firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 20:02:58 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ww53gtuKggxKqAS7VlZEjcYj72KG96RxkqRph8ULRSrQcBbD1PN9QA==
Age: 1930
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5405
Expires: Sun, 18 Sep 2022 22:05:13 GMT
Date: Sun, 18 Sep 2022 20:35:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zwLruabjo9YfLwXc-Bp_mLQp4XAgmDueOWersS059OzuVrsFN_skuA==
age: 57595
X-Firefox-Spdy: h2
skynetcargoexpress.com/
199.188.200.225301 Moved Permanently 707 B IP 199.188.200.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 18 Sep 2022 20:35:08 GMT
server: LiteSpeed
location: https://skynetcargoexpress.com/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 20:35:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 18 Sep 2022 20:03:22 GMT
Expires: Sun, 18 Sep 2022 20:13:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EBgq37AnPnvyBWTj7xOc-WihPJ6ypbVAj5byyFbCc-l-DDyXsnBF9A==
Age: 1907
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b190690aced4e51ab547640ed0fabba5
65597d542235b2cac3b5992b84a05605717b09a9
8939305c5d0406cb1cd9916b5f36d1721840eddb441b2b1319f63d0f5311f752
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 20:35:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 15:59:57 GMT
Expires: Sat, 24 Sep 2022 15:59:56 GMT
Etag: "65597d542235b2cac3b5992b84a05605717b09a9"
Cache-Control: max-age=501286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ccddcd9dfefab8-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4666
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Last-Modified: Sun, 18 Sep 2022 19:17:23 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 306ca1345fdf0ca28498ad115cea782b
97f61ca341ad256d80ca5d18b534e16497a781fa
3c96cc4baa7a17c0c6319f91b533a568f474554bd402c399456fe99078d09f9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.icons8.com/color/48/000000/whatsapp.png
185.76.9.16200 OK 2.5 kB URL HTTP/2 img.icons8.com/color/48/000000/whatsapp.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 869e32b4302497c4387594feb7be102f
0d0075eaf3451d65fd1ec22a287d39a104b5e8c5
ccdc41c4ed56826f08dd31023446f6a74b11136e8c4fafb1e39fdc2e74aef34e
GET /color/48/000000/whatsapp.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 2514
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 16713
icon-format: png
icon-size: 48
last-modified: Thu, 15 Sep 2022 07:24:41 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801211335139
x-accel-expires: @1663593420
server: CDN77-Turbo
x-77-nzt: AblMCQ3lfz3/cbIDAA
x-77-nzt-ray: iFiGBzVobVI
x-cache: HIT
x-age: 242289
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/fluent/48/000000/facebook-new.png
185.76.9.16200 OK 1.4 kB URL HTTP/2 img.icons8.com/fluent/48/000000/facebook-new.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash f907784683c9efb4fbccf5665463d87b
ce39520288d3b71df253b2eb7e1d8ffaa9b2237f
4f1866fa4aba6147018cd56a9678c54a41ace2e3ba310027fd2ebf5c459edc2a
GET /fluent/48/000000/facebook-new.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 1373
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: true
from-svg-cache: true
memory-svg-cache: true
icon-id: uLWV5A9vXIPu
icon-format: png
icon-size: 48
last-modified: Fri, 16 Sep 2022 08:44:09 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801211335139
x-accel-expires: @1663620249
server: CDN77-Turbo
x-77-nzt: AblMCQ0AYS7/pEkDAA
x-77-nzt-ray: tiy+GuOvyB8
x-cache: HIT
x-age: 215460
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/color/48/000000/twitter-squared.png
185.76.9.16200 OK 956 B URL HTTP/2 img.icons8.com/color/48/000000/twitter-squared.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 4599d7ca598ebeacb4f360e843f462cf
a6653a6ee1668e047825f33167421ef3d99009a9
190fc873e8dd685b4a66f7e664940ae6599ecc409d9da3d25dfd928a173b539c
GET /color/48/000000/twitter-squared.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 956
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 60469
icon-format: png
icon-size: 48
last-modified: Thu, 15 Sep 2022 02:07:33 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222727994
x-accel-expires: @1663550620
server: CDN77-Turbo
x-77-nzt: AblMCQ0U2ovvoVkEAA
x-77-nzt-ray: qtxZX1vfj/U
x-cache: HIT
x-age: 285089
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.43.46.140101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.46.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UlrN797mI4RLHDSqUxaK+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6HEQpAaqbdqatP3RA8QolJnPY/I=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skynetcargoexpress.com/css/bootstrap.min.css
199.188.200.225200 OK 2.2 kB URL HTTP/2 skynetcargoexpress.com/css/bootstrap.min.css
IP 199.188.200.225:0
File type ASCII text, with very long lines (11764), with CRLF line terminators
Hash 4da741a2fce459af0fec5d0b954ac542
ac5917ab69bf5082138f73f1f073d44becad0b2e
4f7b3a4a007bea93a15c49dda4a9743a929aa70f65f041870ef26952ae541bac
GET /css/bootstrap.min.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2196
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/css/owl.carousel.css
199.188.200.225200 OK 1.0 kB URL HTTP/2 skynetcargoexpress.com/css/owl.carousel.css
IP 199.188.200.225:0
File type ASCII text, with CRLF line terminators
Hash 088c288a91093f63e91c51ff862400bf
d39796185e57a4b44f6d701b932aac3d52bdb53c
c21552c1b994a7b6d9a7e337ced8a2e976fbce8f8eeb965e89cb68d97bb596f9
GET /css/owl.carousel.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1005
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/css/jquery.fancybox.css
199.188.200.225200 OK 1.3 kB URL HTTP/2 skynetcargoexpress.com/css/jquery.fancybox.css
IP 199.188.200.225:0
Hash 04e7093dafe5d2229901072429141e66
10b73b0ab89205a9d7e27ea25b837a1d84f75b03
b0fe1cf3c2e3bba2ca5b610172326712288dc21d34da08b0607c5ae935ae6ef8
GET /css/jquery.fancybox.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1270
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a0be97a5b781e41697a33759beee1967
e083297e74f4571a57d066db4f871c10502785d2
766d891de2fd209d0fc84e31495e0501cacaea13bc4e6998856ec7ac770b9b7e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1223
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:09 GMT
Last-Modified: Sun, 18 Sep 2022 20:14:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280
skynetcargoexpress.com/plugins/revolution/css/layers.css
199.188.200.225200 OK 10 kB URL HTTP/2 skynetcargoexpress.com/plugins/revolution/css/layers.css
IP 199.188.200.225:0
File type ASCII text, with CRLF line terminators
Hash f48ab77ed15aaef6347c0222abeee97e
d48cfa770714a06c0df766c033ccd7b7f05ecb4a
1513fd6fa4141e1cb0f884659168935f741f771075caafc104dd5dff9270e177
GET /plugins/revolution/css/layers.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9985
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img.icons8.com/fluent/48/000000/google-plus.png
185.76.9.16200 OK 2.0 kB URL HTTP/2 img.icons8.com/fluent/48/000000/google-plus.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f7750395e1ce1adcd7eb39a0f51d46
b9b10cbbe12d2ad3b94a3eecfa10b61d8ad133a2
8187dc57f98c9393b92b2308bfb7b3a3f4da26d2613d34c4e71394ef3116ae64
GET /fluent/48/000000/google-plus.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 1973
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: false
icon-id: kkAN3fOocGoh
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 10:59:18 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222318082
x-accel-expires: @1663835709
server: CDN77-Turbo
x-77-nzt: AblMCQ0hYDah
x-77-nzt-ray: GBA6mhSCsOw
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/android/48/000000/linkedin.png
185.76.9.16200 OK 530 B URL HTTP/2 img.icons8.com/android/48/000000/linkedin.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c1f224fdf02d312b57f3451054625576
87cf8f015cecf454d76cc84e1be9bfc0ef7b0b9c
fbd4c2952efaf039ced98632c42c0158372fd6b6270629bb2a296e0cbf33a9a5
GET /android/48/000000/linkedin.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 530
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: false
icon-id: 3869
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 00:48:48 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222727994
x-accel-expires: @1663835709
server: CDN77-Turbo
x-77-nzt: AblMCQ0u/fSh
x-77-nzt-ray: KzGmfVxffAg
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/color/48/000000/important-mail.png
185.76.9.16200 OK 1.2 kB URL HTTP/2 img.icons8.com/color/48/000000/important-mail.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash cd1f18f2ce488c5e4f310737f0ced2fb
c49638e240b9aa4521b63b695b8f510ecb61063d
666a04124c821084c4cb18f0bc2436aa6176504c352e6d5ee8a15438e36032b2
GET /color/48/000000/important-mail.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: image/png
content-length: 1206
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 110278
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 18:25:26 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801211335139
x-accel-expires: @1663835709
server: CDN77-Turbo
x-77-nzt: AblMCQ0S9kSh
x-77-nzt-ray: ZDttCCErSzw
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
skynetcargoexpress.com/css/fontello.css
199.188.200.225200 OK 20 kB URL HTTP/2 skynetcargoexpress.com/css/fontello.css
IP 199.188.200.225:0
Hash 130d455752ae91eec6f2e7a4f6509dba
859cc97fb038edf7cf29879d47424ac5013a64bd
2b5387bcce2b61354e271b68b9e37ed3310caf4c70bd0afe152723056bbeee1e
GET /css/fontello.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19747
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/revolution/css/settings.css
199.188.200.225200 OK 7.5 kB URL HTTP/2 skynetcargoexpress.com/plugins/revolution/css/settings.css
IP 199.188.200.225:0
File type Unicode text, UTF-8 text, with very long lines (352), with CRLF line terminators
Hash e7fd6eb0c0f135afd6edc521ceaa226d
134724afd7fb110336589a2b45fe21641f30ec70
1712664b7023607590c709e804a42af736751f2b7b27cd37383164412af3f2d0
GET /plugins/revolution/css/settings.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7491
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/revolution/css/navigation.css
199.188.200.225200 OK 7.6 kB URL HTTP/2 skynetcargoexpress.com/plugins/revolution/css/navigation.css
IP 199.188.200.225:0
Hash 6cf5930313b2e50f9eaa1c12e433df0c
834ea2b933129ef1254c7297e34e00fc9275a33f
aa214dd8731d12d221a3a3a17789c0a95166738ec104c195ecb9d6e1133168f4
GET /plugins/revolution/css/navigation.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7646
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/css/style.css
199.188.200.225200 OK 22 kB URL HTTP/2 skynetcargoexpress.com/css/style.css
IP 199.188.200.225:0
File type ASCII text, with CRLF line terminators
Hash 32db0edcfa383fe45f7d7601606b26ac
12fb37504a5ab9fe49014653bccd8799865ebbd8
5d509a0648511a751a322cce9e087ed1cd33a908b63b1113f94c84868b4cd16e
GET /css/style.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21530
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/css/responsive.css
199.188.200.225200 OK 3.6 kB URL HTTP/2 skynetcargoexpress.com/css/responsive.css
IP 199.188.200.225:0
File type ASCII text, with CRLF line terminators
Hash a233d5d9576618095ddd1e875f24176b
e91649414d17ae93bfb3a05e03476eab7bfd02df
ed90f091677d77f188eed648f7dda28249bdb94ba4761b81999ac64fc191a655
GET /css/responsive.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: text/css
last-modified: Sun, 21 Feb 2021 09:08:19 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3606
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/jquery.scrollTo.min.js
199.188.200.225200 OK 1.6 kB URL HTTP/2 skynetcargoexpress.com/plugins/jquery.scrollTo.min.js
IP 199.188.200.225:0
File type Unicode text, UTF-8 text, with very long lines (3045), with CRLF line terminators
Hash 73217ec85fc6a6c0d5d17d9dc586341e
17b20758a6d21c31c3ef404f03092151de722235
3e69aedc14ec22cba3da31ccaf7cabb3ad59eb5748ac2be9ece51e2bbfa52ee5
Analyzer Verdict Alert fortinet Malware
GET /plugins/jquery.scrollTo.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1628
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/script.js
199.188.200.225200 OK 3.7 kB URL HTTP/2 skynetcargoexpress.com/js/script.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (13089), with no line terminators
Hash a56150569c58176fa018e2bd2cdafdc7
0bb1d91be89865f3ecee027fca3963449cb0de5b
f290b3d6b81064fa81bf2034cfbfc71e9bd8e76564d6cf46ebeee9c0ea89e6ea
Analyzer Verdict Alert fortinet Malware
GET /js/script.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3674
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img.icons8.com/material-two-tone/48/000000/menu-2.png
185.76.9.16200 OK 203 B URL HTTP/2 img.icons8.com/material-two-tone/48/000000/menu-2.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 8b3a4231a96b61a519c61116ccd06846
49ad2dc7f8eebfabe13eb2988b99cc2fccda842c
9b97b2431e377d4ed3b22ed6e47ba0b3c5f74d2271d534f303e9d1fc8737ef40
GET /material-two-tone/48/000000/menu-2.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:10 GMT
content-type: image/png
content-length: 203
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: false
memory-svg-cache: false
icon-id: 89139
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 20:35:10 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222727994
x-accel-expires: @1663835710
server: CDN77-Turbo
x-77-nzt: AblMCQ2rl7+h
x-77-nzt-ray: 6PNFmz4tb14
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 20:07:26 GMT
expires: Sun, 18 Sep 2022 21:07:26 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 1664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skynetcargoexpress.com/w.png
199.188.200.225200 OK 4.9 kB URL HTTP/2 skynetcargoexpress.com/w.png
IP 199.188.200.225:0
File type PNG image data, 225 x 225, 8-bit colormap, non-interlaced\012- data
Hash 8dd1940785694710572b0f69a6dcaf7b
87b4d70440b2fc01ad09eee03709626efbd2c182
9118081a15369a490d330cdb292c3c064277a64c087e06e2440ddb35da67eaa4
GET /w.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-length: 4901
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/libs/retina.min.js
199.188.200.225200 OK 1.5 kB URL HTTP/2 skynetcargoexpress.com/js/libs/retina.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (3125)
Hash cd69439f081b2f4a0c1b7c3dffc5c173
3f59778796159db481c86416f5724552b8cc7290
45e7bfd404e7ae49df05261619007cf81c6d4c085006fe1da88be5ba073e5a78
Analyzer Verdict Alert fortinet Malware
GET /js/libs/retina.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1470
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/libs/jquery.modernizr.js
199.188.200.225200 OK 4.7 kB URL HTTP/2 skynetcargoexpress.com/js/libs/jquery.modernizr.js
IP 199.188.200.225:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (10892), with CRLF line terminators
Hash bccd102b8474a7c2b6fdf7b16846e712
31e17a923981c5a49b200e69db2cdbe23d20c018
141ac388c97ce56fb94685b100fb37277f911151e5b714c3bf177d32e1fda581
Analyzer Verdict Alert fortinet Malware
GET /js/libs/jquery.modernizr.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4660
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/jquery.localScroll.min.js
199.188.200.225200 OK 1.1 kB URL HTTP/2 skynetcargoexpress.com/plugins/jquery.localScroll.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (2079)
Hash 65170ff78ab8dee1c0eff40a3bfaed29
bb27b422e8fe39a060f71331f5ff6308b628262e
c569cd3e7ef9067be4db5b990cd73b639a6e5553420e9d4e81bd32f688d1d146
Analyzer Verdict Alert fortinet Malware
GET /plugins/jquery.localScroll.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1088
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20608, version 1.0\012- data
Hash 56573cfb638f35b191c36b5ad69a55e8
61b97f2670054092c49209678a2dd11d4d12a709
36ea273138b793477fef7ab102c5d882f9329660f70df5d5ad43f30f0edd7026
GET /s/assistant/v18/2sDcZGJYnIjSi6H75xkzaGW5.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 23:48:53 GMT
expires: Sat, 16 Sep 2023 23:48:53 GMT
cache-control: public, max-age=31536000
age: 161177
last-modified: Fri, 24 Jun 2022 19:46:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
104.26.8.139200 OK 33 kB URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (17169), with no line terminators
Hash 6c08ee029ff3c594778d23beb9515ec4
78946a353286722433bc2aa6336f73acca7feaad
9ffef388747c7175fccce157d019c0633d912b949f0f7c6e5f10e8b0728bc26b
GET /1_114_0/static/js/render.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://skynetcargoexpress.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-4311"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4068
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Maqs21quphE%2F01HPRxT6c6jOgo2U%2BPnGzJcPB8T1NAdjqBMUApzcoOlwLvMd%2B50WOQdl0My09JRiTKW4Stupo8%2BUVjO5EyEpBk7%2Bu9IrXdOk4QhTYPux%2BwQxKPgFEH0SDgmv%2F3JdQgw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccddd1edbdb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H0TbFzsQ.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/heebo/v21/NGS6v5_NC0k9P9H0TbFzsQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 11764, version 1.0\012- data
Hash 271271faf099fdfab30e2b7560c2f3a8
5c3fbf8ea016ce4eb80e75ea09875fab0ef24846
e83a43067942e341ebb7319116315855d2c24e463c9f0eda69f1a4b5f66ded18
GET /s/heebo/v21/NGS6v5_NC0k9P9H0TbFzsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 16:40:50 GMT
expires: Sat, 16 Sep 2023 16:40:50 GMT
cache-control: public, max-age=31536000
age: 186860
last-modified: Mon, 11 Jul 2022 20:35:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 12:31:58 GMT
expires: Sun, 17 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 115392
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/bootstrap.js
199.188.200.225200 OK 11 kB URL HTTP/2 skynetcargoexpress.com/plugins/bootstrap.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (773), with CRLF line terminators
Hash 0e120a4aa24d4c48eaa72be2eba50eae
e350805deda9a9e612584c8ada75ec00cb3dca81
5fd13671d656d451a701a9a49f95405576408f6eec1d15ad22a8cedf69cc019d
Analyzer Verdict Alert fortinet Malware
GET /plugins/bootstrap.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11288
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/jquery.queryloader2.min.js
199.188.200.225200 OK 3.1 kB URL HTTP/2 skynetcargoexpress.com/plugins/jquery.queryloader2.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (773), with CRLF line terminators
Hash f2686005cc2721501b9c1043a2fbe31c
e57849227fb7b7805536176dba9f6a2757b86d29
63181f604c912625d1396e786d39e8096a018b0e8a46a712061e769491906e6b
Analyzer Verdict Alert fortinet Malware
GET /plugins/jquery.queryloader2.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3053
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/owl.carousel.min.js
199.188.200.225200 OK 11 kB URL HTTP/2 skynetcargoexpress.com/plugins/owl.carousel.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (32061)
Hash 496887d9b274dc77403a6a6d89534896
9ce0f882a198f03ed4bffc2c991be764e0cf50c0
492a36d77c8751c3d8ddba1c229f68586df04eb7351083c263e20a5e3853c041
Analyzer Verdict Alert fortinet Malware
GET /plugins/owl.carousel.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10725
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/image_logo.png
199.188.200.225200 OK 6.2 kB URL HTTP/2 skynetcargoexpress.com/images/image_logo.png
IP 199.188.200.225:0
File type PNG image data, 243 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash b753ac259550acee8f651b63b6b2ebf9
e076f70ec9077e66c28cbe1492ee79b17192831e
cba061e30e849c26b621709716de1ee00016414b8aba9c57f1027323735ff324
GET /images/image_logo.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/png
last-modified: Mon, 23 Aug 2021 16:58:49 GMT
accept-ranges: bytes
content-length: 6248
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/jquery.fancybox.js
199.188.200.225200 OK 14 kB URL HTTP/2 skynetcargoexpress.com/plugins/jquery.fancybox.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (802)
Hash ee8c9eda39f433430a68263d70407737
c5582c318676bdbe383cd0c2340d429c5839d0b1
2172070062c929c30df1702f2477c449d79b34230f6983bc350431ebcc6effb6
Analyzer Verdict Alert fortinet Malware
GET /plugins/jquery.fancybox.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13753
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:35:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10271
Expires: Sun, 18 Sep 2022 23:26:21 GMT
Date: Sun, 18 Sep 2022 20:35:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: 8d5cf972-bd9a-42b8-ba33-5dd05191e9f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6u1GspIAMF9vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e5e-12430c8c7122a3594aba8949;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: leqr7rYJyeBFlYuFM2D-wGJfb7_w-5HbW2Y1aHwjTzZ9_4MTFybNaA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:08:03 GMT
age: 80827
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Q6pjncaouCXUu0Pz7v6xF_8ClxxVypUSeggW23Z-UTsPamKCTgwjmA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:00:17 GMT
age: 81293
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Heebo:300,400,500,700
142.250.74.10200 OK 6.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Heebo:300,400,500,700
IP 142.250.74.10:0
Hash c562757721c1a2e9b55ca62ec9fc732e
93a22255aca8472fd96522aea2810ed27022bf47
80a408994d402e33c3d523628bece3ed19149e21a03d42f7695d424ae90f498a
GET /css?family=Heebo:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 20:35:09 GMT
date: Sun, 18 Sep 2022 20:35:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wxZ383nT9n_SBMH4D_k--23G7tb-2pQV0yDcUMvD17woMHbc2rx-NQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:53:55 GMT
age: 78075
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3tByM8rVW_WxdiBUCfXzxZWjMvH2PB2VQ290D-DLITqly6QQQKBNSw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:13:29 GMT
age: 48101
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ae5a7fc19cf9601753b147621cb9f8c
04063797f76518668fdd9a5d5a86c7637eac43b8
b1c659363aa69139a03aab9a6d76800b3568ccf5201f02e1ea864e2bff70d3a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd6067cf-6392-4f3a-8543-a3861c83d1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9093
x-amzn-requestid: 29c7788f-27e9-4823-8cba-ebf4ef9ea7ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tjEvsoAMFrtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbc-37b8d7930503d507592bf728;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8AtK_uI_vRz2em8nsfBq7zFkfQKNoPnjesvp_WdDJTiVbWB1NJT4mQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:47:52 GMT
age: 82038
etag: "04063797f76518668fdd9a5d5a86c7637eac43b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/plugins.js
199.188.200.225200 OK 10 kB URL HTTP/2 skynetcargoexpress.com/js/plugins.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (39479), with no line terminators
Hash 11d374b251f0a721aa7d9ee8676e3fa5
de41a599b2d3f58f26f3d911f412a782f47f4436
b580c6fab81ffd07696efb9ce3b6fc91dec6f58e1e3bd1e86f036b6310acf0be
Analyzer Verdict Alert fortinet Malware
GET /js/plugins.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10373
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/revolution/js/jquery.themepunch.revolution.min5597.js?ver=5.0
199.188.200.225200 OK 16 kB URL HTTP/2 skynetcargoexpress.com/plugins/revolution/js/jquery.themepunch.revolution.min5597.js?ver=5.0
IP 199.188.200.225:0
File type ASCII text, with very long lines (32001), with CRLF line terminators
Hash 3e92ba3617126e9f7fc10c2800e87fc7
83c4df139bdd027e7edfc28eca45b9c4d28d253d
267069d98a4a8f0438e0c181ef6fc89ad08efe5925761e278fc0a32f446cc110
Analyzer Verdict Alert fortinet Malware
GET /plugins/revolution/js/jquery.themepunch.revolution.min5597.js?ver=5.0 HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16380
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img2.jpg
199.188.200.225200 OK 44 kB URL HTTP/2 skynetcargoexpress.com/images/360x210_img2.jpg
IP 199.188.200.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x210, components 3\012- data
Hash cd1c6d9e74feaceed4cc0900b9ff4ba4
fb3925f5e4a7e6a101ab33197c73202d58c9ec5a
d7145407db2702e38caa7a74c39e894f0c07ff847bec594c5b97f85f5df72381
GET /images/360x210_img2.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 43789
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/libs/jquery-2.2.4.min.js
199.188.200.225200 OK 30 kB URL HTTP/2 skynetcargoexpress.com/js/libs/jquery-2.2.4.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (32065)
Hash 526421842b9664651ddf0ea8ffe4dde7
0768d587bc2bb972f1ff216ca83a9edc779316a6
4047e16934b327e2601ca1e8fa40a76f28c4ae1d43463bd815e204abd2086626
Analyzer Verdict Alert fortinet Malware
GET /js/libs/jquery-2.2.4.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29559
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/plugins/revolution/js/jquery.themepunch.tools.min5597.js?ver=5.0
199.188.200.225200 OK 36 kB URL HTTP/2 skynetcargoexpress.com/plugins/revolution/js/jquery.themepunch.tools.min5597.js?ver=5.0
IP 199.188.200.225:0
File type ASCII text, with very long lines (27184), with CRLF line terminators
Hash d18b7489bc06da5ab1f807fd76bbc919
690cdb480cf8696110ca3ba4de46841ed10cee12
311d08f0a51c9dd63a73afd0a36e800c76a447de7ac8b6fce71fcc9c847f9c2f
Analyzer Verdict Alert fortinet Malware
GET /plugins/revolution/js/jquery.themepunch.tools.min5597.js?ver=5.0 HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36517
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/js/libs/jquery-ui.min.js
199.188.200.225200 OK 60 kB URL HTTP/2 skynetcargoexpress.com/js/libs/jquery-ui.min.js
IP 199.188.200.225:0
File type ASCII text, with very long lines (64555), with CRLF line terminators
Hash b0c3c81261d8b32cba7dabc2e117dc05
a1859342f4ed2b1f705b4c95199bc1a5219113ab
9836842148dbfc690130b9d5616b51cb94c0253d3b37b3e1a131b48706a32d83
Analyzer Verdict Alert fortinet Malware
GET /js/libs/jquery-ui.min.js HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: application/javascript
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 59918
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img3.jpg
199.188.200.225200 OK 45 kB URL HTTP/2 skynetcargoexpress.com/images/360x210_img3.jpg
IP 199.188.200.225:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 360x210, components 3\012- data
Hash 3af66b39529c65cbeb3c2b27bbe21d6c
61483421da1c92fce301828edebd4929348c94e2
4eb1affd38372240e8715e34ef80bf78a6846e297bb5918eaddc84a2c02e41d0
GET /images/360x210_img3.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 45384
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img1.jpg
199.188.200.225200 OK 38 kB URL HTTP/2 skynetcargoexpress.com/images/360x240_img1.jpg
IP 199.188.200.225:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 360x240, components 3\012- data
Hash 282d0af65799e4da6df362ae4c4ffc52
67a93e0d845786f042addf0c77f9c99bc0c0c76b
c236bffbd7871d0c2952b593eddf839efe104f46658e335ffdf43c993c8a57be
GET /images/360x240_img1.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 38010
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Sep 2022 20:29:23 GMT
expires: Sun, 18 Sep 2022 20:44:23 GMT
cache-control: public, max-age=900
age: 348
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 18 Sep 2022 20:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash df9a91b3419ad16550ee181a1b6fe078
b50dd8cebe24ea5629175028be825fe7b0422c6e
228aa9bfba1221dbb1561293c2ac7e442ff36300cde3d59326c4bb63f2a6ecad
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 20:35:11 GMT
server: ESF
cache-control: private
content-length: 30808
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ca3ab7a8411ba9c6350d504e65a95cc6
8b39f564b1b1cb1d262cb57b41a4bb5de331087f
cb51d72baec3c84ac94d419aab6d291b7596a9098525471fdb3fbbb6d34aa3db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.162200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.162:0
Hash 2adf6a1c49e600d01a5c36e560103619
3cb7e6b00810d257728beb343625d657278f1b26
58de74adaa0d23019b691803d386e5e64dcc0a750fc19b764340744376fcb1f0
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Sun, 18 Sep 2022 20:35:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36304)
Hash 2290550297e63b48200422c4b7e1462a
f700e2d274f776ea92bff1c6d8cd82a1c6f4725f
668a21ecefaab47ae57fdaa6de19661bcba38c4e2d444cde44d4c47b78132c89
GET /js/th/SsNTfMY_GtK2MUcgN-Id-kGsmj-5H1Z7oxK7ex71V1k.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14354
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:09:07 GMT
expires: Thu, 14 Sep 2023 05:09:07 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
age: 401164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu9i-JVmOdT0rr_rNZgvwro7wlyWxAx8oulMK21qHw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu9i-JVmOdT0rr_rNZgvwro7wlyWxAx8oulMK21qHw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash edb5433e5c2855fc6c668e96425810ce
8d18f3e9d90139955ff2bbd1372b4b9f6a387e05
5cb36c66fc75ac117f9268855fd5139ff1d1f802be10b882d8d94b2fa03dad6c
GET /ytc/AMLnZu9i-JVmOdT0rr_rNZgvwro7wlyWxAx8oulMK21qHw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3345
x-xss-protection: 0
date: Sun, 18 Sep 2022 20:35:11 GMT
expires: Wed, 14 Sep 2022 16:23:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1b7"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be2418b1c907ea5c5c118ea04110c05c
bfccdff59bf12183d944919222a3a5cc06bb55d0
94d47fc76a001b3e76effab981170a0557e39318ef44e44c9a8969feaa29f29f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skynetcargoexpress.com/images/arrow_right.png
199.188.200.225200 OK 557 B URL HTTP/2 skynetcargoexpress.com/images/arrow_right.png
IP 199.188.200.225:0
File type PNG image data, 68 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash fbc5883f06a684d7966d8b9d63034f46
9f8cd5e31490ae8c4b3f197f5ce31e7c5217dc52
5aff88485833fa3e357cc991cf1ad1ec0ac6111d99f07383dc86f74295110cbb
GET /images/arrow_right.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/style.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:10 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 557
date: Sun, 18 Sep 2022 20:35:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/arrow_big_down.png
199.188.200.225200 OK 604 B URL HTTP/2 skynetcargoexpress.com/images/arrow_big_down.png
IP 199.188.200.225:0
File type PNG image data, 10 x 248, 8-bit/color RGBA, non-interlaced\012- data
Hash 86f402ed5ddd88262037d5c6ab9a6113
fa050f5cc494f521ae82e726cb1b22f578ce1e99
51310bcb42fb11d62dc975f8a316aa9db68daaca98a9535486e6221d1628ecfd
GET /images/arrow_big_down.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/responsive.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:10 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 604
date: Sun, 18 Sep 2022 20:35:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/arrow_left.png
199.188.200.225200 OK 563 B URL HTTP/2 skynetcargoexpress.com/images/arrow_left.png
IP 199.188.200.225:0
File type PNG image data, 68 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash ad047a88498fa6c99984b42f2fb5058a
7793c03735325fe3e39e3d21c6b8d288855dec54
065e17824299774fec54a25ae21e549e23c0368ff1657692b6a187afd5b65435
GET /images/arrow_left.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/responsive.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:10 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 563
date: Sun, 18 Sep 2022 20:35:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/footer_pattern.png
199.188.200.225200 OK 6.0 kB URL HTTP/2 skynetcargoexpress.com/images/footer_pattern.png
IP 199.188.200.225:0
File type PNG image data, 1910 x 173, 8-bit/color RGBA, non-interlaced\012- data
Hash 73167bdd6e1da12c52fe656b45c7dc61
c4f947b087894f27385fa2209a22709f047f1d48
4b658206fae4248d2c77104ba272931340d288bec2f9e74277369edeb8aa22f3
GET /images/footer_pattern.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/style.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:10 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 5988
date: Sun, 18 Sep 2022 20:35:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img3.jpg
199.188.200.225200 OK 233 kB URL HTTP/2 skynetcargoexpress.com/images/360x240_img3.jpg
IP 199.188.200.225:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:12:07 15:50:23], baseline, precision 8, 360x240, components 3\012- data
Size 233 kB (233190 bytes)
Hash f03cb8320e47fff87784aed88c12d403
9d44921134319621c16b1fa41087b8f6c8b5dceb
1d7525261b1d64633bac592037e446738002d068cc070b0454ced56dfe6508c8
GET /images/360x240_img3.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 233190
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img1.jpg
199.188.200.225200 OK 227 kB URL HTTP/2 skynetcargoexpress.com/images/360x210_img1.jpg
IP 199.188.200.225:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:12:06 19:01:22], baseline, precision 8, 360x210, components 3\012- data
Size 227 kB (227119 bytes)
Hash c018c9e1adca1782f1ca5306c2e351f4
6b26af537e9a1fa52a58cf35fce754726e036076
e61ba193e466373ab5132289b05303ae8465204809c85d24da4bc7f4b38c0c47
GET /images/360x210_img1.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 227119
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/font/alarm9dd3.woff?11759646
199.188.200.225200 OK 28 kB URL HTTP/2 skynetcargoexpress.com/font/alarm9dd3.woff?11759646
IP 199.188.200.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (393)
Hash 9815dcf41e3e9dbf5dce9e8a6971c881
3ad61bca5fd26b012b7312cced71f4df0d6d854f
f7755ff57b10406cee30d7326f11862dc9a87eb5298070bc67f50f25740a4b75
Analyzer Verdict Alert fortinet Malware
GET /font/alarm9dd3.woff?11759646 HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/fontello.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html
content-length: 28075
date: Sun, 18 Sep 2022 20:35:10 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img2.jpg
199.188.200.225200 OK 214 kB URL HTTP/2 skynetcargoexpress.com/images/360x240_img2.jpg
IP 199.188.200.225:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:12:07 15:50:04], baseline, precision 8, 360x240, components 3\012- data
Size 214 kB (214489 bytes)
Hash 22d116c8d6c27f0b5ce13eed1671ded9
9ec37e368d447e98bb0bda78dc1cd31e6167de5b
997909cbc37ba15afee5f7702fa4a41ed261432682210b98f319f313fe4410eb
GET /images/360x240_img2.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:09 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 214489
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img.icons8.com/color/48/000000/whatsapp.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/color/48/000000/whatsapp.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /color/48/000000/whatsapp.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 2514
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 16713
icon-format: png
icon-size: 48
last-modified: Thu, 15 Sep 2022 07:24:41 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801211335139
x-accel-expires: @1663593420
server: CDN77-Turbo
x-77-nzt: AblMCQ2N8uz/c7IDAA
x-77-nzt-ray: DnGjQcL4Iok
x-cache: HIT
x-age: 242291
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/fluent/48/000000/facebook-new.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/fluent/48/000000/facebook-new.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /fluent/48/000000/facebook-new.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 1373
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: true
from-svg-cache: true
memory-svg-cache: true
icon-id: uLWV5A9vXIPu
icon-format: png
icon-size: 48
last-modified: Fri, 16 Sep 2022 08:44:09 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801211335139
x-accel-expires: @1663620249
server: CDN77-Turbo
x-77-nzt: AblMCQ15/9P/pkkDAA
x-77-nzt-ray: S2l/Cn1Hh/E
x-cache: HIT
x-age: 215462
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/color/48/000000/twitter-squared.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/color/48/000000/twitter-squared.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /color/48/000000/twitter-squared.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 956
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 60469
icon-format: png
icon-size: 48
last-modified: Thu, 15 Sep 2022 02:07:33 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222727994
x-accel-expires: @1663550620
server: CDN77-Turbo
x-77-nzt: AblMCQ0+/Ljvo1kEAA
x-77-nzt-ray: V4aSG7lQvNM
x-cache: HIT
x-age: 285091
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
104.26.8.139200 OK 96 kB URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (65439)
Hash 33bd21e0592c2fadd9c7b7a3bc7b7783
607dfcdfacb02c7cbf0412a4da666a0ee2d5eabc
84dae8049758de4ccbf3e1b1715f4a983fb887b29e9f8f472fcbcb82db7cbb08
GET /1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-5575e"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhlmvAL4og4ARzINgO7tk%2BA5gmN09Q%2BqJm6ttSAUZOaYFQdqIyTiQic5x%2BHQ9RuRxoSzY6obKetkveX7IIvXXHnBq%2FQVphD38fO9mgTJlmZWP%2FP%2BZKd8xLQuDcBBvJLpKvzgSwPa5utc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccdddc9bd3b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/icon_zoomin.png
199.188.200.225200 OK 982 B URL HTTP/2 skynetcargoexpress.com/images/icon_zoomin.png
IP 199.188.200.225:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash b1d868d4483d9018cb87f2f50db8dadb
7ad11c19a0b6ca79bfdd840ce1090d6bfb115875
af9d3c9b56e604ef3bad15d0140cb05982385aba5aefba30635f6a599ab78d3d
GET /images/icon_zoomin.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/style.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 982
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img.icons8.com/fluent/48/000000/google-plus.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/fluent/48/000000/google-plus.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /fluent/48/000000/google-plus.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 1973
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: kkAN3fOocGoh
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 10:59:18 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222318082
x-accel-expires: @1663835711
server: CDN77-Turbo
x-77-nzt: AblMCQ1HAWTB
x-77-nzt-ray: 4qMoBCM2Fv0
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/android/48/000000/linkedin.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/android/48/000000/linkedin.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /android/48/000000/linkedin.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 530
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 3869
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 00:48:48 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222318082
x-accel-expires: @1663835711
server: CDN77-Turbo
x-77-nzt: AblMCQ0qD5nB
x-77-nzt-ray: 7cqcsIzGUyI
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/image_logo.png
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/image_logo.png
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/image_logo.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/png
last-modified: Mon, 23 Aug 2021 16:58:49 GMT
accept-ranges: bytes
content-length: 6248
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img3.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x210_img3.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x210_img3.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 45384
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img1.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x240_img1.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x240_img1.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 38010
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img2.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x210_img2.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x210_img2.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 43789
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img3.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x240_img3.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x240_img3.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 233190
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x210_img1.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x210_img1.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x210_img1.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 227119
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/images/360x240_img2.jpg
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/images/360x240_img2.jpg
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /images/360x240_img2.jpg HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/jpeg
last-modified: Sun, 21 Feb 2021 09:08:18 GMT
accept-ranges: bytes
content-length: 214489
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
img.icons8.com/material-two-tone/48/000000/menu-2.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/material-two-tone/48/000000/menu-2.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /material-two-tone/48/000000/menu-2.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 203
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: true
icon-id: 89139
icon-format: png
icon-size: 48
last-modified: Sat, 17 Sep 2022 20:26:18 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222318082
x-accel-expires: @1663835711
server: CDN77-Turbo
x-77-nzt: AblMCQ0KyyzB
x-77-nzt-ray: NZvOJ+7V1OI
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img.icons8.com/color/48/000000/important-mail.png
185.76.9.16200 OK 0 B URL HTTP/2 img.icons8.com/color/48/000000/important-mail.png
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /color/48/000000/important-mail.png HTTP/1.1
Host: img.icons8.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://skynetcargoexpress.com
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: image/png
content-length: 1206
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-expose-headers: Content-Disposition
from-cache: false
memory-cache: false
from-svg-cache: true
memory-svg-cache: false
icon-id: 110278
icon-format: png
icon-size: 48
last-modified: Sun, 18 Sep 2022 18:25:26 GMT
cache-control: public, max-age=302400
not-found-platform: false
version: 0.1.0-SNAPSHOT.20220801222318082
x-accel-expires: @1663835711
server: CDN77-Turbo
x-77-nzt: AblMCQ2S+tXB
x-77-nzt-ray: ROk8+IqTSZE
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
skynetcargoexpress.com/w.png
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/w.png
IP 199.188.200.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /w.png HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 20:35:11 GMT
content-type: image/png
last-modified: Sun, 21 Feb 2021 09:08:22 GMT
accept-ranges: bytes
content-length: 4901
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 18 Sep 2022 20:35:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e6a9ed95e5c45a3444f68c37670323b0
1c66eaf491727f9a861220dbe61115739ab57958
81eff9f5c724e3515dff797051f70e68749ce5a86b152ac67861f5a538c254ed
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1030
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 20:35:11 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65c62da003f69bb000c6397214b36233
193afe7cc444a18d1efedb6b44f092a20bb30a87
1480fbde78d42956197157439d886d583c1e1fa2de1872cb50820821d5b34f85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65c62da003f69bb000c6397214b36233
193afe7cc444a18d1efedb6b44f092a20bb30a87
1480fbde78d42956197157439d886d583c1e1fa2de1872cb50820821d5b34f85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-107070&rn=1&rbuf=0
91.90.45.173200 OK 1.2 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-107070&rn=1&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1154), with no line terminators
Hash 974a8ad00b76b708d44a4f8293e8a32a
0bb66d0275698c1fa625a1878fadd99369a2332c
11beb0c850ac45ca0f28efb94458bf3d521eb5136bcb26bbd0f8d8d7f70691b4
GET /videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-107070&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 18 Sep 2022 20:35:11 GMT
Expires: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1154
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-18600&rn=2&rbuf=0
91.90.45.173200 OK 1.0 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-18600&rn=2&rbuf=0
IP 91.90.45.173:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1026), with no line terminators
Hash 20b30a70c9323a7aa25a073b8ce4fcd0
fca5a4613167f5f91446fa4a43b01e9de7d8d2b0
e7d25b7a121738150851e9f2613998b268f599d0fb2fa94e5fc22ae76429f178
GET /videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&mh=rZ&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeen7y&ms=au%2Crdu&mv=u&mvi=2&pl=21&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&mt=1663532536&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AG3C_xAwRQIhAKJK-dSxT-AYLbEqlp45j8W0oV2sfuoOo2BYo4xvL58kAiB7qU69Jf8wC0lmnJqDyChheHSJYKZbphXpZ2J8vnaALg%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&range=0-18600&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 18 Sep 2022 20:35:11 GMT
Expires: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1026
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65c62da003f69bb000c6397214b36233
193afe7cc444a18d1efedb6b44f092a20bb30a87
1480fbde78d42956197157439d886d583c1e1fa2de1872cb50820821d5b34f85
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
skynetcargoexpress.com/dashboard/logo-image/image_logo.php?id=2
199.188.200.225200 OK 6.2 kB URL HTTP/2 skynetcargoexpress.com/dashboard/logo-image/image_logo.php?id=2
IP 199.188.200.225:0
File type PNG image data, 243 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash b753ac259550acee8f651b63b6b2ebf9
e076f70ec9077e66c28cbe1492ee79b17192831e
cba061e30e849c26b621709716de1ee00016414b8aba9c57f1027323735ff324
Analyzer Verdict Alert urlquery Detected suspicious URL pattern
fortinet Malware
GET /dashboard/logo-image/image_logo.php?id=2 HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: image/png
content-length: 6248
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70f9595d3ff69b7cd89b24b56abdd7cc
09027fbaa6dfd33a97e836cd136c840f9ee763a2
44a5ee6a5a97426191dbbaf4e7a3d0ee154e1f192dd3c3cb3a11d74a702061eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/mNPLRtAliPg/maxresdefault.webp
172.217.21.182200 OK 179 kB URL HTTP/2 i.ytimg.com/vi_webp/mNPLRtAliPg/maxresdefault.webp
IP 172.217.21.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 179 kB (178764 bytes)
Hash 07f89484828832e4ac770b3b789a6203
1df9d7c9a2bf3419d237caf8f2edd2c351f33ffc
112ddfcbfcfbda41b7881e8497e134b66b6d1ba12135d055ebc98f66be2512bd
GET /vi_webp/mNPLRtAliPg/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 178764
date: Sun, 18 Sep 2022 20:35:11 GMT
expires: Sun, 18 Sep 2022 22:35:11 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 70f9595d3ff69b7cd89b24b56abdd7cc
09027fbaa6dfd33a97e836cd136c840f9ee763a2
44a5ee6a5a97426191dbbaf4e7a3d0ee154e1f192dd3c3cb3a11d74a702061eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
216.58.207.202200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 216.58.207.202:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 18 Sep 2022 20:35:11 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Sun, 18 Sep 2022 20:35:11 GMT
set-cookie: NID=511=qaJxwDOxUq0oPN7XRoB3J-GVutWJPYf8-X-5fb9Idlmxy6bRlLnGwDX8FhkO5twvS2p3Nqr8Ffd1eNxrYKGmhfoMTW2X3dbGgq_YJVYCAI2-FNXkm8HxPVWWGSDegxhISg5pghEspR-nsALCcyF87iqRPlC9WtUsncZmvlfm-V4; expires=Mon, 20-Mar-2023 20:35:11 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+897; expires=Tue, 17-Sep-2024 20:35:11 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0d46b19aabe33c1790bec6bace4eeced
b1bc4c987b851adb7b8528a6c042b40cf21c1d92
d74249945061c1201df66f8359657c098247202705a73e9036f2fbfb5df5cff8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0d46b19aabe33c1790bec6bace4eeced
b1bc4c987b851adb7b8528a6c042b40cf21c1d92
d74249945061c1201df66f8359657c098247202705a73e9036f2fbfb5df5cff8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK739k50Ywl4OM8Lc4Iee1A3jfrnbpjb0QRj8J70-68cAiEAzGfuKyDYXf1x57Y4LoWckdCmZAxo8YNUHVGl72Y7Ti4%3D&range=0-107070&rn=3&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw=
74.125.110.137200 OK 1.3 kB URL HTTP/1.1 rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK739k50Ywl4OM8Lc4Iee1A3jfrnbpjb0QRj8J70-68cAiEAzGfuKyDYXf1x57Y4LoWckdCmZAxo8YNUHVGl72Y7Ti4%3D&range=0-107070&rn=3&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw=
IP 74.125.110.137:0
File type ASCII text, with very long lines (1308), with no line terminators
Hash 2624fd3b26aeb3e1e09aa7d526fbffe8
a61010adeb98e2dbe674e40c7730367a336d0261
4a9274a2ae170b314cbd445e5364141fca9a31809bd31ee9ef2694fa61c398ce
GET /videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=video%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=1920954&dur=40.320&lmt=1485494574081416&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANzfHUFVlWti8cgPHPZOvWnp8vJg1rIJmev_8exTkD2IAiA_uw6VDhTqkwtvd2n5TgZgWxFVir-HoBRiMCUvsc3p8g%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAK739k50Ywl4OM8Lc4Iee1A3jfrnbpjb0QRj8J70-68cAiEAzGfuKyDYXf1x57Y4LoWckdCmZAxo8YNUHVGl72Y7Ti4%3D&range=0-107070&rn=3&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw= HTTP/1.1
Host: rr4---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 18 Sep 2022 20:35:12 GMT
Expires: Sun, 18 Sep 2022 20:35:12 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 1308
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALQFsIcNnvkHJSCUeWM8U5qbH7n5FWiFk7NQm4ZMxIZMAiA3S5kyfdgerxtm4LR63rd90h66iOCwWPMnaMmwgpZKNw%3D%3D&range=0-18600&rn=4&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw=
74.125.110.137200 OK 19 kB URL HTTP/1.1 rr4---sn-5goeen7y.googlevideo.com/videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALQFsIcNnvkHJSCUeWM8U5qbH7n5FWiFk7NQm4ZMxIZMAiA3S5kyfdgerxtm4LR63rd90h66iOCwWPMnaMmwgpZKNw%3D%3D&range=0-18600&rn=4&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw=
IP 74.125.110.137:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 8dcbc3ce2bf98ef044d65ad60d077836
b04c25df02dcbbbd22baa7dc7366a732c968f80e
937aff84d2913b242e28f8a9d68434b4890ecca17baa75d911cca72d24fe5130
GET /videoplayback?expire=1663554911&ei=_4AnY4m8BZP8yQWNoZjgBw&ip=91.90.42.154&id=o-AN9lrhJZL7RsoaekaecNDiI0fZBr-JJv8pJPnPHgoKYm&itag=250&source=youtube&requiressl=yes&spc=yR2vpwcKiBXDnVQDLRKaKAc-Dk0sOJg&vprv=1&mime=audio%2Fwebm&ns=1Z1WpqBGrGzfy4nOaQVr7VAI&gir=yes&clen=18601&dur=40.341&lmt=1485494283171052&keepalive=yes&fexp=24001373,24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&n=BQ_7LE6Z03KHIA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAL4B2OVDLZ4yNSgPMvEQNviLr2slAuaWJEYIUwPeZiiUAiAc-RsklntW4rbSUuyxHpeVXpgX9KsPgEM7TJHTSudbjA%3D%3D&alr=yes&cpn=i6clTYOpTKDf69IS&cver=1.20220914.01.01&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=rZ&mm=29&mn=sn-5goeen7y&ms=rdu&mt=1663532384&mv=u&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALQFsIcNnvkHJSCUeWM8U5qbH7n5FWiFk7NQm4ZMxIZMAiA3S5kyfdgerxtm4LR63rd90h66iOCwWPMnaMmwgpZKNw%3D%3D&range=0-18600&rn=4&rbuf=0&pot=DxZ_BSPxdZHWFkd25lFZWnUzvuenNLpvFnQ1XP7qDDT2HRkE_cATLEVKrvjqo6v93HYiqUsGfxU5qGF3IdJUmj8Pdv4c9j6gBFHL43Ayc_Hc6AeBro9bQJQRC2VCSbJA33YGlxw= HTTP/1.1
Host: rr4---sn-5goeen7y.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 27 Jan 2017 05:18:03 GMT
Content-Type: audio/webm
Date: Sun, 18 Sep 2022 20:35:12 GMT
Expires: Sun, 18 Sep 2022 20:35:12 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 18601
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 47f6a13db2367252fd6d7863ae3dcbfc
8e3b5114b118c2bb1e2636b1e796f683e7d19af7
0290018e849b7bfa5a1a3efa5ed3b802a170044f6ad2ce569e08e5305eab1136
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
104.26.8.139200 OK 272 kB URL HTTP/2 widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (65451)
Size 272 kB (272097 bytes)
Hash 9bbb1c69e6f3a53f9b28cec9a2294f13
c477714e6b8f24323234cbccbc3df81646d8da76
6508fada78075ad9ab8fd1239802b606a26e43006a222e0d3a9c8f3e4e3ed07d
GET //1_114_0/static/js/widget.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:12 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-826dd"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QsaACO2dWDDkQA%2Bu9G%2BPHT2ZMATKhqVt5K2gWH9t%2FBued%2B14448Xfl9Hin5aR0VcdN2SwFYDGP%2F97pFX458xze7xB4M74dmhwOySWmGfRb1YrrmH%2BlzsZgk6S34CtKfV%2B0oqbqFpLIl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ccdddfffb7b506-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash e4640bd076b597a1eba6d222ea219fe4
daf896f1093bbde299b4f0b2c6fb52f3c5227566
c5491e8122d0e2f9a8ec7d621ddd68159ad4c8dd4d677c24dd1435ef131d4fbb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 18 Sep 2022 20:35:12 GMT
Last-Modified: Sun, 18 Sep 2022 20:02:38 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FB7dNNIaLnJOVkvJmqT4JQrvhmxcXh_SIUfb2FIvuHLPEyQWqFR8-w==
Age: 1954
socket.tidio.co/socket.io/?ppk=ne62k02ljrnunml8mi7pyoey4kq20kza&device=desktop&EIO=3&transport=websocket
54.74.189.136101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=ne62k02ljrnunml8mi7pyoey4kq20kza&device=desktop&EIO=3&transport=websocket
IP 54.74.189.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=ne62k02ljrnunml8mi7pyoey4kq20kza&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://skynetcargoexpress.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jo4EwFQBFZZCLzRMcGFnsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 18 Sep 2022 20:35:12 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: v76j404/eY2dfcCT9HCaEH/8cWE=
Sec-WebSocket-Extensions: permessage-deflate
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fba4bff8b5a5433d90d7617f719f6242
931ce4bb39c8ce58f3352ce4308c97819f0477ac
187f9b89199a7af54b24fe3d19d905bb1f59ff5008f748e45130aea82001c483
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4851
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 20:35:13 GMT
Last-Modified: Sun, 18 Sep 2022 19:14:22 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
23.111.9.57200 OK 1.3 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP 23.111.9.57:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 8c685a701d36f492ecc566a4c879fbfd
bbfb15f5fdfd47a20122556975dba73b9d035d95
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 20:35:13 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Tue, 18 Oct 2022 20:35:13 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 3B66:6CC0:5C9BBC:6016D7:63245B40
vary: Accept-Encoding
x-fastly-request-id: afaeab388db1de45aba366d7d4008041a11e371d
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2e5759fd404a039955868b121bbd075
04fb3179255ba5ec897ffc4581966945cc9fe2ca
42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: K_ZInDx3OZbVvpWZ5vnimzx-Dk5twaTGv9VGXMZHFpZ0YN7lKZ_5HQ==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:57:48 GMT
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
content-type: image/jpeg
age: 81449
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
skynetcargoexpress.com/
199.188.200.225200 OK 0 B IP 199.188.200.225:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/5.4.45
set-cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
code.tidio.co/ne62k02ljrnunml8mi7pyoey4kq20kza.js
104.26.9.183302 Found 0 B URL HTTP/2 code.tidio.co/ne62k02ljrnunml8mi7pyoey4kq20kza.js
IP 104.26.9.183:0
GET /ne62k02ljrnunml8mi7pyoey4kq20kza.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 18 Sep 2022 20:35:09 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6UYpy1v6RDbYnw6%2Fe6ByuI3jJAWNUKID5aXTwm3vjZzpqebx4Q8fpwFMRS1uR5gj%2B1Rv1X0UnIoPrc5mOUATgY5RG5vZdDglxZ8AK%2BUIYjDVqM1jR7X2jIrKvXhcYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ccddd098f60b69-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Assistant:300,400,600,700,800
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Assistant:300,400,600,700,800
IP 142.250.74.10:0
GET /css?family=Assistant:300,400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 20:35:09 GMT
date: Sun, 18 Sep 2022 20:35:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
142.250.74.46200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 142.250.74.46:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 18 Sep 2022 20:35:09 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+868; expires=Tue, 17-Sep-2024 20:35:09 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
skynetcargoexpress.com/font/demo-files/demo.css
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/font/demo-files/demo.css
IP 199.188.200.225:0
GET /font/demo-files/demo.css HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 20:35:09 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
skynetcargoexpress.com/font/alarm9dd3.ttf?11759646
199.188.200.225200 OK 0 B URL HTTP/2 skynetcargoexpress.com/font/alarm9dd3.ttf?11759646
IP 199.188.200.225:0
GET /font/alarm9dd3.ttf?11759646 HTTP/1.1
Host: skynetcargoexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://skynetcargoexpress.com/css/fontello.css
Cookie: PHPSESSID=3gdtom9dr9o1ri56iagvnaei94
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/5.4.45
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
content-type: text/html
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 20:35:11 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2