| uk-newphone22win.lp.ohyousweeps.com/ | 54.230.111.100 | 301 Moved Permanently | 167 B |
URL HTTP/1.1uk-newphone22win.lp.ohyousweeps.com/ IP54.230.111.100:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashf5d40b7259645010f9a248858ad14178 b3051d17a6ec8c9e166bf09a62b48261ab86957b 7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 27 Jan 2023 10:33:13 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://uk-newphone22win.lp.ohyousweeps.com/
X-Cache: Redirect from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sCgNDKEIG74vuen2XopVuzeO9B7FVsKNPIHu94_4Q5jKY1fZwNdmeg==
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2405562765b49b2782ebd2e2994851d5 be7ac8e558f7875bb1fb86ab5ec674424a5ff269 422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13959
Expires: Fri, 27 Jan 2023 14:25:53 GMT
Date: Fri, 27 Jan 2023 10:33:14 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash5fe582397f3003b225cb9058e02c2190 68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f 238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6975
Expires: Fri, 27 Jan 2023 12:29:29 GMT
Date: Fri, 27 Jan 2023 10:33:14 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashdcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 09:35:20 GMT
content-type: application/json
age: 3474
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6969
Expires: Fri, 27 Jan 2023 12:29:23 GMT
Date: Fri, 27 Jan 2023 10:33:14 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4WmOrQveVOTscA28uPDNt295cyAotzEoX0UpPT8NcLusvJz8B9ZXO2PN/Z9qN8dmLz+Z00vB3bQ=
x-amz-request-id: YRNP2RJ2Y00AHB8E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 09:49:22 GMT
age: 2632
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.100 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.100:0
Hashf43446c117442678239abf13f1c5cb80 4e820c27008fdf2b9cd0ea643c45d9fd42f1949d 067a01988390fe24444f421ca9ccfcfcd52440624b7fe5f56741ef9f201187d5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169054
Date: Fri, 27 Jan 2023 10:33:14 GMT
Etag: "63d399c8-1d7"
Expires: Sun, 29 Jan 2023 09:30:48 GMT
Last-Modified: Fri, 27 Jan 2023 09:30:48 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qKj2fuS1-k3PW8o5ZhyCJW9UQM4uNjyeqggZ86jBevYTYtGcbpahtg==
|
|
| cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js | 104.17.24.14 | 200 OK | 2.7 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (1253) Hash025d2eaf19c48f83eeb6368c60839484 4fa72f281c2b33fe0dece1ddf6cbe7fc2d27b18b c740dd02a6a218bcc30200e2e1ce78b635b30907ee1f4239a21b3706d81b6a29
GET /ajax/libs/angular.js/1.5.8/angular-sanitize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 2728
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d27-16e5"
last-modified: Mon, 04 May 2020 16:04:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 36533
expires: Wed, 17 Jan 2024 10:33:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azYl1nrQZq84zKyJT3tITqqUooVyQKq%2F90e9oJRcK77kLiHKuH4VVY16Fwemvm5MGCXkQVOjv1vebRbcZOaMxTo7%2BlOLRaQwqs7xsk98LX1erizop0w6QGvZf8fzzdl4dZ4QUewX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7900d43a79740b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js | 104.17.24.14 | 200 OK | 5.0 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (17117) Hashc418dbc7ffcf6d7874db7ce864797577 7b2351ed37568cb0a9edf82c5fea0a4c1b9fe161 2c571556f8548fcea79358c058c978e076a37d2053ff7e5424f30a26ddd00b68
GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 6273602
expires: Wed, 17 Jan 2024 10:33:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2QYd26MJRGeA81QqdnfZsZPeyUluVL%2FpJCwyy89g%2BbSXcJ77Dqcq3xVhPmmZd6Pq8ro02%2B4YxjrMV96JiyliTdveslK%2ByF%2FpchqagBXgGkVMp1Z139MxKyFn5gelUBsYhNE45wG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7900d43a79710b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js | 104.17.24.14 | 200 OK | 17 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js IP104.17.24.14:0
File typeASCII text, with very long lines (58823) Hash48342f85265e1ef95883b48352d8a901 4aca39aa1a6059cd73a3c6c8e8db6e704d5f6172 8d42979137cc37cb51593048aa96e73d7035948b75d4152fcd352052fb3c49ed
GET /ajax/libs/moment.js/2.29.1/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: application/javascript; charset=utf-8
content-length: 16919
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7c5ca4-e5ee"
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 663292
expires: Wed, 17 Jan 2024 10:33:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxa%2FV5bp1Lf9%2FpZhWAwOVL8hBKNB7qCNSC3DTTDJA6YJ9Uc%2F97Pvbil8TJj8g1DXAmr1pFqg5PolDkAS4aMG9PzC4mmOI04wPmDB47BX5jX71TliRGe4%2BgUH%2BZrpp79%2FDd7jyAGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7900d43a7b1eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash48f87f021aa43dc85cabc3b624264811 6dcc2e3610ec6ef91768905aae267c984227f54a 0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash2dd49753b725c0adb91fafd2a7821613 92547466e2927540da351740e1c8702b00016188 9a8ce5d24a953b03df10246293da6632a6e779f6719f51b1877c98ebc961a7ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4013
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Last-Modified: Fri, 27 Jan 2023 09:26:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash48f87f021aa43dc85cabc3b624264811 6dcc2e3610ec6ef91768905aae267c984227f54a 0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js IP142.250.74.170:0
File typeASCII text, with very long lines (32014) Hash28f3d6d8267f129fc0f17d06cf79d668 c115b6f5777693610e4badea0bb3d3093a4d8e0a 6fe4b034f874ace44678689986c0918e5100ba85ba89a59dc2ab237cc20c4214
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 15:42:39 GMT
expires: Tue, 23 Jan 2024 15:42:39 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 327035
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js | 142.250.74.170 | 200 OK | 57 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js IP142.250.74.170:0
File typeASCII text, with very long lines (639) Hash16abe8134746c9d66a3436006e47a3d1 eef0f59e50cd12a6a19b2d95ea448d0dbc96672a 93fc080850df170ab2a705d758b118b030545c1b6b3240d085a477ea4dfdde9c
GET /ajax/libs/angularjs/1.5.8/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 56572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 15:34:28 GMT
expires: Sun, 21 Jan 2024 15:34:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 500326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash2dd49753b725c0adb91fafd2a7821613 92547466e2927540da351740e1c8702b00016188 9a8ce5d24a953b03df10246293da6632a6e779f6719f51b1877c98ebc961a7ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4013
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Last-Modified: Fri, 27 Jan 2023 09:26:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12817
Expires: Fri, 27 Jan 2023 14:06:51 GMT
Date: Fri, 27 Jan 2023 10:33:14 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 09:41:40 GMT
age: 3094
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hash48f87f021aa43dc85cabc3b624264811 6dcc2e3610ec6ef91768905aae267c984227f54a 0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashf1c968a39cea46cadcbd65908ca08f4f 42c5441006596e0d82a052ada458bde7290f8b65 cfab83277593f0a2fb65986db8e72513f96b102e972d613ead5a7449db07e82c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=112562
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:14 GMT
Etag: "63d2bd1c-118"
Expires: Sat, 28 Jan 2023 17:49:16 GMT
Last-Modified: Thu, 26 Jan 2023 17:49:16 GMT
Server: nginx
Content-Length: 280
|
|
| apidata.info/js | 172.67.149.37 | 200 OK | 532 B |
IP172.67.149.37:0
File typeASCII text, with very long lines (814), with no line terminators Hash675b82fe16209cfa83789a8a03cf01fa 77f24bf04b9aceb3c3c7f3b045a25fcdba99f76f 571e202fc828fbd7d4dec4e59d4cc8c6489ee25f64e06b30e9ff5cc12bc5c133
GET /js HTTP/1.1
Host: apidata.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:15 GMT
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-max-age: 3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wjG1tNXtkGm2mPAIW%2BMrq%2F%2B0iL%2B%2BIfQwm%2B%2FPW%2BNiIhfiFKPBgz31PbpQYyTqHJUlbGBayDALJZqkeglK01cH%2BUwWJ7qykX8JzzeTuDgZA%2FgQ47an9ECX9R0HziRGGK0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cflb=02DiuGQ4mUqJj6izyopp8yhqksk2Kbwnv8JggEteGYgVA; SameSite=Lax; path=/; expires=Sat, 28-Jan-23 09:33:15 GMT; HttpOnly
server: cloudflare
cf-ray: 7900d43c7ddab517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 52.89.193.125 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.89.193.125:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ni7KO7L6MKsgL5tqmQ2tiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hVMLh9xPervyo8t6n4qI2PBSEUA=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashab1f619b339f20e3cf015bbd0852bfc4 fe6276a4b15d53fa73c9f3d10917f7b5f7f78a3e a76a0883d555c365d4f52b7445fd0c051512d0a920c065e265cf0e59c8370498
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A76A0883D555C365D4F52B7445FD0C051512D0A920C065E265CF0E59C8370498"
Last-Modified: Tue, 24 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7451
Expires: Fri, 27 Jan 2023 12:37:26 GMT
Date: Fri, 27 Jan 2023 10:33:15 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashc6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 | 142.250.74.163 | 200 OK | 7.9 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:57 GMT
expires: Fri, 26 Jan 2024 10:05:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
age: 88038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/favicon.ico | 54.230.111.67 | 204 No Content | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/favicon.ico IP54.230.111.67:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 10:33:15 GMT
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -vYb2fzKuacJDwUJaGqt1r04OaBlRtVUWykVKXL6n8EpxJ3AutLyBw==
X-Firefox-Spdy: h2
|
|
| notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0 | 139.45.240.92 | 200 OK | 71 B |
URL HTTP/2notix.io/settings?appId=1004e05c0628e2395124a3dabc0d9c0 IP139.45.240.92:0
File typeJSON data\012- , ASCII text, with no line terminators Hash3750cb2e77ecf8804ef6a7645385764d 57526fa92295585d7d364a782e8b0fa99f31d926 08451bfcb6de880bd249cfd43a4c71e40c8fbc51e29d04a6629d34caeb01bba7
GET /settings?appId=1004e05c0628e2395124a3dabc0d9c0 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: application/json; charset=utf-8
content-length: 71
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/config.json | 54.230.111.67 | 200 OK | 12 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/config.json IP54.230.111.67:0
File typeJSON data\012- , ASCII text, with no line terminators Hash90040e8e63a0c0c1ee1178c7958e8568 e96c1454ae27ca16e0d1256f514a9636f1973982 602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/empty/config.json HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 12
server: nginx
date: Fri, 27 Jan 2023 10:33:15 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
accept-ranges: bytes
etag: "63d12dda-c"
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1y-xBGCEO8MiEfctT-y24RbOc5ltDrdYrKADqxUSxTAAtXBeD3L4BA==
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.163 | 200 OK | 471 B |
IP142.250.74.163:0
Hashc6c64fc014f993e296f124e4b2f0f175 68d3e62fcd25c05d19894a28f4490cf1d04a44c1 7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 10:33:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| notix.io/event | 139.45.240.92 | 200 OK | 0 B |
IP139.45.240.92:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 | 142.250.74.163 | 200 OK | 7.8 kB |
URL HTTP/2fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 12:46:52 GMT
expires: Wed, 24 Jan 2024 12:46:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
age: 251183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/productdetailer/images/deliver.png | 54.230.111.67 | 200 OK | 7.4 kB |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/productdetailer/images/deliver.png IP54.230.111.67:0
File typePNG image data, 480 x 380, 8-bit/color RGBA, non-interlaced\012- data Hashad2a250d519cc9d1f873c64367e19f30 87526e47708e804239bb1a1b980aa5827d27d0f8 8c7dc7c62f2f69c766de6bc0b32c7567cfdd2a7c851df58112f5e35a5b7bf2b8
GET /templates/productdetailer/images/deliver.png HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7436
server: nginx
date: Thu, 26 Jan 2023 20:38:20 GMT
last-modified: Wed, 25 Jan 2023 13:25:47 GMT
etag: "63d12ddb-1d0c"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MqGFfw88BQ1N613QLWishCFtPbzpBjfAu9963n267Cn8dQZovFQH0Q==
age: 50095
X-Firefox-Spdy: h2
|
|
| notix.io/event | 139.45.240.92 | 200 OK | 15 B |
IP139.45.240.92:0
File typeJSON data\012- , ASCII text, with no line terminators Hash28ec1eee5f4049e3c4f2135069c1d2c8 3505519507ca1c2a089c46e100b80408ca278421 edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 63
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| notix.io/event | 139.45.240.92 | 200 OK | 15 B |
IP139.45.240.92:0
File typeJSON data\012- , ASCII text, with no line terminators Hash28ec1eee5f4049e3c4f2135069c1d2c8 3505519507ca1c2a089c46e100b80408ca278421 edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1476
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/productdetailer/images/finish-icon.png | 54.230.111.67 | 200 OK | 5.0 kB |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/productdetailer/images/finish-icon.png IP54.230.111.67:0
File typePNG image data, 100 x 129, 8-bit/color RGBA, non-interlaced\012- data Hash2121da2d746f6e56175be9e4bc441775 b972d65b5a7e05a100dad1c45ffb800627bc4e3a 6137553a8a5a7f310a8a8a2e5eb3de6f6ad1257803fb1156e4dee18f38cb7bc1
GET /templates/productdetailer/images/finish-icon.png HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5031
server: nginx
date: Thu, 26 Jan 2023 19:30:56 GMT
last-modified: Wed, 25 Jan 2023 13:25:47 GMT
etag: "63d12ddb-13a7"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0l7BRZXNB9fts2YReu5APxKwh3YZ49rt9k3rmPKZNtE5x0Zp3KPcTQ==
age: 54139
X-Firefox-Spdy: h2
|
|
| notix.io/event | 139.45.240.92 | 200 OK | 15 B |
IP139.45.240.92:0
File typeJSON data\012- , ASCII text, with no line terminators Hash28ec1eee5f4049e3c4f2135069c1d2c8 3505519507ca1c2a089c46e100b80408ca278421 edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 118
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| notix.io/event | 139.45.240.92 | 200 OK | 15 B |
IP139.45.240.92:0
File typeJSON data\012- , ASCII text, with no line terminators Hash28ec1eee5f4049e3c4f2135069c1d2c8 3505519507ca1c2a089c46e100b80408ca278421 edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
POST /event HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 127
Origin: https://uk-newphone22win.lp.ohyousweeps.com
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 10:33:10 GMT
content-type: application/json; charset=utf-8
content-length: 15
access-control-allow-origin: https://uk-newphone22win.lp.ohyousweeps.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash0472b6f6b492eafd671db224afad4ccb 86035e6bf5d78be3785795015b5de180163b97ee 344b79cf866972ea31c55e480e362872e618224c45bf8a6b76bfba6a4b2e2017
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 10:33:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 31 Jan 2023 08:15:40 GMT
ETag: "86035e6bf5d78be3785795015b5de180163b97ee"
Last-Modified: Fri, 27 Jan 2023 08:15:41 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7900d43e5d93b500-OSL
|
|
| uk-newphone22win.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_GB.html | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_GB.html IP54.230.111.67:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
HEAD /directives/teaser-interest-questions/empty/en_GB.html HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 27 Jan 2023 10:33:15 GMT
last-modified: Wed, 25 Jan 2023 13:25:45 GMT
content-encoding: br
etag: W/"63d12dd9-f70"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7PZptNocbcSwI41_OiqrkEEoLbTWbRMTu-FgPf3pXvH_KP1JghYaZg==
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/images/logos/yousweeps_logo_bw.png | 54.230.111.67 | 200 OK | 75 kB |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/images/logos/yousweeps_logo_bw.png IP54.230.111.67:0
File typePNG image data, 1603 x 333, 8-bit/color RGBA, non-interlaced\012- data Hash2c7b82f2cd27db285b0af5de5c7dd1a0 f87526a75d21e0ee5394c6ea51f86cc9707b37f9 d0e423a53ff4fdc166a86dc2f409684ed5529cb951216657df7b90fc4f42723f
GET /images/logos/yousweeps_logo_bw.png HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 74905
server: nginx
date: Thu, 26 Jan 2023 13:31:44 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: "63d12dda-12499"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _evQ3rRx_qZm-fHizNbWJT3oUXmpEZ8oZcvuLJ3RKDcC9zUbQkrXIQ==
age: 75691
X-Firefox-Spdy: h2
|
|
| rdroot.com/p.ashx?o=&e=1019&t=&r= | 52.210.117.3 | 200 OK | 2 B |
URL HTTP/1.1rdroot.com/p.ashx?o=&e=1019&t=&r= IP52.210.117.3:0
File typeASCII text, with no line terminators Hash227dc251e1411f6b6fffcd1c30486f4d 8c71b835789865c9f242316c7ebbdc25cea35b2d 6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
GET /p.ashx?o=&e=1019&t=&r= HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Fri, 27 Jan 2023 10:33:15 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
|
|
| im.d-promo.com/upload/1561383747_yellow-banner-en.png | 188.114.96.1 | 200 OK | 18 kB |
URL HTTP/2im.d-promo.com/upload/1561383747_yellow-banner-en.png IP188.114.96.1:0
File typePNG image data, 390 x 202, 8-bit/color RGBA, non-interlaced\012- data Hash066aef31568da98155418415a9f0fba8 31f9c23162109c2746ebc6669483eb9ec849dec3 6346556c46447018f7c3e32f9e0ee261fa5d524d60872441796a3b7f3707b1f6
GET /upload/1561383747_yellow-banner-en.png HTTP/1.1
Host: im.d-promo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:15 GMT
content-type: image/png
content-length: 17965
last-modified: Mon, 24 Jun 2019 13:42:27 GMT
etag: "5d10d343-462d"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA5c4GQAzR6V7oPAi8VGYgjVfHiJEky27KwzyOr8pm1DCoLYJr1jVX91DTxA1qVxmqByuwYQXhlUPPTgosPVoS60TGYrTS46iEs%2BRJbtjnO4QIhhnE3JdCdUJB1ofb5SdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7900d441baf7b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 10:33:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 10:33:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 10:33:16 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2572
Expires: Fri, 27 Jan 2023 11:16:08 GMT
Date: Fri, 27 Jan 2023 10:33:16 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc02c23-d6b7-4540-bebd-59cf20f191e3.jpeg | 34.120.237.76 | 200 OK | 5.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc02c23-d6b7-4540-bebd-59cf20f191e3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5b31e73071ee6af880d3939c698c0514 1ac5ee7d1398eb29a9484a1154b0c96556bb6bf4 bc5520882250fc495f2da3c114f83b8f690dc6d8dc67ac759a183c88581fb967
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bc02c23-d6b7-4540-bebd-59cf20f191e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5378
x-amzn-requestid: 907321d1-ba63-4c67-9e20-605a090da987
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxDHH_IAMFXxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a006-4cc2e9550d0b6b504bd09899;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EsKE5lHMRa9uiqkdhhiJyaDfr0rH9waQeKtbdoYpsHUR4Ywo0TxweQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:24:12 GMT
age: 58144
etag: "1ac5ee7d1398eb29a9484a1154b0c96556bb6bf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5e7158416f60576804ccff03307319fe a342f94625e913fa6b8d862a59979f1e3ad80dd1 5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 64901
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha85badd84c0542610b94f22c4f265511 5b490095b5e02d9fef4b762888353998b645dfc9 23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 13clEFrwHH0RFfYGMW5jPHcaa3ezdkHAes8FPn6yA5-pxqRaddDPqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:42:19 GMT
age: 17457
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb7a0759c043594fbe85af422b59b8227 a05cfaad16078f42218dae233da38f6f5dff8487 e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 57437
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashba0a42dadf6a976df148f652e9cc1844 4d825b74865effa4a858ddcad1d0969671facc07 7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 45808
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg | 34.120.237.76 | 200 OK | 6.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash48b1ab8b3b5ef11d8f03e1fe8e1b629e 5541c3151d1bd9c36bcdb9012a00a8eb8b7201ee ad5b13fc77b03f74c5708ec7b5122673dc00190df81d32bf3a69bfdf7b0c78e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79e7a1af-509a-45ff-b555-be64fdc37799.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6458
x-amzn-requestid: ad9df8b8-80ff-46d7-bdc4-208aa9d2e215
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwqFR0oAMFm3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a004-0e1d43687a9e913828fd9056;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WOV70Arqc-bFyl9RGUHR3i2HbWphWFFxGHIbgameBz02sf3IZ11oEg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 09:46:27 GMT
age: 2809
etag: "5541c3151d1bd9c36bcdb9012a00a8eb8b7201ee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/css/vendor/pikaday.css | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/css/vendor/pikaday.css IP54.230.111.67:0
GET /css/vendor/pikaday.css HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 27 Jan 2023 10:33:15 GMT
last-modified: Wed, 25 Jan 2023 13:25:45 GMT
content-encoding: br
etag: W/"63d12dd9-1144"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XDWpORFA6p-yaWrwB4_6_6YHsn5lMzC-L7g3YENwSLvv1hhIDtNspQ==
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_GB.html | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/directives/teaser-interest-questions/empty/en_GB.html IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /directives/teaser-interest-questions/empty/en_GB.html HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
last-modified: Wed, 25 Jan 2023 13:25:45 GMT
content-encoding: br
date: Fri, 27 Jan 2023 10:33:15 GMT
etag: W/"63d12dd9-f70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 179uc8xMCyxwZna-0y7lhd8d_gD2HykkIXGHj-JRk0SIv0uu8TrMFA==
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/ | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/ IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 26 Jan 2023 15:36:58 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E0oN0dyY2iLFnnN0I04UfBmZ25X9zMzMi6WKkFUUeXlzOXosUuv-DQ==
age: 68176
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/js/flowpage.min.js?rel=1674653020440 | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/js/flowpage.min.js?rel=1674653020440 IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/flowpage.min.js?rel=1674653020440 HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 26 Jan 2023 15:36:58 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: W/"63d12dda-cd0ad"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zJ6P3aE4Dj9m0MrHRnjPDEQL3IYTACy5v6V0InKKGX0XwEBALo7KUQ==
age: 68176
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css IP104.18.10.207:0
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 22925931
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7900d43addfc0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/css/template.css | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/css/template.css IP54.230.111.67:0
GET /templates/empty/css/template.css HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 26 Jan 2023 19:30:56 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: W/"63d12dda-3abf"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y5RpO7T7xFhBKTUU5JVD6p32lfSeEiolSGZbVv2wj5OBo_3sGudOUw==
age: 54139
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/teaser-web.html | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/teaser-web.html IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/empty/teaser-web.html HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 26 Jan 2023 13:31:45 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: W/"63d12dda-8b7"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yfa2oOhxdaO-50nznABXdSToTZWV6kFi43VwAhN5jFpyHItiMkHKdw==
age: 75690
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/surfeyo_2/css/animate.css | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/surfeyo_2/css/animate.css IP54.230.111.67:0
GET /templates/surfeyo_2/css/animate.css HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 26 Jan 2023 19:30:56 GMT
last-modified: Wed, 25 Jan 2023 13:25:47 GMT
etag: W/"63d12ddb-1252b"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: btquLJCC2HX471MDcpkTQBZF513BmPDWiJ3n0xomjWXI0F5c93pqgA==
age: 54139
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_3%7D%7D | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_3%7D%7D IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /%7B%7Bcms.image_3%7D%7D HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 26 Jan 2023 15:36:59 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QXV1NN3sNIssOZIv69_3G1-RvcczJaj8v5bAoeDuhdCAvGItUTRH2g==
age: 68176
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/css/animations.css | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/css/animations.css IP54.230.111.67:0
GET /css/animations.css HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 27 Jan 2023 00:56:02 GMT
last-modified: Wed, 25 Jan 2023 13:25:45 GMT
etag: W/"63d12dd9-1642"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DKI5SQwxvFwTeyL_zrH-ID4xsfbFp_Yyt0qcDQ_TIqz2Lw1Pz9owpw==
age: 34633
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/preload-web.html | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/preload-web.html IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/empty/preload-web.html HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 26 Jan 2023 13:31:44 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: W/"63d12dda-1456"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vR_ODiWTIg55XiDhW572umeEz_4Z03xuuG9-7bq8HlQXvk1xpfOqSQ==
age: 75691
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_2%7D%7D | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_2%7D%7D IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /%7B%7Bcms.image_2%7D%7D HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 26 Jan 2023 13:31:44 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GI2UIvUn_-ciffaP170uGZ55nfBYe5rRmkC8Sj1jGnLxLYhf0xge4A==
age: 75691
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/page-header-web.html | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/page-header-web.html IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /templates/empty/page-header-web.html HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 26 Jan 2023 13:31:44 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
etag: W/"63d12dda-89f"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U54tmjzANeJJOXC5GK39fKqOb-7pW4kaSvIqWfNwlVlloPi1BF4cfg==
age: 75691
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_4%7D%7D | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/%7B%7Bcms.image_4%7D%7D IP54.230.111.67:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /%7B%7Bcms.image_4%7D%7D HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 26 Jan 2023 13:31:44 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gX1FlCmmTrMe23ZUtZjmdkxylGn-lTEfq0E_4yugKvdXwjXmcTlNoA==
age: 75691
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js | 104.18.10.207 | 200 OK | 0 B |
URL HTTP/2maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js IP104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 10:33:14 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20265079
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7900d43ade070b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Poppins:400,700&display=swap | 142.250.74.74 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Poppins:400,700&display=swap IP142.250.74.74:0
GET /css?family=Poppins:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 10:33:15 GMT
date: Fri, 27 Jan 2023 10:33:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| uk-newphone22win.lp.ohyousweeps.com/templates/empty/css/teaser.css | 54.230.111.67 | 200 OK | 0 B |
URL HTTP/2uk-newphone22win.lp.ohyousweeps.com/templates/empty/css/teaser.css IP54.230.111.67:0
GET /templates/empty/css/teaser.css HTTP/1.1
Host: uk-newphone22win.lp.ohyousweeps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uk-newphone22win.lp.ohyousweeps.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 27 Jan 2023 10:33:15 GMT
last-modified: Wed, 25 Jan 2023 13:25:46 GMT
content-encoding: br
etag: W/"63d12dda-513"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3JjT_gxAU47n1oZD16_JdhP_j1l36YiIm3qKBLkK4zuLNlHEk8GZhA==
X-Firefox-Spdy: h2
|
|