Report - tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451

Report Overview

Submitted URL
tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451
IP
185.249.183.232
ASN
#34081 INCUBATEC GmbH - Srl
Submitted
2023-02-14 01:54:10
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
yourcashreward.net	unknown	2021-02-17T18:39:43Z	2023-02-13T13:59:50Z	369 B	260 B	138.201.50.169
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.0 kB	2.1 kB	142.250.74.163
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.167.125.33
your-reward.biz	unknown	2019-04-02T14:12:49Z	2023-02-09T07:12:17Z	2.3 kB	360 kB	107.161.178.194
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	340 B	963 B	172.64.155.188
www.offerteperte.net	unknown	2014-01-15T08:24:46Z	2023-03-06T07:25:58Z	3.6 kB	368 kB	178.255.74.101
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	504 B	22 kB	142.250.74.35
tr.couponforyou.net	unknown	2021-02-25T11:51:48Z	2023-02-13T13:59:38Z	946 B	599 B	185.249.183.231
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	393 B	1.6 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-14 01:55:20	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-02-14 01:55:20	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	your-reward.biz/en/js/jquery.js	96 kB	2023-03-07	2024-07-26
Pretty URL your-reward.biz/en/js/jquery.js IP 107.161.178.194 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:16 Last Seen2024-07-26 04:32:28 Times Seen2558 Hash 3c9137d88a00b1ae0b41ff6a70571615 1797d73e9da4287351f6fbec1b183c19be217c2a 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1 Loading...

	www.offerteperte.net/js/richiesta.js	7.1 kB	2023-03-07	2023-12-14
Pretty URL www.offerteperte.net/js/richiesta.js IP 178.255.74.101 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:06:07 Last Seen2023-12-14 15:26:12 Times Seen9 Hash b070d3a8a38d606d8c4e5c53974e3f1e 9ed08565c8669c539bed39d5847c96a47810ffd6 c2fabaa0177fee68f191d7c5df162be0d3ae59367f70a75de08deaec2f4fc43c Loading...

	www.offerteperte.net/js/jquery.min.js	95 kB	2023-03-07	2024-07-27
Pretty URL www.offerteperte.net/js/jquery.min.js IP 178.255.74.101 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-07-27 01:30:24 Times Seen15742 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	www.offerteperte.net/js/jquery-ui.min.js	207 kB	2023-03-07	2024-06-05
Pretty URL www.offerteperte.net/js/jquery-ui.min.js IP 178.255.74.101 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:04:07 Last Seen2024-06-05 12:25:14 Times Seen35 Hash 1f8cfeffe7c643c9f219b180612085af 777046d84ce3b57fac146218da57af39c924a6eb 14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5 Loading...

	www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm	380 B	2023-03-13	2023-03-13
Pretty URL www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm IP 178.255.74.101 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:32:08 Last Seen2023-03-13 22:37:47 Times Seen1 Hash 2ba708164ee7499e162f5ab40d2a7b9c 4395eee4d893f728a26942be18d68c2dbf0d7e59 58da6608b034c86f3bad850ccf45eaed58e80079dd486b3b5e400c5275f440fd Loading...

	www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm	206 B	2023-03-13	2023-03-13
Pretty URL www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm IP 178.255.74.101 ASN #20746 Telecom Italia Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 22:32:08 Last Seen2023-03-13 22:37:47 Times Seen1 Hash 49f0f243cd12bb88c8146669fddde0a6 5ec80b27f71316b4b55d28dd695c0593081425f5 a9035ad6be7edeffa53b1e54857713ecdf32a871667eaf9b105f5331ff145952 Loading...

	your-reward.biz/en/js/bootstrap.min.js	37 kB	2023-03-07	2024-07-27
Pretty URL your-reward.biz/en/js/bootstrap.min.js IP 107.161.178.194 ASN #33182 DIMENOC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-07-27 01:52:06 Times Seen61750 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451	185.249.183.231	301 Moved Permanently	0 B
URL HTTP/1.1 tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 IP 185.249.183.231:0 ASN #34081 INCUBATEC GmbH - Srl File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 HTTP/1.1 Host: tr.couponforyou.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 301 Moved Permanently content-length: 0 location: https://tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash e1e94f036b0e677a492e4238b9443034 862ebeb19164d77b65229976b12338c399ce0bd9 1875033f6e187cdb371b497b6640a3c9625283b6a4b12de5bbc5be326365b6a9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "1875033F6E187CDB371B497B6640A3C9625283B6A4B12DE5BBC5BE326365B6A9" Last-Modified: Mon, 13 Feb 2023 00:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15142 Expires: Tue, 14 Feb 2023 06:06:21 GMT Date: Tue, 14 Feb 2023 01:53:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 9b39c3955aa73765d5c9cbe0d4c52f83 b13bf774f0189207d90d846b86b68fcf2f64f868 f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8425 Expires: Tue, 14 Feb 2023 04:14:24 GMT Date: Tue, 14 Feb 2023 01:53:59 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 3534c46dafa4e959cb5f4aba0b1d8cd7 f4aa8774355b04bf1f074aeb73c56c52b32568ab 68b7b6679046611b607c073416e818c6d0391e2953ecc8781b02e57a9b5af306 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "68B7B6679046611B607C073416E818C6D0391E2953ECC8781B02E57A9B5AF306" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=16242 Expires: Tue, 14 Feb 2023 06:24:41 GMT Date: Tue, 14 Feb 2023 01:53:59 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash ff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Tue, 14 Feb 2023 01:37:18 GMT content-type: application/json age: 1001 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: jR9CdXIJsrtyfEuxFHB85i4gGpMXZ/QtkxB1WRCtDjg+/fiRqfMMp7vS/+9imYxpU+//lIBjoUw= x-amz-request-id: D9EZ6V24HDDJ6AJV content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Tue, 14 Feb 2023 01:46:45 GMT age: 434 last-modified: Sun, 29 Jan 2023 18:44:47 GMT etag: "e76071a28ee566dababb3834f46d68ed" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Tue, 14 Feb 2023 01:53:59 GMT content-type: application/json content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Tue, 14 Feb 2023 01:14:53 GMT age: 2346 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 188e06be43a4f1b02aa98f1762147970 5e6b7e3a172fb7327331fd8c7f74559d079bd4fb 89bd97cff26b8d656f26db21b59b02fbc3f671ac903e1e44735c7472ebd05090 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "89BD97CFF26B8D656F26DB21B59B02FBC3F671AC903E1E44735C7472EBD05090" Last-Modified: Mon, 13 Feb 2023 20:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14675 Expires: Tue, 14 Feb 2023 05:58:34 GMT Date: Tue, 14 Feb 2023 01:53:59 GMT Connection: keep-alive`

	yourcashreward.net/index.php?m=privacy	138.201.50.169	302 Moved Temporarily	0 B
URL HTTP/1.1 yourcashreward.net/index.php?m=privacy IP 138.201.50.169:0 ASN #24940 Hetzner Online GmbH File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /index.php?m=privacy HTTP/1.1 Host: yourcashreward.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Moved Temporarily Date: Tue, 14 Feb 2023 01:53:59 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive location: http://your-reward.biz Content-Length: 0 Keep-Alive: timeout=5, max=100 Content-Type: text/html; charset=UTF-8`

	push.services.mozilla.com/	35.167.125.33	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.167.125.33:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: t1ZAdSNReq9ZYUdaR5/1Uw== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: REgF/sssDE+Xs2qd7l9Wh6lieD0=`

	your-reward.biz/	107.161.178.194	302 Moved Temporarily	118 B
URL HTTP/1.1 your-reward.biz/ IP 107.161.178.194:0 ASN #33182 DIMENOC File type ASCII text Size 118 B (118 bytes) Hash d706d50619fe7701da32577853325734 2ee59e7808616e700c309f61918bc96074a6741b 2e80cca91d5fc74664e08451d1024e9923a4b772f1ac543bbfd7d8db24b264de HTTP Headers `GET / HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Moved Temporarily Date: Tue, 14 Feb 2023 01:53:59 GMT Server: Apache mod_bwlimited/1.4 Upgrade: h2,h2c Connection: Upgrade, Keep-Alive location: http://your-reward.biz/en/?m= Content-Length: 118 Keep-Alive: timeout=3, max=70 Content-Type: text/html; charset=UTF-8`

	your-reward.biz/en/?m=	107.161.178.194	200 OK	4.9 kB
URL HTTP/1.1 your-reward.biz/en/?m= IP 107.161.178.194:0 ASN #33182 DIMENOC File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text Size 4.9 kB (4925 bytes) Hash e2cc88bc801c76bd7fedab840f9cc032 f3ec7781561fd547760251c0281a29367b725f18 47fefcae478eb467288ea87ea2e7eb962199060f4aa0430280fb7dff16ada716 HTTP Headers `GET /en/?m= HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:53:59 GMT Server: Apache mod_bwlimited/1.4 Content-Length: 4925 Keep-Alive: timeout=3, max=69 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8`

	your-reward.biz/en/js/bootstrap.min.js	107.161.178.194	200 OK	37 kB
URL HTTP/1.1 your-reward.biz/en/js/bootstrap.min.js IP 107.161.178.194:0 ASN #33182 DIMENOC File type ASCII text, with very long lines (32033) Size 37 kB (37045 bytes) Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef HTTP Headers `GET /en/js/bootstrap.min.js HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://your-reward.biz/en/?m=` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:00 GMT Server: Apache mod_bwlimited/1.4 Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 15 Jan 2019 15:15:25 GMT ETag: "49206ac-90b5-57f80a1769d40" Accept-Ranges: bytes Content-Length: 37045 Keep-Alive: timeout=3, max=70 Content-Type: application/javascript`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d42a01fdf9af7a50d630c42fde100d30 a7568d35657f934220298ca4c2fb102398554196 f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3149 Expires: Tue, 14 Feb 2023 02:46:30 GMT Date: Tue, 14 Feb 2023 01:54:01 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d42a01fdf9af7a50d630c42fde100d30 a7568d35657f934220298ca4c2fb102398554196 f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3149 Expires: Tue, 14 Feb 2023 02:46:30 GMT Date: Tue, 14 Feb 2023 01:54:01 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d42a01fdf9af7a50d630c42fde100d30 a7568d35657f934220298ca4c2fb102398554196 f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3149 Expires: Tue, 14 Feb 2023 02:46:30 GMT Date: Tue, 14 Feb 2023 01:54:01 GMT Connection: keep-alive`

	r3.o.lencr.org/	95.101.11.115	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 95.101.11.115:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash d42a01fdf9af7a50d630c42fde100d30 a7568d35657f934220298ca4c2fb102398554196 f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D" Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3096 Expires: Tue, 14 Feb 2023 02:45:37 GMT Date: Tue, 14 Feb 2023 01:54:01 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10635 bytes) Hash b8526505043a5b3a1a8a3e86f80dd796 121031f827508bc441ab34387ffdf9bf878c43a9 70e9f640c8339aea888ceea9fd2ef74fa2c3ea210f69fa22442155dca61a799e HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10635 x-amzn-requestid: 98a6b744-d08f-4e53-a0b0-735b336c8513 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AS_zjG9boAMFchQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eaace3-5d86345a4ee7009e61291369;Sampled=0 x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:27 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: KJ56reDkEbXg0bE7sE4pB1n7Lkn1nLiKblbKM9aFYCow4tpHrIqGnw== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 22:26:43 GMT etag: "121031f827508bc441ab34387ffdf9bf878c43a9" content-type: image/jpeg age: 12438 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10068 bytes) Hash 798c45b6ff58fbda19c7e927267cf234 fc569c547b361ff3fe3d28e362bb09546d0e75f5 d35b11adf84262c8aa485fa1a93d485c71f1a68a68cfedb142946ccc3bf809ee HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10068 x-amzn-requestid: ed7c343b-63cf-4294-8dd1-c0f619c7a305 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AS_0hEpKIAMF6-w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eaace9-22bc96ba036f73575f3b8d30;Sampled=0 x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:33 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: SMHjJzrBytie2Xe4KVVpP7oL6Wlzwr0us4bIhcJLMbEHrhOcE5lb3g== via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 22:14:55 GMT age: 13146 etag: "fc569c547b361ff3fe3d28e362bb09546d0e75f5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg	34.120.237.76	200 OK	14 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 14 kB (14477 bytes) Hash 504b69ec2b6350345c36777959b0765a c302824325b8f0839c7de54af9c5bd02541e4269 6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 14477 x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ANtsXFBYoAMF6tA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0 x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: hy4pKD0EX3RY8ayeOzmZvNG-K7qwaVP4VPjPOxcpUGmk2x09fKFFRg== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 07:20:10 GMT age: 66831 etag: "c302824325b8f0839c7de54af9c5bd02541e4269" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10677 bytes) Hash e24473b3e335f2046f72ea198a1a9ac8 346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b 87fb8a02fb286ccd1d04abe4052fb08617fc68692515aa6daed2895e83827ccd HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10677 x-amzn-requestid: 7fbf05af-939a-443c-9add-f856b5ab4b1c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AS_zFH3hoAMFUkg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eaace0-0676c24e496661ff545249f0;Sampled=0 x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:24 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ASk3lL6xNgUz-lLwE7lpLLh_PK_Iq-PSAz3VSOZrEweutYlfUggXTg== via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 22:26:35 GMT etag: "346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b" content-type: image/jpeg age: 12446 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg	34.120.237.76	200 OK	8.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.4 kB (8419 bytes) Hash dfbb7efa6627641ed50ee7738b2e2561 a759d26d6c811f964125ccba6e11498bca6b64c8 d1b2ea74eb288c5530c761830023830e43a6e8441594252736d6aa130dfd6520 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74073173-a5a0-46f8-b23e-201ea802ab67.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8419 x-amzn-requestid: d19bc4f6-4174-4563-a1ef-c27ba0a9e3ed x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: AS_zuHdGIAMFQlA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63eaace4-5e914df75bfda625564e1142;Sampled=0 x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: e0GAkTbo83Kf6PvNKGWEeTfnGeFsgaNYwkTj6wLZcvSY_Ax4cW8jjA== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 22:14:48 GMT age: 13153 etag: "a759d26d6c811f964125ccba6e11498bca6b64c8" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg	34.120.237.76	200 OK	5.2 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.2 kB (5182 bytes) Hash 3c5476f427b1609e143ce4f04f03d364 2af39c0fff067a42c843f20e1aedae37fb9d2fe0 64a7bf3a3101ccfe51b0d566889647a3947d24df4ecd89868df1675a2314fb4f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89a52476-4658-4eca-8e19-73d3b2e5cfbd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5182 x-amzn-requestid: ffb926ce-21e0-4e6c-a8e3-94fb758d57c0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ANuThFSIoAMF0dQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63e890e3-110b3f4d29f5ddcb28f1aeb5;Sampled=0 x-amzn-remapped-date: Sun, 12 Feb 2023 07:10:27 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: e7HiXya-AsvtMjEqih18xqzaClzimfaHhoQFY8eyOkG1EDAZ1TUB8Q== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Mon, 13 Feb 2023 07:32:29 GMT age: 66092 etag: "2af39c0fff067a42c843f20e1aedae37fb9d2fe0" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	your-reward.biz/en/js/jquery.js	107.161.178.194	200 OK	96 kB
URL HTTP/1.1 your-reward.biz/en/js/jquery.js IP 107.161.178.194:0 ASN #33182 DIMENOC File type ASCII text, with very long lines (32086) Size 96 kB (95785 bytes) Hash 3c9137d88a00b1ae0b41ff6a70571615 1797d73e9da4287351f6fbec1b183c19be217c2a 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1 HTTP Headers `GET /en/js/jquery.js HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://your-reward.biz/en/?m=` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:00 GMT Server: Apache mod_bwlimited/1.4 Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Tue, 15 Jan 2019 15:15:26 GMT ETag: "49206aa-17629-57f80a185df80" Accept-Ranges: bytes Content-Length: 95785 Keep-Alive: timeout=3, max=70 Content-Type: application/javascript`

	your-reward.biz/en/css/business-frontpage.css	107.161.178.194	200 OK	148 kB
URL HTTP/1.1 your-reward.biz/en/css/business-frontpage.css IP 107.161.178.194:0 ASN #33182 DIMENOC File type ASCII text, with very long lines (540) Size 148 kB (147467 bytes) Hash 98297f9626df9c555503d7995e1c4b75 cda01a0b3ec94ece2aafdec296a39ab8cddc227b 34f721425e3013d9110fd99cef00dfa4cd5d4d3b226198e94d133e23babc5710 HTTP Headers `GET /en/css/business-frontpage.css HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://your-reward.biz/en/?m=` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:00 GMT Server: Apache mod_bwlimited/1.4 Last-Modified: Tue, 15 Jan 2019 15:15:23 GMT ETag: "49206b6-2400b-57f80a15818c0" Accept-Ranges: bytes Content-Length: 147467 Keep-Alive: timeout=3, max=68 Connection: Keep-Alive Content-Type: text/css`

	ocsp.sectigo.com/	172.64.155.188	200 OK	471 B
URL HTTP/1.1 ocsp.sectigo.com/ IP 172.64.155.188:0 ASN #13335 CLOUDFLARENET File type data Size 471 B (471 bytes) Hash 3e4a093691500e82409d2944c4c24095 9f9314d0d03e290d68e1395c803dce4a9d052c71 b5c09d07e9fb5dd34f5d3b6ac0eeb0416d7b7495d0352a4a04c10b1ba5f9ced4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sectigo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Last-Modified: Tue, 14 Feb 2023 00:06:10 GMT Expires: Tue, 21 Feb 2023 00:06:09 GMT Etag: "9f9314d0d03e290d68e1395c803dce4a9d052c71" Cache-Control: max-age=597727,s-maxage=1800,public,no-transform,must-revalidate X-CCACDN-Proxy-ID: mcdpinlb4 X-Frame-Options: SAMEORIGIN CF-Cache-Status: DYNAMIC Server: cloudflare CF-RAY: 79922c67b824b4e8-OSL`

	www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm	178.255.74.101	200 OK	8.4 kB
URL HTTP/1.1 www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm IP 178.255.74.101:0 ASN #20746 Telecom Italia File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (339), with CRLF, LF line terminators Size 8.4 kB (8409 bytes) Hash 7f2336e16f00d6057a91a98057714850 c69fd5fc48b20862b47d9d51b70026547737e3d0 d94b58c31f835e856102a258d79a160f1765061c3cd5e03496ddbfc0d2b09787 HTTP Headers `GET /en_yonkana/en_yonkana-formsitarelli.htm HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://your-reward.biz/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache X-Powered-By: PHP/5.4.13 Set-Cookie: PHPSESSID=gvlmagktsmsu7sghh5tu6qbsf5; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Keep-Alive: timeout=2 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=utf-8`

	your-reward.biz/en/img/header.jpg	107.161.178.194	200 OK	73 kB
URL HTTP/1.1 your-reward.biz/en/img/header.jpg IP 107.161.178.194:0 ASN #33182 DIMENOC File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=nadezhda1906 - Fotolia], baseline, precision 8, 1920x400, components 3\012- data Size 73 kB (72681 bytes) Hash 348b9af8c9ab69c6481b375c5af3cd96 d1a0d874fe56421f33bcd8845234b54aa7dc3a57 5876ec37e112781a846fc8ae48107607535f73ee14be5431ab7cabe66c8f8714 HTTP Headers `GET /en/img/header.jpg HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://your-reward.biz/en/css/business-frontpage.css` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:00 GMT Server: Apache mod_bwlimited/1.4 Last-Modified: Tue, 15 Jan 2019 15:15:28 GMT ETag: "49206b2-11be9-57f80a1a46400" Accept-Ranges: bytes Content-Length: 72681 Keep-Alive: timeout=3, max=69 Connection: Keep-Alive Content-Type: image/jpeg`

	www.offerteperte.net/stili/solo-form/css.css	178.255.74.101	200 OK	3.2 kB
URL HTTP/1.1 www.offerteperte.net/stili/solo-form/css.css IP 178.255.74.101:0 ASN #20746 Telecom Italia File type ASCII text, with CRLF line terminators Size 3.2 kB (3165 bytes) Hash 501dd855b8a75c65517cb4028f795827 0443440024978d94c994b229d2d29c57a8a01173 b6deb732bb3ff7b5ec492d6f9cfba303e224ff7ce1c50ae5a71493b5a83e48b1 HTTP Headers `GET /stili/solo-form/css.css HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Wed, 01 Jul 2015 14:39:59 GMT ETag: "a3605f7-c5d-519d14c1ceadd" Accept-Ranges: bytes Content-Length: 3165 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: text/css`

	your-reward.biz/favicon.ico	107.161.178.194	404 Not Found	315 B
URL HTTP/1.1 your-reward.biz/favicon.ico IP 107.161.178.194:0 ASN #33182 DIMENOC File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 315 B (315 bytes) Hash a34ac19f4afae63adc5d2f7bc970c07f a82190fc530c265aa40a045c21770d967f4767b8 d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: your-reward.biz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://your-reward.biz/en/?m=` `HTTP/1.1 404 Not Found Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache mod_bwlimited/1.4 Content-Length: 315 Keep-Alive: timeout=3, max=69 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash f5067af0270e15c7a9474f4164857326 32b475f2e62e41425bed727d9879ebcbbb60aa3a 60d910b309744465e215e9a977ad16146387dcc6c1160ae1192d5c26e71c02b5 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 14 Feb 2023 01:54:01 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.offerteperte.net/stili-comuni/stile.css	178.255.74.101	200 OK	690 B
URL HTTP/1.1 www.offerteperte.net/stili-comuni/stile.css IP 178.255.74.101:0 ASN #20746 Telecom Italia File type ASCII text, with CRLF line terminators Size 690 B (690 bytes) Hash 00cbcecd0bf7d355d88af1f4e6477cd0 ed7585a126331da791b5bdb9d71723895184189f e66a7715b91e9aecb422db51130352662e4c1ce241cbd6f7914e0ff4a734c4bb HTTP Headers `GET /stili-comuni/stile.css HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Wed, 02 Apr 2014 16:41:29 GMT ETag: "a2a05ba-2b2-4f611f4d02040" Accept-Ranges: bytes Content-Length: 690 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: text/css`

	www.offerteperte.net/js/richiesta.js	178.255.74.101	200 OK	7.1 kB
URL HTTP/1.1 www.offerteperte.net/js/richiesta.js IP 178.255.74.101:0 ASN #20746 Telecom Italia File type Unicode text, UTF-8 text Size 7.1 kB (7122 bytes) Hash b070d3a8a38d606d8c4e5c53974e3f1e 9ed08565c8669c539bed39d5847c96a47810ffd6 c2fabaa0177fee68f191d7c5df162be0d3ae59367f70a75de08deaec2f4fc43c HTTP Headers `GET /js/richiesta.js HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Wed, 12 May 2021 09:02:13 GMT ETag: "a2a0de9-1bd2-5c21e4439cf40" Accept-Ranges: bytes Content-Length: 7122 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: application/javascript`

	www.offerteperte.net/stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css	178.255.74.101	200 OK	35 kB
URL HTTP/1.1 www.offerteperte.net/stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css IP 178.255.74.101:0 ASN #20746 Telecom Italia File type ASCII text, with very long lines (1446), with CRLF line terminators Size 35 kB (34739 bytes) Hash ffa9ca0caede5d942dd2e0172ccea619 614a63ee078a2892554d67c3e8050c1b9b62635b 326898f2b340d43c8a4a865c1700f1c5a35bd14020ba3ba7e2a0bf4d216e7ec4 HTTP Headers `GET /stili-comuni/jqueryui/sunny/jquery-ui-1.8.9.custom.css HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Wed, 02 Apr 2014 16:41:30 GMT ETag: "a3605dc-87b3-4f611f4df6280" Accept-Ranges: bytes Content-Length: 34739 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: text/css`

	fonts.googleapis.com/css?family=Raleway	142.250.74.74	200 OK	967 B
URL HTTP/2 fonts.googleapis.com/css?family=Raleway IP 142.250.74.74:0 ASN #15169 GOOGLE File type data Size 967 B (967 bytes) Hash e8286e9797bbb6c71cd98a70c229d39d b20cf3f9e8075b639db136afa51669bc94965ebd 7437e771b5280fff6c9271236c39b285386000ff01f607b1688075fbcf624a11 HTTP Headers `GET /css?family=Raleway HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Tue, 14 Feb 2023 01:54:01 GMT date: Tue, 14 Feb 2023 01:54:01 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.offerteperte.net/js/jquery.min.js	178.255.74.101	200 OK	95 kB
URL HTTP/1.1 www.offerteperte.net/js/jquery.min.js IP 178.255.74.101:0 ASN #20746 Telecom Italia File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769) Size 95 kB (94840 bytes) Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 HTTP Headers `GET /js/jquery.min.js HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Fri, 28 Aug 2015 09:27:20 GMT ETag: "a2a05a0-17278-51e5bb0d02ac1" Accept-Ranges: bytes Content-Length: 94840 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: application/javascript`

	www.offerteperte.net/js/jquery-ui.min.js	178.255.74.101	200 OK	207 kB
URL HTTP/1.1 www.offerteperte.net/js/jquery-ui.min.js IP 178.255.74.101:0 ASN #20746 Telecom Italia File type ASCII text, with very long lines (658) Size 207 kB (207146 bytes) Hash 1f8cfeffe7c643c9f219b180612085af 777046d84ce3b57fac146218da57af39c924a6eb 14a07d25823f4119e1f55c6ef5a0696f98861baf113aef76519aad93f01a32c5 HTTP Headers `GET /js/jquery-ui.min.js HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Wed, 02 Apr 2014 16:40:44 GMT ETag: "a2a059f-3292a-4f611f2217b00" Accept-Ranges: bytes Content-Length: 207146 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: application/javascript`

	www.offerteperte.net/immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png	178.255.74.101	200 OK	9.4 kB
URL HTTP/1.1 www.offerteperte.net/immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png IP 178.255.74.101:0 ASN #20746 Telecom Italia File type PNG image data, 200 x 60, 8-bit/color RGBA, non-interlaced\012- data Size 9.4 kB (9413 bytes) Hash 41154e6fc98aff072164c5345dd673a1 ebc0a5be61de5f8ead52a17916b627f059bf9203 b8c53e8fc572b1fb9f44bcaea383666d8fe05f667d1c4d28cf40f56e4c7a38a1 HTTP Headers `GET /immagini/en_yonkana/en_yonkana-formsitarelli/23-1499438409-EN_richiedi_subito.png HTTP/1.1 Host: www.offerteperte.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.offerteperte.net/en_yonkana/en_yonkana-formsitarelli.htm Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Date: Tue, 14 Feb 2023 01:54:01 GMT Server: Apache Last-Modified: Fri, 07 Jul 2017 14:40:11 GMT ETag: "a3203ad-24c5-553bb35e8b4ad" Accept-Ranges: bytes Content-Length: 9413 Keep-Alive: timeout=2 Connection: Keep-Alive Content-Type: image/png`

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 605c0a47169c45b131ccb1ed345cf048 110d17ee2aa9a2cb7128e27554ec8dcbb1f59296 0ac9bb15a9f9edd3750752ddf33d3478bedd369cc5f22b6a0e258f55958b7774 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 14 Feb 2023 01:54:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2	142.250.74.35	200 OK	21 kB
URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 IP 142.250.74.35:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 21280, version 1.0\012- data Size 21 kB (21280 bytes) Hash 16911581ab7ea10687a5aee74cbc5612 b0b24248345739209d753a4ac77ccfc1f627b219 c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf HTTP Headers `GET /s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.offerteperte.net Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 21280 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 09 Feb 2023 00:56:18 GMT expires: Fri, 09 Feb 2024 00:56:18 GMT cache-control: public, max-age=31536000 age: 435464 last-modified: Mon, 18 Jul 2022 19:57:59 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.163	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.163:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 605c0a47169c45b131ccb1ed345cf048 110d17ee2aa9a2cb7128e27554ec8dcbb1f59296 0ac9bb15a9f9edd3750752ddf33d3478bedd369cc5f22b6a0e258f55958b7774 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Tue, 14 Feb 2023 01:54:02 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451	185.249.183.231	302 Found	0 B
URL HTTP/2 tr.couponforyou.net/go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 IP 185.249.183.231:0 ASN #34081 INCUBATEC GmbH - Srl File type Size 0 B (0 bytes) Hash HTTP Headers GET /go/1675934090/1638811200/f0bb33f9bbd0a14036589503f981154f/4po4dqmi/28/451 HTTP/1.1 Host: tr.couponforyou.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 `HTTP/2 302 Found server: nginx date: Tue, 14 Feb 2023 01:53:59 GMT content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 location: http://yourcashreward.net/index.php?m=privacy strict-transport-security: max-age=15768000 x-content-type-options: nosniff set-cookie: _backend=www3\|Y+rpu\|Y+rpu; path=/; HttpOnly; Secure; SameSite=None X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (43)

URL HTTP/1.1

IP

ASN

File type