r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7873
Expires: Sun, 04 Dec 2022 01:33:53 GMT
Date: Sat, 03 Dec 2022 23:22:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9520
Expires: Sun, 04 Dec 2022 02:01:20 GMT
Date: Sat, 03 Dec 2022 23:22:40 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4237
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:40 GMT
Last-Modified: Sat, 03 Dec 2022 22:12:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.rogeraccess.com/1us/
200 OK 193 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7e50aa67db64f1e53d11185c8159bdad
56174e3552d194ce93c5a92b59fa7172138aab1e
aa333f2c95bf16239949fcbedc926133883796682cab41141a92783820fb7420
Analyzer Verdict Alert openphish Rogers Wireless
fortinet Phishing
GET /1us/ HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Last-Modified: Wed, 09 Nov 2022 03:43:26 GMT
ETag: "f6-5ed01758fce45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 193
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: C2XNSHj0pJTSFzOg8EmRHC7pbTEND5LNPwaQdfnROXRz6Ogv8KRk171ZW/lp0pu91Kfh5DYecEY=
x-amz-request-id: CKSWQTC4Y4BVWFZQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 22:47:18 GMT
age: 2122
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 23:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 160
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:22:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.rogeraccess.com/1us/rn.html
200 OK 9.3 kB URL HTTP/1.1 www.rogeraccess.com/1us/rn.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13716)
Hash 457cbce42ac1957375c74dd407fe64f9
166ca214403c780f90cb97077594f56ff13522a0
9b96582e6a8e4665a649069c2e822a9912218d088fad6bc90446d3c254346de5
Analyzer Verdict Alert fortinet Phishing
GET /1us/rn.html HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "7876-5c667fcf264e1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9281
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 03 Dec 2022 23:22:40 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rogeraccess.com/pro.fontawesome.com/releases/v5.0.12/css/all.css
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/pro.fontawesome.com/releases/v5.0.12/css/all.css
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /pro.fontawesome.com/releases/v5.0.12/css/all.css HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 822
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.rogeraccess.com/cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.rogeraccess.com/assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.rogeraccess.com/1us/scripts/bs-stepper.min.js
200 OK 1.6 kB URL HTTP/1.1 www.rogeraccess.com/1us/scripts/bs-stepper.min.js
IP
File type ASCII text, with very long lines (4407)
Hash 1208a68782a109145ce651db4b19f79f
7ba9afbbff675132d15e71c4cf76c5030af2ef64
27245603cddb7f4b6083c3573ba9e142caae573f35552cfd17eff1820ce32010
Analyzer Verdict Alert fortinet Phishing
GET /1us/scripts/bs-stepper.min.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "1232-5c667fcf143c1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1566
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.rogeraccess.com/1us/scripts/main.js
200 OK 354 B URL HTTP/1.1 www.rogeraccess.com/1us/scripts/main.js
IP
Hash f3ecda603706a6224f49ab96f872bd03
8e77bfabafbe79015a7ef3c553b4af42ed48f188
20517385431124a025df005c2bc404a1fbb0f9191a411dded86d9f194ebf72c3
Analyzer Verdict Alert fortinet Phishing
GET /1us/scripts/main.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "3cb-5c667fcf155ec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 354
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.rogeraccess.com/static.ada.support/embed.js
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/static.ada.support/embed.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static.ada.support/embed.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.rogeraccess.com/1us/packs/css/styles-152f439c.css
200 OK 42 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/css/styles-152f439c.css
IP
File type ASCII text, with very long lines (57377)
Hash 233a291a88dfac47789a2fa3b2979cb2
eade380ba8673be95a89f559039efdb4491e8113
1b2e713f5f91ae120f063365ac9a1f10e149534b1fdb1b6dad71d994c3c0f615
GET /1us/packs/css/styles-152f439c.css HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:40 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "43b55-5c667fcf0fd64-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 42331
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rogeraccess.com/1us/packs/js/application-475260d6758b5a3d8d28.js
200 OK 119 B URL HTTP/1.1 www.rogeraccess.com/1us/packs/js/application-475260d6758b5a3d8d28.js
IP
Hash 8523678b3bad5e28700ad48ce1a566e8
bdb14a1bb5802ce03976fbdbba49456906a2f11c
a8d12babb4b1a7400f5b8ba395f710b70196cc454b14696dafafe9b814788c7a
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/js/application-475260d6758b5a3d8d28.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "85-5c667fcf0d63c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 119
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ds-aksb-a.akamaihd.net/aksb.min.js
200 OK 4.8 kB URL HTTP/1.1 ds-aksb-a.akamaihd.net/aksb.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12701)
Hash 37505e5b44940d657c7408460a2f9c67
f8e35c7e66a154af7733a4a595893358c45f3277
97ba0a5b5349be13fd45a440f3e7c8246178d24936702404a268941fb4d14d46
GET /aksb.min.js HTTP/1.1
Host: ds-aksb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/
HTTP/1.1 200 OK
Server: Apache
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4826
Timing-Allow-Origin: *
Unused62: 8096267
Cache-Control: max-age=43200
Date: Sat, 03 Dec 2022 23:22:41 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4234
Cache-Control: max-age=125684
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:17:25 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rogeraccess.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 22:54:50 GMT
expires: Sat, 03 Dec 2022 23:54:50 GMT
cache-control: public, max-age=3600
age: 1671
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
4903302.fls.doubleclick.net/activityi;src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94?
200 OK 235 B URL HTTP/2 4903302.fls.doubleclick.net/activityi;src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (475), with no line terminators
Hash 0a1fed16074c2e3c5417069bc81857ab
fc38a16d5a039a17ce41e9cd107eb5e284f9b75b
30c5d1a7b371be62b5119a0cfbb5bf5f831e7d0aced8f58c0149521c4accce49
GET /activityi;src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94? HTTP/1.1
Host: 4903302.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rogeraccess.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 235
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 23:37:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rogeraccess.com/www.googletagmanager.com/gtm5445.html?id=GTM-NS63QF
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/www.googletagmanager.com/gtm5445.html?id=GTM-NS63QF
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /www.googletagmanager.com/gtm5445.html?id=GTM-NS63QF HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.rogeraccess.com/1us/assets/cards_iso_shadow_ccb.en-9a0c4ccec849c703bdbbca3ef6c84bba0ac26c253c2f79d1958420f49515c581.png
200 OK 35 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/cards_iso_shadow_ccb.en-9a0c4ccec849c703bdbbca3ef6c84bba0ac26c253c2f79d1958420f49515c581.png
IP
File type PNG image data, 643 x 457, 8-bit colormap, non-interlaced\012- data
Hash 2ffd49c39f173061474ce76df7426649
52b414cc40c016646f0cd9e6f07b1362fb677a0a
9a0c4ccec849c703bdbbca3ef6c84bba0ac26c253c2f79d1958420f49515c581
GET /1us/assets/cards_iso_shadow_ccb.en-9a0c4ccec849c703bdbbca3ef6c84bba0ac26c253c2f79d1958420f49515c581.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "8741-5c667fce297ea"
Accept-Ranges: bytes
Content-Length: 34625
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/
200 OK 234 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (474), with no line terminators
Hash 52d634da55eb19b5332a9d7f687e691e
ab76ea5b3c4eba74264cbb836a76eab43164f061
50f1efa0600da0e7f23461b83dc7e586fbea157cd7aad112508f57c34742ce0e
GET /ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rogeraccess.com/1us/assets/cards_iso_shadow_rcb.en-3ee0ba7934e9929869455eb3c0cc9fd688082e3e21c69d81c5136678c4788baf.png
200 OK 73 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/cards_iso_shadow_rcb.en-3ee0ba7934e9929869455eb3c0cc9fd688082e3e21c69d81c5136678c4788baf.png
IP
File type PNG image data, 643 x 457, 8-bit colormap, non-interlaced\012- data
Hash ee4601cf436515be69ce195de298078f
fa47b3b8d0a456aa29ba506fa67767eb98437dc3
3ee0ba7934e9929869455eb3c0cc9fd688082e3e21c69d81c5136678c4788baf
GET /1us/assets/cards_iso_shadow_rcb.en-3ee0ba7934e9929869455eb3c0cc9fd688082e3e21c69d81c5136678c4788baf.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "11bcc-5c667fce699e4"
Accept-Ranges: bytes
Content-Length: 72652
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/cards_iso_shadow_wen.en-9d1a9e39263a80e21d72edb9eefff529c47d291ccd5977a6424a62cdb2ef0246.png
200 OK 59 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/cards_iso_shadow_wen.en-9d1a9e39263a80e21d72edb9eefff529c47d291ccd5977a6424a62cdb2ef0246.png
IP
File type PNG image data, 645 x 457, 8-bit colormap, non-interlaced\012- data
Hash aceb17564ed9a4b0fe02c66ef6aa8471
c1393fbddbfa70cd4e0a48bf1a8dddea08cca858
9d1a9e39263a80e21d72edb9eefff529c47d291ccd5977a6424a62cdb2ef0246
GET /1us/assets/cards_iso_shadow_wen.en-9d1a9e39263a80e21d72edb9eefff529c47d291ccd5977a6424a62cdb2ef0246.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "e55b-5c667fce5e5eb"
Accept-Ranges: bytes
Content-Length: 58715
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/cards_iso_shadow_fcb.en-919448feaa69309e41add2e77180b1ebd3cafc859c9cda62c5710c6b33445c82.png
200 OK 62 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/cards_iso_shadow_fcb.en-919448feaa69309e41add2e77180b1ebd3cafc859c9cda62c5710c6b33445c82.png
IP
File type PNG image data, 643 x 457, 8-bit colormap, non-interlaced\012- data
Hash 340f8c627258ec676ae2a04f9e7ac1b2
13b6a516276da5b2482e0f8e572472e47d491176
919448feaa69309e41add2e77180b1ebd3cafc859c9cda62c5710c6b33445c82
GET /1us/assets/cards_iso_shadow_fcb.en-919448feaa69309e41add2e77180b1ebd3cafc859c9cda62c5710c6b33445c82.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "f378-5c667fce4db54"
Accept-Ranges: bytes
Content-Length: 62328
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /assets.adobedtm.com/launch-EN5809f8b6e4e643c485a225665431a7ef.min.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/
302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://4903302.fls.doubleclick.net/ddm/fls/r/src=4903302;type=rgbank16;cat=roger0;u2=[ReferrerCode];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5141307486973.94;~oref=http://www.rogeraccess.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rogeraccess.com/s.swiftypecdn.com/install/v2/st.js
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/s.swiftypecdn.com/install/v2/st.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /s.swiftypecdn.com/install/v2/st.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rogeraccess.com/static.ada.support/embed.js
404 Not Found 315 B URL HTTP/1.1 www.rogeraccess.com/static.ada.support/embed.js
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /static.ada.support/embed.js HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 404 Not Found
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.rogeraccess.com/1us/assets/mobile_wallet_apple_3.en-a3612f92a881db48f42b7eeaccfabd50bd5dd87747cb37cf3a3405c55e7479fb.png
200 OK 421 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/mobile_wallet_apple_3.en-a3612f92a881db48f42b7eeaccfabd50bd5dd87747cb37cf3a3405c55e7479fb.png
IP
File type PNG image data, 786 x 928, 8-bit/color RGBA, non-interlaced\012- data
Size 421 kB (420639 bytes)
Hash f01d2e1cd7a1c2b7b3d254e18d9e90f7
6ce580e90d60cad14c98db56d94b7f2d6a6d72fe
baa11fa4c85128afe81641224fed53946e43172c9eb7392f7a6a8863c40be3cb
GET /1us/assets/mobile_wallet_apple_3.en-a3612f92a881db48f42b7eeaccfabd50bd5dd87747cb37cf3a3405c55e7479fb.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "66b1f-5c667fce4a0e8"
Accept-Ranges: bytes
Content-Length: 420639
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/packs/media/fonts/TedNext-Regular-ac8d5ec1.woff2
200 OK 25 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-Regular-ac8d5ec1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25156, version 1.655\012- data
Hash ac8d5ec1f0a41cb511561c70d2169fa6
b6932384974f1d412654c45f9ee8b491d0a62f88
c801ddc58ed09beffc103928317b2c3f75995f9f41938819187045c5c7d4f17a
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-Regular-ac8d5ec1.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "6244-5c667fcefa9ed"
Accept-Ranges: bytes
Content-Length: 25156
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
www.rogeraccess.com/1us/packs/media/fonts/TedNext-Bold-6cf85975.woff2
200 OK 25 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-Bold-6cf85975.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24676, version 1.655\012- data
Hash 6cf859750a14f0bb3b1b126d8b6e05f0
f246f65fddc741249973d50697c2b4a164dc673d
a1826aad5d3216af86c942a43656babd05972a49a28946af44d3607b02503ed0
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-Bold-6cf85975.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "6064-5c667fcef956a"
Accept-Ranges: bytes
Content-Length: 24676
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4bd6e9dbab52574ed6a57755850845d3
2023796487837093cbb74915bccf4c01af0d1082
e5cda570ffc3b87673a243cd6a3dbe293e749c379e11584a4eca633e884cb1b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Dec 2022 23:22:41 GMT
expires: Sat, 03 Dec 2022 23:22:41 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rogeraccess.com/1us/packs/media/fonts/TedNext-Italic-188bd977.woff2
200 OK 24 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-Italic-188bd977.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23632, version 1.655\012- data
Hash 188bd9779d978cd5517901101d6e33e9
4b84875560030da3e3d29ad3c958047ccbe98dff
4628899fc31ccd21d78386b1f7e6286d1cedf9c0eba9ec3b1fa8e56e94317062
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-Italic-188bd977.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "5c50-5c667fcef82d0"
Accept-Ranges: bytes
Content-Length: 23632
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Last-Modified: Sat, 03 Dec 2022 22:33:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.rogeraccess.com/1us/packs/media/fonts/TedNext-Semibold-55da51f0.woff2
200 OK 25 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-Semibold-55da51f0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24876, version 1.655\012- data
Hash 55da51f0e682b27b3f44846b642abb19
88b036fedeef1e14d8073cd72d9bc86ce3799a41
09d6124a602eef231dbbc3b1b509a21d1ebb2d16521b7c0a2a75dd3196621069
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-Semibold-55da51f0.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "612c-5c667fcf07486"
Accept-Ranges: bytes
Content-Length: 24876
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
www.rogeraccess.com/1us/packs/media/fonts/TedNext-SemiBoldItalic-78a81cad.woff2
200 OK 24 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-SemiBoldItalic-78a81cad.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23496, version 1.655\012- data
Hash 78a81cada223e337da080fa90dbeaf59
9822cfcd016a12066cdc516a4af490889d1ea3ee
77e0a5c3bb53b256a23bd3aec4679f0effc86dc7dc3f0a44d93a2a08dab521e2
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-SemiBoldItalic-78a81cad.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "5bc8-5c667fcef5bd4"
Accept-Ranges: bytes
Content-Length: 23496
Vary: User-Agent
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
www.rogeraccess.com/1us/packs/media/fonts/TedNext-Light-af4a3e4f.woff2
200 OK 25 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/TedNext-Light-af4a3e4f.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 24824, version 1.655\012- data
Hash af4a3e4fe905fda9b93664558dbdc942
152d71e2d316c0f13e50325c60e5263c0a6cd751
e503115e2d44d9775151f7242e9037ae3baacc4d14374b9842b76b88a3aa4678
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/TedNext-Light-af4a3e4f.woff2 HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "60f8-5c667fcef6485"
Accept-Ranges: bytes
Content-Length: 24824
Vary: User-Agent
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
www.rogeraccess.com/1us/assets/logo%402x_white.en-44b9cd42ac44437878162eb1a16c06b8fb042652e0d344480b7c9fd7dd7141f8.png
200 OK 8.4 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/logo%402x_white.en-44b9cd42ac44437878162eb1a16c06b8fb042652e0d344480b7c9fd7dd7141f8.png
IP
File type PNG image data, 801 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 92e20a854d7dfb8ec12f94fa244088a6
def2eeef8c3732558208bbebfb70fb06499b7e89
44b9cd42ac44437878162eb1a16c06b8fb042652e0d344480b7c9fd7dd7141f8
GET /1us/assets/logo%402x_white.en-44b9cd42ac44437878162eb1a16c06b8fb042652e0d344480b7c9fd7dd7141f8.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "20d2-5c667fce2a0c3"
Accept-Ranges: bytes
Content-Length: 8402
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
googleads.g.doubleclick.net/pagead/viewthroughconversion/950740824/?random=1670109759369&cv=9&fst=1670109759369&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/950740824/?random=1670109759369&cv=9&fst=1670109759369&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2666), with no line terminators
Hash b00d26a6c4db389ebbddf5f10b8efe66
dde7715011e3acd0e0533db7cff4503e40bb2e5a
505ee158c1794db3b6859979d28db70877a77ff4957c50355ed6fd24554c1e40
GET /pagead/viewthroughconversion/950740824/?random=1670109759369&cv=9&fst=1670109759369&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1108
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 23:37:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4H8JvkI7g3CUqK+5OV2ayA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eAD1gwKkiJ4hKbAmE00PdgV60ZY=
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: DblL3jYDJrVxuuLvDmOK0njKm6jXGqy1MuZLJKaVebRIhrv44amxL6xsBxb6Prprs0Y2lyDwUTahnvsta4M6/A==
content-length: 27340
x-fb-trip-id: 1679558926
date: Sat, 03 Dec 2022 23:22:41 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Last-Modified: Sat, 03 Dec 2022 22:33:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/950740824/?random=1670109759369&cv=9&fst=1670108400000&num=1&label=r47eCJWukV0Q2M6sxQM&guid=ON&eid=375603260&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=2&url=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&ref=https%3A%2F%2Fadservice.google.com%2F&fmt=3&is_vtc=1&random=3907461328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 23:22:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rogeraccess.com/1us/assets/app-store-badge.en-3339da7105e5e0df009f4a95ae7127605398ade8746b1490158e761e0ce8dc4e.png
200 OK 8.4 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/app-store-badge.en-3339da7105e5e0df009f4a95ae7127605398ade8746b1490158e761e0ce8dc4e.png
IP
File type PNG image data, 449 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash f4009e479d8f035ddc929db84f1348aa
aa2af4240efb4a3335642ace96404ba1a9c8cdcc
3339da7105e5e0df009f4a95ae7127605398ade8746b1490158e761e0ce8dc4e
GET /1us/assets/app-store-badge.en-3339da7105e5e0df009f4a95ae7127605398ade8746b1490158e761e0ce8dc4e.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "20ff-5c667fce24059"
Accept-Ranges: bytes
Content-Length: 8447
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/google-play-badge.en-f97b3be0b601da81465af3982207b83a3d7c13023554b636c8fad8eb5a50a896.png
200 OK 11 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/google-play-badge.en-f97b3be0b601da81465af3982207b83a3d7c13023554b636c8fad8eb5a50a896.png
IP
File type PNG image data, 506 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 19b632019140bed44fb1450d488e0150
92ee353747fba4c8e3f74217b21b07b05b4aecd1
f97b3be0b601da81465af3982207b83a3d7c13023554b636c8fad8eb5a50a896
GET /1us/assets/google-play-badge.en-f97b3be0b601da81465af3982207b83a3d7c13023554b636c8fad8eb5a50a896.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "2a72-5c667fce28518"
Accept-Ranges: bytes
Content-Length: 10866
Vary: User-Agent
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/rogers_logo.en-74b01caaa6a78779033c7a3182d0b436538f7d887c9c314ffa23cd6b255edbfa.png
200 OK 12 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/rogers_logo.en-74b01caaa6a78779033c7a3182d0b436538f7d887c9c314ffa23cd6b255edbfa.png
IP
File type PNG image data, 298 x 56, 8-bit/color RGBA, interlaced\012- data
Hash f2a4264451a139b7a367a87a4b6aaafd
1bf32cb55e3c187c95a81ad072d33de4256b8b0f
74b01caaa6a78779033c7a3182d0b436538f7d887c9c314ffa23cd6b255edbfa
GET /1us/assets/rogers_logo.en-74b01caaa6a78779033c7a3182d0b436538f7d887c9c314ffa23cd6b255edbfa.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "2e76-5c667fce3a226"
Accept-Ranges: bytes
Content-Length: 11894
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/packs/media/fonts/rui-icon-5c9d2114.woff
200 OK 159 kB URL HTTP/1.1 www.rogeraccess.com/1us/packs/media/fonts/rui-icon-5c9d2114.woff
IP
File type Web Open Font Format, TrueType, length 159348, version 1.0\012- data
Size 159 kB (159348 bytes)
Hash 5c9d21142a9ce0ce4c556494304d52b6
4f1e3b3b9097645fda67bb69aac92b6db8b613ce
a3f5864a2b558d99cb29633c0da11f18b578860ffa679a3980c0a99fcb490ff2
Analyzer Verdict Alert fortinet Phishing
GET /1us/packs/media/fonts/rui-icon-5c9d2114.woff HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/packs/css/styles-152f439c.css
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:11 GMT
ETag: "26e74-5c667fcf08416"
Accept-Ranges: bytes
Content-Length: 159348
Vary: User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
www.rogeraccess.com/1us/assets/cards_iso_stack.en-64069ae7fdcee99d7517da9f1838ba30c817baff6ce37bdac106aef19c7513e6.png
200 OK 108 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/cards_iso_stack.en-64069ae7fdcee99d7517da9f1838ba30c817baff6ce37bdac106aef19c7513e6.png
IP
File type PNG image data, 644 x 741, 8-bit colormap, non-interlaced\012- data
Size 108 kB (107867 bytes)
Hash 310132d996cc3dcc7322ce0e7bb04f91
961e38e29b352b92401d48eaf2855dcb55006a16
64069ae7fdcee99d7517da9f1838ba30c817baff6ce37bdac106aef19c7513e6
GET /1us/assets/cards_iso_stack.en-64069ae7fdcee99d7517da9f1838ba30c817baff6ce37bdac106aef19c7513e6.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "1a55b-5c667fce87f2a"
Accept-Ranges: bytes
Content-Length: 107867
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/AdobeStock_302955003-5f4853c1338a8d449e28a4408b4f03cf91a44fd50f43540fa62cc1dbf8395fdf.png
200 OK 408 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/AdobeStock_302955003-5f4853c1338a8d449e28a4408b4f03cf91a44fd50f43540fa62cc1dbf8395fdf.png
IP
File type PNG image data, 1160 x 672, 8-bit/color RGBA, interlaced\012- data
Size 408 kB (407465 bytes)
Hash 05a8b1e29635d26b1bf7df66a44fea8f
48087da1aed7f2456638b7d32a78d5888e1e0c08
5f4853c1338a8d449e28a4408b4f03cf91a44fd50f43540fa62cc1dbf8395fdf
GET /1us/assets/AdobeStock_302955003-5f4853c1338a8d449e28a4408b4f03cf91a44fd50f43540fa62cc1dbf8395fdf.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "637a9-5c667fce3ded8"
Accept-Ranges: bytes
Content-Length: 407465
Vary: User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/mobile_app_hero.en-830e8deb37c90e3e619b431423fd1441ca82c0ec760dd440336574d73ebb0f8b.png
200 OK 140 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/mobile_app_hero.en-830e8deb37c90e3e619b431423fd1441ca82c0ec760dd440336574d73ebb0f8b.png
IP
File type PNG image data, 650 x 634, 8-bit/color RGBA, non-interlaced\012- data
Size 140 kB (140412 bytes)
Hash 8f32177412be0a4ee23c2ff9052aa824
ef30392b85f83aa5fc4b0afebcbe454752135821
830e8deb37c90e3e619b431423fd1441ca82c0ec760dd440336574d73ebb0f8b
GET /1us/assets/mobile_app_hero.en-830e8deb37c90e3e619b431423fd1441ca82c0ec760dd440336574d73ebb0f8b.png HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:41 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "2247c-5c667fce682ff"
Accept-Ranges: bytes
Content-Length: 140412
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.rogeraccess.com/1us/assets/favicon-cc4ff98bd8fd6adb2c4b081c87fab3ba6f7a907143efbe08d5d460d4220454a5.ico
200 OK 5.4 kB URL HTTP/1.1 www.rogeraccess.com/1us/assets/favicon-cc4ff98bd8fd6adb2c4b081c87fab3ba6f7a907143efbe08d5d460d4220454a5.ico
IP
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0362f6fe996b12664a2104487706598
9f52dcb444e779ec8631f481d627a05c448da350
cc4ff98bd8fd6adb2c4b081c87fab3ba6f7a907143efbe08d5d460d4220454a5
Analyzer Verdict Alert fortinet Phishing
GET /1us/assets/favicon-cc4ff98bd8fd6adb2c4b081c87fab3ba6f7a907143efbe08d5d460d4220454a5.ico HTTP/1.1
Host: www.rogeraccess.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/1us/rn.html
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:22:42 GMT
Server: Apache
Last-Modified: Mon, 05 Jul 2021 22:40:10 GMT
ETag: "1536-5c667fce9218b"
Accept-Ranges: bytes
Content-Length: 5430
Vary: User-Agent
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rogeraccess.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 23:05:17 GMT
expires: Sun, 03 Dec 2023 23:05:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 1045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 19:49:44 GMT
expires: Sun, 03 Dec 2023 19:49:44 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 12778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
200 OK 87 kB URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
IP
File type gzip compressed data, from Unix\012- data
Hash cea8e624c544716c0dc45358676a39ab
d318987a4b7d119b1eb594975b7a1975ea903c30
8f43b754292f1fa66cec672fd2fc7278264ffc5e25a2018873ac42063f7cfde8
GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rogeraccess.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 12:39:34 GMT
expires: Sat, 02 Dec 2023 12:39:34 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 124988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
200 OK 1.6 kB URL HTTP/2 www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_68x28dp.png
IP
File type PNG image data, 68 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a931d597decd2553aac6634b766cf2
6ec84fb4a2745b4b71520241be77db1fd1013830
f56402b127698db4b4dc611a97a6f081d04c4691c60522c5912d189e37c94a9e
GET /images/branding/googlelogo/1x/googlelogo_color_68x28dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.rogeraccess.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1597
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:47 GMT
expires: Wed, 29 Nov 2023 15:42:47 GMT
cache-control: public, max-age=31536000
age: 373195
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:22:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115
204 No Content 0 B URL HTTP/1.1 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/
HTTP/1.1 204 No Content
Content-Type: image/gif; charset=us-ascii
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Sat, 03 Dec 2022 23:22:42 GMT
Cross-Origin-Resource-Policy: cross-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-DB5fMLDbs6Mg8xgUU5qOrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
Cross-Origin-Opener-Policy: same-origin
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
www.facebook.com/tr/?id=689811861156210&ev=PageView&dl=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1670109759939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670109759509&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=689811861156210&ev=PageView&dl=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1670109759939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670109759509&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=689811861156210&ev=PageView&dl=https%3A%2F%2F4903302.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D4903302%3Btype%3Drgbank16%3Bcat%3Droger0%3Bu2%3D%5BReferrerCode%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Bord%3D5141307486973.94%3B~oref%3Dhttp%3A%2F%2Fwww.rogeraccess.com%2F&rl=https%3A%2F%2Fadservice.google.com%2F&if=true&ts=1670109759939&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&it=1670109759509&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://4903302.fls.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 23:22:42 GMT
X-Firefox-Spdy: h2
ds-aksb-a.akamaihd.net/2/912542/b?dE=0&cS=0&cE=0&rqS=59&rsS=212&rsE=212&sS=&dl=242&di=698&fp=&dlS=700&dlE=702&dc=1766&leS=1766&leE=1766&to=&ol=0&cr=345&mt=&mb=&b=257&u=http%3A//www.rogeraccess.com/1us/rn.html&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko/20100101%20Firefox/105.0&pl=Linux%20x86_64&us=&gh=92.122.54.72&t=&rid=37942d47&r=22076&akM=dsci&akN=ae&vc=14:17&bpcip=81cd7c00&akTX=1&akTI=37942d47&ai=572448&pmgn=&pmgi=&pmp=
204 No Content 0 B URL HTTP/1.1 ds-aksb-a.akamaihd.net/2/912542/b?dE=0&cS=0&cE=0&rqS=59&rsS=212&rsE=212&sS=&dl=242&di=698&fp=&dlS=700&dlE=702&dc=1766&leS=1766&leE=1766&to=&ol=0&cr=345&mt=&mb=&b=257&u=http%3A//www.rogeraccess.com/1us/rn.html&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko/20100101%20Firefox/105.0&pl=Linux%20x86_64&us=&gh=92.122.54.72&t=&rid=37942d47&r=22076&akM=dsci&akN=ae&vc=14:17&bpcip=81cd7c00&akTX=1&akTI=37942d47&ai=572448&pmgn=&pmgi=&pmp=
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2/912542/b?dE=0&cS=0&cE=0&rqS=59&rsS=212&rsE=212&sS=&dl=242&di=698&fp=&dlS=700&dlE=702&dc=1766&leS=1766&leE=1766&to=&ol=0&cr=345&mt=&mb=&b=257&u=http%3A//www.rogeraccess.com/1us/rn.html&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko/20100101%20Firefox/105.0&pl=Linux%20x86_64&us=&gh=92.122.54.72&t=&rid=37942d47&r=22076&akM=dsci&akN=ae&vc=14:17&bpcip=81cd7c00&akTX=1&akTI=37942d47&ai=572448&pmgn=&pmgi=&pmp= HTTP/1.1
Host: ds-aksb-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.rogeraccess.com/
HTTP/1.1 204 No Content
Content-Type: text/html
Content-Length: 0
Expires: Sat, 03 Dec 2022 23:22:42 GMT
Cache-Control: max-age=0, no-cache, no-store, private
Pragma: no-cache
Date: Sat, 03 Dec 2022 23:22:42 GMT
Connection: keep-alive
Timing-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 23:22:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 23:22:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 23:22:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10413
Expires: Sun, 04 Dec 2022 02:16:15 GMT
Date: Sat, 03 Dec 2022 23:22:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1a6f4805f59db44f9d3520d88701a58
6a0258e8c97ce09f1723382c8a16d9682b7dc50c
ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: b096d14d-15bf-4d18-9930-5fffe561a40b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZwuFMcoAMFbTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a337-1d3c4759652c0b314f458aa8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:03:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3jrjQkv2nL9y5cmo5g30an3DJE0wiK2ifHwkukMztymsg6nDnXWOJw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:23:19 GMT
age: 57563
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f76ad58139e6d5bf4402d442ed662f3c
0100b4fdd66d254d48395da715dfd6d760ae6cf6
1c1199744e75a69f9eedfec6ecdcc11e67b735f66fc50c8a0c2d60c40920532c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30995615-b061-49b7-a1e1-1d39f60e42a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7454
x-amzn-requestid: b8250832-ecd8-499b-b292-5110afe2cd84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltkWEMroAMFatw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2e8-6d91fc504703cdd5128e5746;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S9_U5ZapxEkMRuoSxt2YSGa3zJy7zdGlGK24yRN305GY7qkn3AdKIQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:24:09 GMT
etag: "0100b4fdd66d254d48395da715dfd6d760ae6cf6"
content-type: image/jpeg
age: 3513
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 56339
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b0065d160e7dbd17cf58f2c837b45a7
0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f
833c0a39ed1d9dcfa4a22f201d06d085e5131121810e98d5e79dd6f84e8fe436
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4782
x-amzn-requestid: 98b5d5ca-7590-4756-9b92-3fb327ecc97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsANG8koAMF_Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-546b61a82a8b952f664346b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ncXSPf1et6vSgEBmWwY_PperGXmgJGEx0hlLr0lhN6XHi0RLRr6WCA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:05 GMT
age: 5737
etag: "0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bdd9e42d71307b201929c3a38c745c6
8d3a7f830e57e936a1da8a001f3e78108b20c038
6e1063a755d64c8102867cd9b347eb83fca2c69af558f111abc46f523a8294da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4377
x-amzn-requestid: 33abcd00-02ec-47ba-9302-312453291913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb29cG53IAMFkGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d1ef-317a802f0f84d73949236b9f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:58:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: INIwoMEPSVerMpFUs9CMBKyBl-fbTfzIJMAJZOyGIDwyYHcktd4dXQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:59:12 GMT
age: 55410
etag: "8d3a7f830e57e936a1da8a001f3e78108b20c038"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69411fa7c0f94e7179c2cf84b716e427
188edc080e8a683c3fdc2968ee1e6aae114d75d2
713514c9afaa1953e3387aa1d1b6203fe6387e007f9fb5347558b77dd72425e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: 1c11b153-5494-4656-ad96-33bc541f93f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgaEAGmooAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a3b3-1984a9194065807d36f29532;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u-fwrNiMISyKCpTg9HJ8TBjWLnM_Zg2KK1xrbzDXstjKATuex_Porg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 14:50:20 GMT
age: 30742
etag: "188edc080e8a683c3fdc2968ee1e6aae114d75d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.rogeraccess.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 03 Dec 2022 23:22:40 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+762; expires=Mon, 02-Dec-2024 23:22:40 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
162.210.101.174
23.36.76.226
157.240.240.35
0.0.0.0