668e69e939a951243be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 02:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:42:55 GMT
Expires: Wed, 01 Feb 2023 13:42:54 GMT
Etag: "75eb76995244c2e1841e0f3283f126cf13a77b04"
Cache-Control: max-age=383633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7906783588edb50b-OSL
match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/demandbase?_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 28 Jan 2023 02:59:00 GMT
location: https://segments.company-target.com/log?vendor=choca&user_id=
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
id.rlcdn.com/464526.gif
451 Unavailable For Legal Reasons 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /464526.gif HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Sat, 28 Jan 2023 02:59:00 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4175
Expires: Sat, 28 Jan 2023 04:08:35 GMT
Date: Sat, 28 Jan 2023 02:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4175
Expires: Sat, 28 Jan 2023 04:08:35 GMT
Date: Sat, 28 Jan 2023 02:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4175
Expires: Sat, 28 Jan 2023 04:08:35 GMT
Date: Sat, 28 Jan 2023 02:59:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4175
Expires: Sat, 28 Jan 2023 04:08:35 GMT
Date: Sat, 28 Jan 2023 02:59:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2881cea3ae511d3dfd2f6b7cd598a4e
105d8d675aaafce5602e4015aee2d1659553d1b1
0993ef71c2af9e07ed09e0e2ba40a4d9fdd01444154c2f39f8fc48a4dfef1730
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a2033b2-0708-4731-82a4-5bbc9f000ae2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10863
x-amzn-requestid: db873091-be76-4276-aa3e-f9bd44051508
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbAMbHCMoAMFsYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4471c-57f14d6a3ebcc8a1788bae80;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:50:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 00zN6NcdSHaq-4mWQeizXw9SDgUZJOFnB_6dTo6skjlytfBuz8ud3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:57:22 GMT
age: 18098
etag: "105d8d675aaafce5602e4015aee2d1659553d1b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a1950b80f136ad55bab17c6ad2ba8d2c
80f878475f3801194f869686b3364d35f99836f0
39724d1df38aa7068d9f498271027e500af00b4ce3cd3df41e09c4fa4fd13320
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d0fab44-0562-44c8-b7c7-fb069fb851d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5933
x-amzn-requestid: 107db189-1d15-4d9a-903f-a6a529d841c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CwEcmoAMFiMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-1cf1e1e975afcfc01eba60bf;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Aaa0eZwfxkAoeIx6JSoi8k0RLYSAUW4SgFUyR8dgoC70CEm5g9OOtA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:59:26 GMT
age: 17974
etag: "80f878475f3801194f869686b3364d35f99836f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01d78e0bafdf4cbe227afc503124bc55
e2d21a694342773ccbace4742c4b047e7ce92e1c
3e9027f35134d811a50144a9b70c6de2dc97cbade941a5364717b403bcaf3eb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7df68b7-44d9-4227-aedc-8e03fd23edd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4641
x-amzn-requestid: b2e2ba60-21e7-4304-a354-2b49b8162cf2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5FJGoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-4b292f801433239340edab33;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: irkZKPRcil7YVMxVJXNkIn18zBSt2JWyxo9ZFMfz6aZer4_lnqG8oA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:38 GMT
age: 18142
etag: "e2d21a694342773ccbace4742c4b047e7ce92e1c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0
200 OK 7.6 kB URL HTTP/2 insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4
GET /track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 02:59:00 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 18134
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 30179
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash b139ef842e1ece23a2fb6810cbb79f0b
75eb76995244c2e1841e0f3283f126cf13a77b04
7287866e126fff5e98015a2750cfe2889271f4f7e4084668e69e939a951243be
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 02:59:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 13:42:55 GMT
Expires: Wed, 01 Feb 2023 13:42:54 GMT
Etag: "75eb76995244c2e1841e0f3283f126cf13a77b04"
Cache-Control: max-age=383633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79067837499ab50b-OSL
segments.company-target.com/log?vendor=choca&user_id=
303 See Other 0 B URL HTTP/1.1 segments.company-target.com/log?vendor=choca&user_id=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /log?vendor=choca&user_id= HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Content-Length: 0
Connection: keep-alive
Date: Sat, 28 Jan 2023 02:59:00 GMT
trace-id: e77c4364691bb819
Vary: Origin
Location: /validateCookie?vendor=choca&user_id=&verifyHash=4ce587f9dedf177ccbf30e222e4991d2fd0dd3a7
Set-Cookie: tuuid=4c7a1237-cd51-4f50-a812-543bdc35fd84; Max-Age=63072000; Expires=Mon, 27 Jan 2025 02:59:00 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
tuuid_lu=1674874740; Max-Age=63072000; Expires=Mon, 27 Jan 2025 02:59:00 GMT; SameSite=None; Path=/; Domain=.company-target.com; Secure; HTTPOnly
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DjcKyZa1hUj-M7fVIBcLHU0lpXeKWeMg_AqkDutYl2JRFGiF5_pfIA==
segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=4ce587f9dedf177ccbf30e222e4991d2fd0dd3a7
204 No Content 0 B URL HTTP/1.1 segments.company-target.com/validateCookie?vendor=choca&user_id=&verifyHash=4ce587f9dedf177ccbf30e222e4991d2fd0dd3a7
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /validateCookie?vendor=choca&user_id=&verifyHash=4ce587f9dedf177ccbf30e222e4991d2fd0dd3a7 HTTP/1.1
Host: segments.company-target.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Connection: keep-alive
Date: Sat, 28 Jan 2023 02:59:00 GMT
trace-id: 2acc9aeaf97a9323
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qftHCJgp29p9S3l9DOphCMsFXwTFCGzXQbDl9ry3B97qZs8roJ0jkA==
siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web
200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web
IP
GET /dxjsmodule/FeedbackButtonModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 02:58:59 GMT
content-type: application/javascript
cf-ray: 79067830adc9b503-OSL
access-control-allow-origin: *
age: 64320
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"fd62-17a5f9b34c8"
last-modified: Thu, 01 Jul 2021 01:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=64866
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web
200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web
IP
GET /dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.55.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 02:58:59 GMT
content-type: application/javascript
cf-ray: 79067830adcdb503-OSL
access-control-allow-origin: *
age: 64320
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"174cb-17a5f9b34c8"
last-modified: Thu, 01 Jul 2021 01:07:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=95435
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1625723482466
200 OK 0 B URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1625723482466
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /media/launch/chatLoader.min.js?codeVersion=1625723482466 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 01:07:42 GMT
accept-ranges: bytes
etag: W/"22376-1670548062000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 03IjUYwAAAAB+Su3f+QXHSqV1Xb3LrXMbRlJBMjMxMDUwNDE4MDMxAGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-azure-ref: 0c4/UYwAAAADFwiE6qiR1Rq8LT5VGVfvAQ1BIMzBFREdFMDQwNwBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Sat, 28 Jan 2023 02:58:59 GMT
X-Firefox-Spdy: h2
ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
200 OK 0 B URL HTTP/2 ups.inq.com/chatskins/launch/inqChatLaunch10005649.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /chatskins/launch/inqChatLaunch10005649.js HTTP/1.1
Host: ups.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ens-sup-ertos-ex-rzea.builderallwppro.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 28 Jan 2023 02:58:59 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"5079-1673486009304"
last-modified: Thu, 12 Jan 2023 01:13:29 GMT
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2
65.111.165.81
23.33.119.27
104.18.32.68
93.184.220.29
54.194.240.162