Report - acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011

Report Overview

Submitted URL
acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011
IP
72.14.185.43
ASN
#63949 Linode, LLC
Submitted
2023-02-07 22:21:01
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
acphoflib04.acp.net	unknown			1.4 kB	23 kB	45.56.79.23
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	68 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	216.58.211.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	95.101.11.115
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.200.178.235
www1.acp.net	unknown	2022-06-13T03:14:04Z	2023-02-07T23:20:51Z	3.6 kB	4.7 kB	13.248.148.254
orest-vlv.com	unknown	2023-01-16T11:21:19Z	2023-03-13T02:10:56Z	1.6 kB	3.9 kB	52.7.54.238
xml-v4.gipostart-2.co	unknown	2023-01-25T14:43:19Z	2023-03-12T01:39:09Z	419 B	214 B	173.239.53.32
d38psrni17bvxu.cloudfront.net	unknown	2022-09-22T18:48:38Z	2023-03-13T08:42:29Z	294 B	1.5 kB	54.230.245.22
mys.myservdir.com	unknown	2017-01-31T17:55:56Z	2023-03-13T09:51:46Z	2.1 kB	1.5 MB	95.131.137.7
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	385 B	78 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	748 B	448 B	216.239.32.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-07	medium	acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	d38psrni17bvxu.cloudfront.net/scripts/js3.js	1.1 kB	2023-03-13	2024-04-19
Pretty URL d38psrni17bvxu.cloudfront.net/scripts/js3.js IP 54.230.245.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:05:27 Last Seen2024-04-19 12:18:59 Times Seen1212 Hash a66b149a7ebc798955373415d683f32a 15ceaba8cfae8368600620ae97aa26ae7331d626 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9 Loading...

	www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0	399 B	2023-03-13	2023-03-13
Pretty URL www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash d8009f5ef248ae981cd9ecca79b06bce 51a922bfdbc799409d61be9ef1660055620d8eae 72419a6224b80002e2991df67daddf65710a438d7869d0cb2bf02462262e07ec Loading...

	orest-vlv.com/zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash 17ee7cbd2c067b9a24cff3991770625f 309a461b62cd8841119f86c236ded189a91e6542 ae3d91c59a8b1e374ea7b121ce4728a1a70c6286aec8697e9bd39236968cc103 Loading...

	www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0	390 B	2023-03-13	2023-03-13
Pretty URL www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash de322101b96d718019ccfc0d380916c7 15bc075a1dbb901c7ca5e20d02c1ba8ed00b5c17 8bcb9a3b9e276121ae6dc0d5f9e3495c07f8ef1ff4182c91c729615a0bbaadd9 Loading...

	www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0	3.1 kB	2023-03-13	2023-03-13
Pretty URL www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash b84327d5c4709a16ce0357605c26c9f5 15f2dac1c757baa36112230e03065b2614ebc98d 3a06a96a51c50bd490b16ab5b04810f50aa5b7402151d808a016e1d330faba6c Loading...

	www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0	328 B	2023-03-13	2023-03-13
Pretty URL www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0 IP 13.248.148.254 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash 9a93639002b36282822781b47103fbee b58d92e3652bc2d15eac715ee2fa8300b928f1f4 f3a47c3f28fbaaacbdb498168932cc2c9debbde79b169e0854aefab5984ba587 Loading...

	orest-vlv.com/zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	89 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 52.7.54.238 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash b1a7a2083196e82b13fd3d089b7ea996 8de3bebabae74319bbf0aae6e2e84063dceb9962 c3f22eeb9bd5840a2f61476d72416bba141dfd51e0db8a841abb494b8d6cbb08 Loading...

	mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274\|acp.net	155 B	2023-03-11	2023-03-13
Pretty URL mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274\|acp.net IP 95.131.137.7 ASN #47841 Claranet SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:25:41 Last Seen2023-03-13 19:17:22 Times Seen1 Hash 181f245b3550bcaf8651496b905526cc b6011e8ac87ce7b13fa364b5067c17bc715ef06a 9ce9fe06a1435091a2bde9620df6d024a824735db5ed35b59ba193874d587ae8 Loading...

	acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011	54 kB	2023-03-13	2023-03-14
Pretty URL acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011 IP 45.56.79.23 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:39:57 Last Seen2023-03-14 00:56:22 Times Seen1 Hash 1d630f3591d9c2ce11f499097cd5f82a 8464179972e3a7114d92bd156c8f76689dd128a6 b8108e97000cf4c92a43a01620dbc5a28d9f1033ef44f19c5c9b2f3f04e755df Loading...

	acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011	295 B	2023-03-12	2023-04-17
Pretty URL acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011 IP 45.56.79.23 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:33:38 Last Seen2023-04-17 10:54:20 Times Seen995 Hash 55d924c46ca242980c8747a74666a082 6b4b5690848f934e34660ae22e61699ca0baf731 cb76393cfbb49fafe6d4bab97eca2cdfc435132b387247d2eb972e8acb5d8803 Loading...

	acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011	576 B	2023-03-13	2023-03-13
Pretty URL acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011 IP 45.56.79.23 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash 4bc6dc82c892944b8850284565c07513 9654bd305f7187ace0960f7543ef03b6f2d4f23d b89d83ed633d33e1179684ab5b9b3e9c1a8836479bddd68c210d93ec94a90914 Loading...

	www.googletagmanager.com/gtag/js?id=G-6NGLR7XRKC	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-6NGLR7XRKC IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 19:17:22 Last Seen2023-03-13 19:17:22 Times Seen1 Hash f30fa96d7cb472307b55e7985dbd1e0f 1002eaf42659ab1c99bfe54b373863de938af331 6b55d9fed4a6ab81d1e47a639650c38f4d8a60531290f59de29ab42405087bb3 Loading...

	mys.myservdir.com/mui/bannerrrg.php?idf=1840&idf_n=1840&f=3000x250&click_url=	12 B	2023-03-08	2023-10-01
Pretty URL mys.myservdir.com/mui/bannerrrg.php?idf=1840&idf_n=1840&f=3000x250&click_url= IP 95.131.137.7 ASN #47841 Claranet SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:09 Last Seen2023-10-01 21:10:05 Times Seen93 Hash f97b8cb798a3b0d3529c5d7c20ef901a b3af74aef4621b67e4b4138388dc6cb823a55523 c5dd2d14e63a3f9444790d663aca7793c3644602f6134ebfe24fc28e06b50f53 Loading...

HTTP Transactions (39)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11476
Expires: Wed, 08 Feb 2023 01:32:06 GMT
Date: Tue, 07 Feb 2023 22:20:50 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8332
Expires: Wed, 08 Feb 2023 00:39:42 GMT
Date: Tue, 07 Feb 2023 22:20:50 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 21:36:32 GMT
content-type: application/json
age: 2658
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2841
Expires: Tue, 07 Feb 2023 23:08:11 GMT
Date: Tue, 07 Feb 2023 22:20:50 GMT
Connection: keep-alive

acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011

45.56.79.23

200 OK

22 kB

URL HTTP/1.1
acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011
IP
45.56.79.23:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (54539)
Size
22 kB (21748 bytes)
Hash
ded4ad98059e1d50ef7d54f72e2c1445
137adea23201181cf167b5ac3ecb57a66627325d
c8550b9d1fbe14719fb6c0be9c144b1a4e984eb8e8e438ed2621efa902ea3eff

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011 HTTP/1.1
Host: acphoflib04.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Tue, 07 Feb 2023 22:20:50 GMT
content-type: text/html
transfer-encoding: chunked
content-encoding: gzip
connection: close

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /H/x2S8CXOvuinP1ZyHBR4lRO/axrh8Q2vGKywm24vvNXGtGa/PGBBC5/EHflB7wdrrFhyFlsRw=
x-amz-request-id: VJK5FZMXVBXWX3X5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 21:45:43 GMT
age: 2107
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 22:20:50 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4%5B21/03/2011?gp=1&js=1&uuid=1675808450.0086221196&other_args=eyJ1cmkiOiAiLy4uLjM2NkY3RjY2QUVCNjhBMUFCNEI3RUM2MEY4OUZBQjdFMDZCQUJDNUJDM0NCNUEyNTI4MDRENDNDMUNENTdFQTQ2QjczOEI4ODNCNFsyMS8wMy8yMDExIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=

45.56.79.23

302 Found

0 B

URL HTTP/1.1
acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4%5B21/03/2011?gp=1&js=1&uuid=1675808450.0086221196&other_args=eyJ1cmkiOiAiLy4uLjM2NkY3RjY2QUVCNjhBMUFCNEI3RUM2MEY4OUZBQjdFMDZCQUJDNUJDM0NCNUEyNTI4MDRENDNDMUNENTdFQTQ2QjczOEI4ODNCNFsyMS8wMy8yMDExIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0=
IP
45.56.79.23:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4%5B21/03/2011?gp=1&js=1&uuid=1675808450.0086221196&other_args=eyJ1cmkiOiAiLy4uLjM2NkY3RjY2QUVCNjhBMUFCNEI3RUM2MEY4OUZBQjdFMDZCQUJDNUJDM0NCNUEyNTI4MDRENDNDMUNENTdFQTQ2QjczOEI4ODNCNFsyMS8wMy8yMDExIiwgImFyZ3MiOiAiIiwgInJlZmVyZXIiOiAiIiwgImFjY2VwdCI6ICJ0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44In0= HTTP/1.1
Host: acphoflib04.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://acphoflib04.acp.net/...366F7F66AEB68A1AB4B7EC60F89FAB7E06BABC5BC3CB5A252804D43C1CD57EA46B738B883B4[21/03/2011
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
server: openresty/1.13.6.1
date: Tue, 07 Feb 2023 22:20:50 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0
referrer-policy: no-referrer
x-mtm-path: 4
x-mtm-prov: 300:0.00;308:6.43
x-mtm-rd: 0.61
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJhY3Bob2ZsaWIwNC5hY3AubmV0IiwiaHR0cDovL3d3dzEuYWNwLm5ldC8_dG09MSZzdWJpZDQ9MTY3NTgwODQ1MC4wMjk1NzYwMDAwJmt3PUNlcnRpZmllZCtQdWJsaWMrQWNjb3VudGFudCtDUEEmS1cxPUNlcnRpZmllZCUyMFB1YmxpYyUyMEFjY291bnRhbnQlMjBDcGEmS1cyPVNlbGYlMjBTZXJ2aWNlJTIwQ2xpZW50JTIwUG9ydGFsJktXMz1PbmxpbmUlMjBCaWxsJTIwUGF5bWVudCUyMFByb2Nlc3NpbmclMjBDZW50ZXImS1c0PUNsaWVudCUyMEFjY291bnRpbmclMjBBbmQlMjBBZHZpc29yeSUyMFNlcnZpY2VzJktXNT1BdWRpdGluZyUyMEFuZCUyMEFzc3VyYW5jZSUyMFNlcnZpY2VzJktXNj1QZXJzb25hbCUyMFRheCUyMEFjY291bnRhbnQmS1c3PUJ1c2luZXNzJTIwVGF4JTIwQWNjb3VudGFudCZzZWFyY2hib3g9MCZkb21haW5uYW1lPTAmYmFja2ZpbGw9MCIsMSwiMjAyMy0wMi0wNyAyMjoyMDo1MCIsMSwiMTY3NTgwODQ1MC4wMjk1NzYwMDAwIiwzMDgsbnVsbCxudWxsXQ:1pPWKY:Cn8Y8CRIWCzjCf8T9Lh-hDa-fi8; expires=Tue, 07-Feb-2023 23:20:50 GMT; Max-Age=3600; Path=/
connection: close

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 21:51:19 GMT
age: 1772
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5978
Expires: Wed, 08 Feb 2023 00:00:29 GMT
Date: Tue, 07 Feb 2023 22:20:51 GMT
Connection: keep-alive

push.services.mozilla.com/

54.200.178.235

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.178.235:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +wsb5wxc0zbRKEiksi8GBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ewt2zTkLv42hIjNna+4Wv+wTq3k=

www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0

13.248.148.254

200 OK

2.8 kB

URL HTTP/1.1
www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2882)
Size
2.8 kB (2805 bytes)
Hash
04c661d02475cbc9bcd3b76c3af423dd
792905903cc368f43c977b9b7649334be20ae806
a73c36e183191d62b8d90c06780bcf4e306e620b26af5d2e26b20bb80e702919

HTTP Headers

GET /?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0 HTTP/1.1
Host: www1.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 22:20:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Buckets: bucket011
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_XpWY0OmSuNyYtehO4kJ9fB/71eYWSEjTm7v1Mq44ys18HKOnePjpBDqcjgVHnOpSLngy2AteXP4GbUhnJwFFfQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: acp.net
X-Subdomain: www1
Content-Encoding: gzip

d38psrni17bvxu.cloudfront.net/scripts/js3.js

54.230.245.22

200 OK

1.1 kB

URL HTTP/1.1
d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP
54.230.245.22:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (468)
Size
1.1 kB (1096 bytes)
Hash
a66b149a7ebc798955373415d683f32a
15ceaba8cfae8368600620ae97aa26ae7331d626
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

HTTP Headers

GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.acp.net/

HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1096
Connection: keep-alive
Server: nginx
Date: Tue, 07 Feb 2023 05:29:19 GMT
Last-Modified: Mon, 23 Jan 2023 11:12:07 GMT
Accept-Ranges: bytes
ETag: "63ce6b87-448"
X-Cache: Hit from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TyWwjurmW-19AhqIMRCpnTIRYioN-gDSOENZq3kZhIexQrjs5qbYWw==
Age: 60692

www1.acp.net/track.php?domain=acp.net&toggle=browserjs&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D

13.248.148.254

200 OK

20 B

URL HTTP/1.1
www1.acp.net/track.php?domain=acp.net&toggle=browserjs&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?domain=acp.net&toggle=browserjs&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D HTTP/1.1
Host: www1.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 22:20:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

www1.acp.net/favicon.ico

13.248.148.254

200 OK

0 B

URL HTTP/1.1
www1.acp.net/favicon.ico
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www1.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 22:20:52 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes

www1.acp.net/track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=acp.net&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2UyY2VjMzVkNGJlfHx8MTY3NTgwODQ1MS43MTM5fDQ4YWY0ZDQzMmNhNzBhMjQ1ZTFiMjE5ZDZmN2FhY2VkZjU1N2NkODZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzFPREE0TkRVd0xqQXlPVFUzTmpBd01EQWlmUT09fDFkOGYxYTkwMGU0MDllNzA0NDM3ODk2YTdjOTdiYzVhMWVmOGYzYWZ8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off

13.248.148.254

200 OK

20 B

URL HTTP/1.1
www1.acp.net/track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=acp.net&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2UyY2VjMzVkNGJlfHx8MTY3NTgwODQ1MS43MTM5fDQ4YWY0ZDQzMmNhNzBhMjQ1ZTFiMjE5ZDZmN2FhY2VkZjU1N2NkODZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzFPREE0TkRVd0xqQXlPVFUzTmpBd01EQWlmUT09fDFkOGYxYTkwMGU0MDllNzA0NDM3ODk2YTdjOTdiYzVhMWVmOGYzYWZ8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off
IP
13.248.148.254:0
ASN
#16509 AMAZON-02

File type
data
Size
20 B (20 bytes)
Hash
a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf

HTTP Headers

GET /track.php?click=d5750c6b6d0f8f4e4d15ff913020bf47c704fe02&domain=acp.net&uid=MTY3NTgwODQ1MS4zODIyOjdiMzVjYmM2ZjI4N2ZkNTJjMmJkMGQ4OTJjNTAwMDJiNGRkMWViZWI2NDZmYzhlN2VkZTRmZGE0NzVjZDhmNTA6NjNlMmNlYzM1ZDRlMg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2M2UyY2VjMzVkNGJlfHx8MTY3NTgwODQ1MS43MTM5fDQ4YWY0ZDQzMmNhNzBhMjQ1ZTFiMjE5ZDZmN2FhY2VkZjU1N2NkODZ8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDB8ZXlKemRXSnBaRFFpT2lJeE5qYzFPREE0TkRVd0xqQXlPVFUzTmpBd01EQWlmUT09fDFkOGYxYTkwMGU0MDllNzA0NDM3ODk2YTdjOTdiYzVhMWVmOGYzYWZ8MHxkcC10ZWFtaW50ZXJuZXQxMl8zcGh8MHww&kw=&search=&pcat=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www1.acp.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.acp.net/?tm=1&subid4=1675808450.0295760000&kw=Certified+Public+Accountant+CPA&KW1=Certified%20Public%20Accountant%20Cpa&KW2=Self%20Service%20Client%20Portal&KW3=Online%20Bill%20Payment%20Processing%20Center&KW4=Client%20Accounting%20And%20Advisory%20Services&KW5=Auditing%20And%20Assurance%20Services&KW6=Personal%20Tax%20Accountant&KW7=Business%20Tax%20Accountant&searchbox=0&domainname=0&backfill=0

HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 22:20:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5050
Expires: Tue, 07 Feb 2023 23:45:02 GMT
Date: Tue, 07 Feb 2023 22:20:52 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5050
Expires: Tue, 07 Feb 2023 23:45:02 GMT
Date: Tue, 07 Feb 2023 22:20:52 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5050
Expires: Tue, 07 Feb 2023 23:45:02 GMT
Date: Tue, 07 Feb 2023 22:20:52 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5050
Expires: Tue, 07 Feb 2023 23:45:02 GMT
Date: Tue, 07 Feb 2023 22:20:52 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7847 bytes)
Hash
5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NwaKQCUYm5ov0l7aSUXurRhRMvaAOsjf5QOIWCttb8xkUbgrQei-Yw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:18 GMT
age: 1714
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13160 bytes)
Hash
003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 81DTnHIh40lNEi6l5hC87Vo9R8k4w79Fr71zibyvGP0iJm4kmhWITA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:45:27 GMT
age: 52525
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13714 bytes)
Hash
5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KYWj40o5goODdNjGr_Evrb_bfXcxtJRIyGvs7ViEWlELAyJt0-ZzMw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 1598
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7303 bytes)
Hash
7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SU23ljJF5eIu0L9YNQOtZlwuMHs9Ri91iu2-YS9v2pNBA-pkJYU2SA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:26:40 GMT
age: 53652
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6838 bytes)
Hash
4b327816bc2c6fd7291c75c693685d54
771070be61d0724b1c90ca86ea34c804bd7e501a
d45188239cacc7b228bc75ccc95afb48914aaa434c418cd5b786533e8b9cb983

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5708e132-62b1-4b5b-aa88-fe22e522eb0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6838
x-amzn-requestid: 54fc5ae9-d37a-46cf-97e0-d05de1417cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7QEsCoAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-40de6212468fcd0e78a93708;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mgfr5wO7Bj5BVjKYY7O0c4ogLognfq09QrA9khZROr2CVyOWgKTz1g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:52:35 GMT
age: 1697
etag: "771070be61d0724b1c90ca86ea34c804bd7e501a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12772 bytes)
Hash
2bf626b824fefec1ecaceb9243f2e5ec
f222976d76d889a0cd767bfd73075ee114c531ce
3f981850c6e6628245be7f7e26418d8b945dbeaf45e06492d8e2ee9409245195

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F308abacb-8d5b-49bf-9e2b-59b6b40157cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12772
x-amzn-requestid: a4603c5c-c842-4a1d-bf09-550f160e1082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7OEz8oAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-763b7ecf50411a4d13dd8a25;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ECAdRS7as57pL15HxK4Ep0YOho8Kba8RFhMVnXGdJuKYItQHNf2yHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:14 GMT
age: 1598
etag: "f222976d76d889a0cd767bfd73075ee114c531ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

orest-vlv.com/zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b

52.7.54.238

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
18de9dc631d8bdeaaf2bbc8a310214bb
9cfd33577df46330348d09c3bf0c876977614365
28c5d826595b0cb4c7d728bbff863152f8c7a0639343bfdfecc03201edb9d78f

HTTP Headers

GET /zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.acp.net/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Tue, 07 Feb 2023 22:20:53 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: koSPAqID

orest-vlv.com/zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

52.7.54.238

200

308 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
308 B (308 bytes)
Hash
a221703a3e3b18677ba56999e081b1ff
fdd595c3502f7b3fea7cd005a46b1ae463755d81
75f1234c08fd18f719b89e7e6063639ada701aeb97079fd2fedbccbdd7030528

HTTP Headers

GET /zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/ae29be75-a735-11ed-bf8a-12b1cc39160b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=ae3c3505-a735-11ed-bf8a-12b1cc39160b
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Tue, 07 Feb 2023 22:20:53 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: clhGJSev

orest-vlv.com/favicon.ico

52.7.54.238

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
52.7.54.238:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=ae29be75-a735-11ed-bf8a-12b1cc39160b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Tue, 07 Feb 2023 22:20:53 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: EsXwySfb

xml-v4.gipostart-2.co/click?seat=2433458&i=GtgQUSj418U_0

173.239.53.32

302 Found

0 B

URL HTTP/1.1
xml-v4.gipostart-2.co/click?seat=2433458&i=GtgQUSj418U_0
IP
173.239.53.32:0
ASN
#27257 WEBAIR-INTERNET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?seat=2433458&i=GtgQUSj418U_0 HTTP/1.1
Host: xml-v4.gipostart-2.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net
Pragma: no-cache

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0a87531904d57bbcf19f968860234045
1c06f994986b8a751daa28d4dda5b8cbdeb19af4
cc538fe3410afca412c798c4a567ff021b1de0202911034a9fe5b9728e32127d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC538FE3410AFCA412C798C4A567FF021B1DE0202911034A9FE5B9728E32127D"
Last-Modified: Tue, 07 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15328
Expires: Wed, 08 Feb 2023 02:36:21 GMT
Date: Tue, 07 Feb 2023 22:20:53 GMT
Connection: keep-alive

mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net

95.131.137.7

200 OK

407 B

URL HTTP/1.1
mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net
IP
95.131.137.7:0
ASN
#47841 Claranet SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
407 B (407 bytes)
Hash
3438a550979662945067a5381ef62b5a
45abb123cef2665e447ebf481f4205b0e3140f25
f61014c0a5939e28e10c17c1a3116cad6084ec3e675fefac34a39fdd931b0d7f

HTTP Headers

GET /general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net HTTP/1.1
Host: mys.myservdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 22:20:53 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 407
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 22:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-6NGLR7XRKC

142.250.74.168

200 OK

77 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-6NGLR7XRKC
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19467)
Size
77 kB (77096 bytes)
Hash
cd351a7059ddd7b9826dc16f106f923b
5cb6e659dc81d074b5a76b47b77345a621804548
4cdb8465fa7fe06d05cf3c9f57ef0d22f805e38b2457c086065b81ae10ede0d6

HTTP Headers

GET /gtag/js?id=G-6NGLR7XRKC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mys.myservdir.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 Feb 2023 22:20:54 GMT
expires: Tue, 07 Feb 2023 22:20:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Feb 2023 22:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mys.myservdir.com/mui/bannerrrg.php?idf=1840&idf_n=1840&f=3000x250&click_url=

95.131.137.7

200 OK

12 B

URL HTTP/1.1
mys.myservdir.com/mui/bannerrrg.php?idf=1840&idf_n=1840&f=3000x250&click_url=
IP
95.131.137.7:0
ASN
#47841 Claranet SAS

File type
ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
f97b8cb798a3b0d3529c5d7c20ef901a
b3af74aef4621b67e4b4138388dc6cb823a55523
c5dd2d14e63a3f9444790d663aca7793c3644602f6134ebfe24fc28e06b50f53

HTTP Headers

GET /mui/bannerrrg.php?idf=1840&idf_n=1840&f=3000x250&click_url= HTTP/1.1
Host: mys.myservdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 22:20:54 GMT
Content-Type: text/javascript;charset=UTF-8
Content-Length: 12
Connection: close
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Sat, 28 Jan 2023 23:20:54 GMT
Set-Cookie: rid=c8e31e6c-c782-4d78-a828-e3c9ed1b2fba; expires=Mon, 08-May-2023 22:20:54 GMT; Max-Age=7776000; path=/; domain=.myservdir.com

mys.myservdir.com/general/Banner/vacanceo.png

95.131.137.7

200 OK

1.5 MB

URL HTTP/1.1
mys.myservdir.com/general/Banner/vacanceo.png
IP
95.131.137.7:0
ASN
#47841 Claranet SAS

File type
PNG image data, 2552 x 1256, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 MB (1541145 bytes)
Hash
cd4e235638c74b1b5faa7bd4b9a908ef
9c63ba72d47a329271e27af8b32c7462aa3e43e7
0a758d5fc835e8167c7ea236784380392c6a729dbc5c662ae72e67b7fc7dc6ee

HTTP Headers

GET /general/Banner/vacanceo.png HTTP/1.1
Host: mys.myservdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 22:20:54 GMT
Content-Type: image/png
Content-Length: 1541145
Connection: close
Last-Modified: Sun, 09 Sep 2018 13:15:20 GMT
ETag: "178419-5757008530a00"
Accept-Ranges: bytes

mys.myservdir.com/favicon.ico

95.131.137.7

200 OK

695 B

URL HTTP/1.1
mys.myservdir.com/favicon.ico
IP
95.131.137.7:0
ASN
#47841 Claranet SAS

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 16x16, components 3\012- data
Size
695 B (695 bytes)
Hash
827a9cc61308877b17a3eb780b7c1a8f
42262b7d6d294fa3de9bdc9e8cfd7c1d21f033cd
4e31086fd3af82a431957f5e1fbaf2f2fda54ffb2f48c96bdfdfc0941040db17

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: mys.myservdir.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mys.myservdir.com/general/trafic_lp.php?idf=1840&sour=Active_12183657274|acp.net
Cookie: rid=c8e31e6c-c782-4d78-a828-e3c9ed1b2fba; _ga_6NGLR7XRKC=GS1.1.1675808505.1.0.1675808505.0.0.0; _ga=GA1.1.16674796.1675808506
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 Feb 2023 22:20:54 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 695
Connection: close
Last-Modified: Tue, 10 Jul 2012 08:56:10 GMT
ETag: "2b7-4c475e6d85e80"
Accept-Ranges: bytes

region1.google-analytics.com/g/collect?v=2&tid=G-6NGLR7XRKC&gtm=45je3260&_p=1150481139&cid=16674796.1675808506&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675808505&sct=1&seg=0&dl=https%3A%2F%2Fmys.myservdir.com%2Fgeneral%2Ftrafic_lp.php%3Fidf%3D1840%26sour%3DActive_12183657274%7Cacp.net&dr=http%3A%2F%2Forest-vlv.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6NGLR7XRKC&gtm=45je3260&_p=1150481139&cid=16674796.1675808506&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675808505&sct=1&seg=0&dl=https%3A%2F%2Fmys.myservdir.com%2Fgeneral%2Ftrafic_lp.php%3Fidf%3D1840%26sour%3DActive_12183657274%7Cacp.net&dr=http%3A%2F%2Forest-vlv.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6NGLR7XRKC&gtm=45je3260&_p=1150481139&cid=16674796.1675808506&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675808505&sct=1&seg=0&dl=https%3A%2F%2Fmys.myservdir.com%2Fgeneral%2Ftrafic_lp.php%3Fidf%3D1840%26sour%3DActive_12183657274%7Cacp.net&dr=http%3A%2F%2Forest-vlv.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mys.myservdir.com
Connection: keep-alive
Referer: https://mys.myservdir.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://mys.myservdir.com
date: Tue, 07 Feb 2023 22:20:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML