Edit tour

Windows Analysis Report
https://metmassk-usalloggies.godaddysites.com/

Overview

General Information

Sample URL:	https://metmassk-usalloggies.godaddysites.com/
Analysis ID:	1521124
Infos:

Detection

Score:	56
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

AI detected phishing page

Multi AV Scanner detection for domain / URL

HTML title does not match URL

Classification

Process Tree

System is w10x64

chrome.exe (PID: 2144 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 5576 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2008,i,7692764188829032979,16267991325257769186,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

chrome.exe (PID: 6360 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metmassk-usalloggies.godaddysites.com/" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)

cleanup

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Multi AV Scanner detection for domain / URL

Source: metmassk-usalloggies.godaddysites.com

Virustotal: Detection: 10%

Perma Link

Phishing

AI detected phishing page

Source: https://metmassk-usalloggies.godaddysites.com/contact

LLM: Score: 9 Reasons: The legitimate domain for Metamask is metamask.io., The provided URL 'metmassk-usalloggies.godaddysites.com' contains misspellings and extra characters., The domain 'godaddysites.com' is a hosting service and not directly associated with Metamask., The URL structure and the use of 'godaddysites.com' indicate it is likely a phishing attempt. DOM: 38.6.pages.csv

Source: https://metmassk-usalloggies.godaddysites.com/

HTTP Parser: Title: Metaask Login | Metmask does not match URL

Source: https://metmassk-usalloggies.godaddysites.com/contact	HTTP Parser: No favicon
Source: https://metmassk-usalloggies.godaddysites.com/contact	HTTP Parser: No favicon
Source: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base	HTTP Parser: No favicon

Source: https://metmassk-usalloggies.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://metmassk-usalloggies.godaddysites.com/	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /bluff-house HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
Source: global traffic	HTTP traffic detected: GET /about HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
Source: global traffic	HTTP traffic detected: GET /ellis-property HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
Source: global traffic	HTTP traffic detected: GET /active-listings HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /testimonials HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
Source: global traffic	HTTP traffic detected: GET /contact HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
Source: global traffic	HTTP traffic detected: GET /dowell-residence HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /an-american-refuge HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivePragma: no-cacheCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=3&C_TOUCH=2024-09-28T02:41:05.801Z
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=4&C_TOUCH=2024-09-28T02:41:10.760ZIf-None-Match: 8dca7182115c64686c9248e0fb5894fd
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=5&C_TOUCH=2024-09-28T02:41:16.177ZIf-None-Match: 8dca7182115c64686c9248e0fb5894fd
Source: global traffic	HTTP traffic detected: GET /v3/recaptcha HTTP/1.1Host: contact.apps-api.instantpage.secureserver.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajs HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajsAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ellis-property HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=5&C_TOUCH=2024-09-28T02:41:16.177ZIf-None-Match: 3e788d804d74b9b5dbe9577b97e8a47c
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /manifest.webmanifest HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: manifestReferer: https://metmassk-usalloggies.godaddysites.com/ellis-propertyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9If-None-Match: 4e22c4bd9d3e836e35843a7581efd964
Source: global traffic	HTTP traffic detected: GET /bluff-house HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=6&C_TOUCH=2024-09-28T02:41:43.281ZIf-None-Match: 6c54aea63db58bbfb04017be82be4a2a
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /an-american-refuge HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=7&C_TOUCH=2024-09-28T02:41:47.249ZIf-None-Match: c22e2d5a7b6ea8ee1e71265a680843ab
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=7&C_TOUCH=2024-09-28T02:41:47.249ZIf-None-Match: 8dca7182115c64686c9248e0fb5894fd
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /dowell-residence HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=8&C_TOUCH=2024-09-28T02:41:53.230ZIf-None-Match: 5893b604b00ab2727fd551a7054d7c48
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=8&C_TOUCH=2024-09-28T02:41:53.230ZIf-None-Match: 8dca7182115c64686c9248e0fb5894fd
Source: global traffic	HTTP traffic detected: GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1Host: api.ola.godaddy.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://metmassk-usalloggies.godaddysites.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://metmassk-usalloggies.godaddysites.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sw.js HTTP/1.1Host: metmassk-usalloggies.godaddysites.comConnection: keep-aliveCache-Control: max-age=0Accept: /Service-Worker: scriptSec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://metmassk-usalloggies.godaddysites.com/sw.jsUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=9&C_TOUCH=2024-09-28T02:42:00.174ZIf-None-Match: 8dca7182115c64686c9248e0fb5894fd

Source: global traffic	DNS traffic detected: DNS query: metmassk-usalloggies.godaddysites.com
Source: global traffic	DNS traffic detected: DNS query: img1.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: api.ola.godaddy.com
Source: global traffic	DNS traffic detected: DNS query: events.api.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: csp.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: isteam.wsimg.com
Source: global traffic	DNS traffic detected: DNS query: contact.apps-api.instantpage.secureserver.net
Source: global traffic	DNS traffic detected: DNS query: www.godaddy.com

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:40:56 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: c206e5df150a2f5f64777c0fcf535b8eX-Runtime: 0.005162vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:03 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 4bbccbbb6f1d990dc24987da4f4173f1X-Runtime: 0.008913vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:07 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 95bce415a226e4918f447e392b683717X-Runtime: 0.004831vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:13 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 92259738f168387eabaeac0e5eb434adX-Runtime: 0.008279vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:18 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 38073edfadf27b0e5a8e511ce9429288X-Runtime: 0.004931vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:45 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 1efed0bf43cb537dd165f15c6deeefeeX-Runtime: 0.004332vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:49 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: e3b7803babfb8089060c613a25518625X-Runtime: 0.004981vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:41:56 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 1818e65d6e1c72f9e4562894d7a5f337X-Runtime: 0.004467vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Sat, 28 Sep 2024 02:42:02 GMTContent-Type: application/json; charset=utf-8Content-Length: 29Connection: closeaccess-control-allow-origin: https://metmassk-usalloggies.godaddysites.comaccess-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEADaccess-control-expose-headers: access-control-max-age: 7200access-control-allow-credentials: trueX-Frame-Options: SAMEORIGINX-XSS-Protection: 0X-Content-Type-Options: nosniffX-Permitted-Cross-Domain-Policies: noneReferrer-Policy: strict-origin-when-cross-originCache-Control: no-cacheX-Request-Id: 5f97b4dc1e22eea2d93ccf62edac1e70X-Runtime: 0.004460vary: Accept, OriginStrict-Transport-Security: max-age=15724800; includeSubDomains

Source: chromecache_453.2.dr	String found in binary or memory: http://cf89a7ca.07c4.406f.a5bc.b4c9a082fb91.com
Source: chromecache_453.2.dr	String found in binary or memory: http://img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/pixasquare-622732-unsplash.jpg
Source: chromecache_422.2.dr, chromecache_305.2.dr, chromecache_320.2.dr, chromecache_421.2.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	String found in binary or memory: http://scripts.sil.org/OFL
Source: chromecache_454.2.dr, chromecache_404.2.dr	String found in binary or memory: https://api.ola.$
Source: chromecache_454.2.dr, chromecache_404.2.dr	String found in binary or memory: https://cart-checkout.dev-secureserver.net
Source: chromecache_454.2.dr, chromecache_404.2.dr	String found in binary or memory: https://cart-checkout.secureserver.net
Source: chromecache_454.2.dr, chromecache_404.2.dr	String found in binary or memory: https://cart-checkout.test-secureserver.net
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://cloud.google.com/contact
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://cloud.google.com/recaptcha-enterprise/billing-information
Source: chromecache_271.2.dr	String found in binary or memory: https://contact.apps-api.instantpage.secureserver.net
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#localhost_support
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_398.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkkaE0GrQ.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkmaE0GrQ.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxknaE0GrQ.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkqaE0GrQ.woff2)
Source: chromecache_303.2.dr	String found in binary or memory: https://fonts.gstatic.com/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxktaE0GrQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	String found in binary or memory: https://github.com/FAlthausen/Vollkorn-Typeface)
Source: chromecache_393.2.dr	String found in binary or memory: https://github.com/lancedikson/bowser
Source: chromecache_349.2.dr	String found in binary or memory: https://img1.wsimg.com/blobby/go/font/LeagueSpartan/LeagueSpartan.woff)
Source: chromecache_349.2.dr	String found in binary or memory: https://img1.wsimg.com/blobby/go/font/LeagueSpartan/LeagueSpartan.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkkaE0GrQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkmaE0GrQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxknaE0GrQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkqaE0GrQ.woff2)
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	String found in binary or memory: https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxktaE0GrQ.woff2)
Source: chromecache_418.2.dr	String found in binary or memory: https://img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/pixasquare-622732-unsplash.jpg
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	String found in binary or memory: https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc
Source: chromecache_453.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/
Source: chromecache_374.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/about
Source: chromecache_416.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/active-listings
Source: chromecache_367.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/an-american-refuge
Source: chromecache_417.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/bluff-house
Source: chromecache_418.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/contact
Source: chromecache_399.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/dowell-residence
Source: chromecache_432.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/ellis-property
Source: chromecache_364.2.dr	String found in binary or memory: https://metmassk-usalloggies.godaddysites.com/testimonials
Source: chromecache_363.2.dr	String found in binary or memory: https://play.google.com/log?format=json&hasfast=true
Source: chromecache_271.2.dr	String found in binary or memory: https://policies.google.com/privacy
Source: chromecache_271.2.dr	String found in binary or memory: https://policies.google.com/terms
Source: chromecache_363.2.dr	String found in binary or memory: https://recaptcha.net
Source: chromecache_453.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_363.2.dr	String found in binary or memory: https://support.google.com/recaptcha
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://support.google.com/recaptcha#6262736
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://support.google.com/recaptcha/#6175971
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://support.google.com/recaptcha/?hl=en#6223828
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	String found in binary or memory: https://www.fontsquirrel.com/license/league-spartan
Source: chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	String found in binary or memory: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica
Source: chromecache_385.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api.js?render=$
Source: chromecache_281.2.dr, chromecache_289.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://www.google.com/recaptcha/api2/
Source: chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	String found in binary or memory: https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.
Source: chromecache_289.2.dr, chromecache_344.2.dr, chromecache_308.2.dr	String found in binary or memory: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js
Source: chromecache_364.2.dr, chromecache_449.2.dr	String found in binary or memory: https://www.zillow.com/corp/Terms.htm
Source: chromecache_364.2.dr, chromecache_449.2.dr	String found in binary or memory: https://www.zillow.com/wikipages/What-is-a-Zestimate/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 49842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 49672 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49937
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49854
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49854 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49937 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49672
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49901
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49755 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49766 version: TLS 1.2

Source: classification engine

Classification label: mal56.phis.win@26/342@40/12

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2008,i,7692764188829032979,16267991325257769186,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://metmassk-usalloggies.godaddysites.com/"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=2008,i,7692764188829032979,16267991325257769186,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Automated click: Accept

Source: Window Recorder

Window detected: More than 3 window changes detected

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	Acquire Infrastructure	Valid Accounts	Windows Management Instrumentation	Path Interception	1 Process Injection	1 Process Injection	OS Credential Dumping	System Service Discovery	Remote Services	Data from Local System	1 Encrypted Channel	Exfiltration Over Other Network Medium	Abuse Accessibility Features
Credentials	Domains	Default Accounts	Scheduled Task/Job	Boot or Logon Initialization Scripts	Boot or Logon Initialization Scripts	Rootkit	LSASS Memory	Application Window Discovery	Remote Desktop Protocol	Data from Removable Media	3 Non-Application Layer Protocol	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	At	Logon Script (Windows)	Logon Script (Windows)	Obfuscated Files or Information	Security Account Manager	Query Registry	SMB/Windows Admin Shares	Data from Network Shared Drive	4 Application Layer Protocol	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	Cron	Login Hook	Login Hook	Binary Padding	NTDS	System Network Configuration Discovery	Distributed Component Object Model	Input Capture	3 Ingress Tool Transfer	Traffic Duplication	Data Destruction

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
https://metmassk-usalloggies.godaddysites.com/	4%	Virustotal		Browse

Dropped Files

⊘No Antivirus matches

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Link
proxy.k8s.pnc.phx.secureserver.net	0%	Virustotal	Browse
www.google.com	0%	Virustotal	Browse
bg.microsoft.map.fastly.net	0%	Virustotal	Browse
img1.wsimg.com	0%	Virustotal	Browse
csp.secureserver.net	0%	Virustotal	Browse
windowsupdatebg.s.llnwi.net	1%	Virustotal	Browse
metmassk-usalloggies.godaddysites.com	10%	Virustotal	Browse
events.api.secureserver.net	0%	Virustotal	Browse
fp2e7a.wpc.phicdn.net	0%	Virustotal	Browse
isteam.wsimg.com	0%	Virustotal	Browse
api.ola.godaddy.com	0%	Virustotal	Browse
proxy.k8s.pnc.iad.secureserver.net	0%	Virustotal	Browse
www.godaddy.com	0%	Virustotal	Browse
contact.apps-api.instantpage.secureserver.net	0%	Virustotal	Browse

URLs

Source	Detection	Scanner	Label	Link
https://developers.google.com/recaptcha/docs/faq#localhost_support	0%	URL Reputation	safe
https://support.google.com/recaptcha#6262736	0%	URL Reputation	safe
https://support.google.com/recaptcha/?hl=en#6223828	0%	URL Reputation	safe
https://cloud.google.com/contact	0%	URL Reputation	safe
https://policies.google.com/terms	0%	URL Reputation	safe
https://support.google.com/recaptcha/#6175971	0%	URL Reputation	safe
https://support.google.com/recaptcha	0%	URL Reputation	safe
http://jedwatson.github.io/classnames	0%	URL Reputation	safe
https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.	0%	URL Reputation	safe
https://cloud.google.com/recaptcha-enterprise/billing-information	0%	URL Reputation	safe
https://recaptcha.net	0%	URL Reputation	safe
https://schema.org	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	0%	URL Reputation	safe
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	0%	URL Reputation	safe
https://policies.google.com/privacy	0%	URL Reputation	safe
http://scripts.sil.org/OFL	0%	URL Reputation	safe
https://cart-checkout.dev-secureserver.net	0%	Virustotal		Browse
https://www.google.com/js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js	0%	Virustotal		Browse
https://www.fontsquirrel.com/license/league-spartan	0%	Virustotal		Browse
https://contact.apps-api.instantpage.secureserver.net/v3/recaptcha	0%	Virustotal		Browse
https://cart-checkout.secureserver.net	0%	Virustotal		Browse
https://www.zillow.com/wikipages/What-is-a-Zestimate/	0%	Virustotal		Browse
https://cart-checkout.test-secureserver.net	0%	Virustotal		Browse
https://www.google.com/recaptcha/api2/	0%	Virustotal		Browse
https://contact.apps-api.instantpage.secureserver.net	0%	Virustotal		Browse
https://github.com/FAlthausen/Vollkorn-Typeface)	0%	Virustotal		Browse

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Antivirus Detection	Reputation
bg.microsoft.map.fastly.net	199.232.214.172	true	false	0%, Virustotal, Browse	unknown
proxy.k8s.pnc.phx.secureserver.net	45.40.130.49	true	false	0%, Virustotal, Browse	unknown
www.google.com	142.250.184.196	true	false	0%, Virustotal, Browse	unknown
metmassk-usalloggies.godaddysites.com	13.248.243.5	true	true	10%, Virustotal, Browse	unknown
isteam.wsimg.com	3.121.64.201	true	false	0%, Virustotal, Browse	unknown
fp2e7a.wpc.phicdn.net	192.229.221.95	true	false	0%, Virustotal, Browse	unknown
proxy.k8s.pnc.iad.secureserver.net	198.71.248.123	true	false	0%, Virustotal, Browse	unknown
windowsupdatebg.s.llnwi.net	87.248.205.0	true	false	1%, Virustotal, Browse	unknown
img1.wsimg.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
csp.secureserver.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
events.api.secureserver.net	unknown	unknown	false	0%, Virustotal, Browse	unknown
www.godaddy.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
api.ola.godaddy.com	unknown	unknown	false	0%, Virustotal, Browse	unknown
contact.apps-api.instantpage.secureserver.net	unknown	unknown	false	0%, Virustotal, Browse	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://www.google.com/js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js	false	0%, Virustotal, Browse	unknown
https://metmassk-usalloggies.godaddysites.com/manifest.webmanifest	false		unknown
https://metmassk-usalloggies.godaddysites.com/active-listings	false		unknown
https://metmassk-usalloggies.godaddysites.com/testimonials	false		unknown
https://api.ola.godaddy.com/accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart	false		unknown
https://metmassk-usalloggies.godaddysites.com/ellis-property	false		unknown
https://contact.apps-api.instantpage.secureserver.net/v3/recaptcha	false	0%, Virustotal, Browse	unknown
https://metmassk-usalloggies.godaddysites.com/dowell-residence	false		unknown
https://metmassk-usalloggies.godaddysites.com/bluff-house	false		unknown
https://www.google.com/recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_	false		unknown
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY	false		unknown
https://metmassk-usalloggies.godaddysites.com/an-american-refuge	false		unknown
https://metmassk-usalloggies.godaddysites.com/contact	true		unknown
https://metmassk-usalloggies.godaddysites.com/about	false		unknown
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base	false		unknown
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajs	false		unknown
https://metmassk-usalloggies.godaddysites.com/	false		unknown
https://metmassk-usalloggies.godaddysites.com/sw.js	false		unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://developers.google.com/recaptcha/docs/faq#localhost_support	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1JlFc-K.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkkaE0GrQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://support.google.com/recaptcha#6262736	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkmaE0GrQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://cart-checkout.dev-secureserver.net	chromecache_454.2.dr, chromecache_404.2.dr	false	0%, Virustotal, Browse	unknown
https://support.google.com/recaptcha/?hl=en#6223828	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://cloud.google.com/contact	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://policies.google.com/terms	chromecache_271.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
http://img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/pixasquare-622732-unsplash.jpg	chromecache_453.2.dr	false		unknown
https://support.google.com/recaptcha/#6175971	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://www.fontsquirrel.com/license/league-spartan	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	false	0%, Virustotal, Browse	unknown
https://cart-checkout.secureserver.net	chromecache_454.2.dr, chromecache_404.2.dr	false	0%, Virustotal, Browse	unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkqaE0GrQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://img1.wsimg.com/blobby/go/font/LeagueSpartan/LeagueSpartan.woff)	chromecache_349.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxknaE0GrQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://www.google.com/recaptcha/api2/	chromecache_281.2.dr, chromecache_289.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	0%, Virustotal, Browse	unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxktaE0GrQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://www.zillow.com/wikipages/What-is-a-Zestimate/	chromecache_364.2.dr, chromecache_449.2.dr	false	0%, Virustotal, Browse	unknown
https://cart-checkout.test-secureserver.net	chromecache_454.2.dr, chromecache_404.2.dr	false	0%, Virustotal, Browse	unknown
https://img1.wsimg.com/blobby/go/font/LeagueSpartan/LeagueSpartan.woff2)	chromecache_349.2.dr	false		unknown
https://support.google.com/recaptcha	chromecache_363.2.dr	false	URL Reputation: safe	unknown
http://jedwatson.github.io/classnames	chromecache_422.2.dr, chromecache_305.2.dr, chromecache_320.2.dr, chromecache_421.2.dr	false	URL Reputation: safe	unknown
http://cf89a7ca.07c4.406f.a5bc.b4c9a082fb91.com	chromecache_453.2.dr	false		unknown
https://www.gstatic.c..?/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__.	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://github.com/FAlthausen/Vollkorn-Typeface)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	false	0%, Virustotal, Browse	unknown
https://contact.apps-api.instantpage.secureserver.net	chromecache_271.2.dr	false	0%, Virustotal, Browse	unknown
https://api.ola.$	chromecache_454.2.dr, chromecache_404.2.dr	false		unknown
https://img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/pixasquare-622732-unsplash.jpg	chromecache_418.2.dr	false		unknown
https://cloud.google.com/recaptcha-enterprise/billing-information	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://recaptcha.net	chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://www.google.com/recaptcha/api.js?render=$	chromecache_385.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://schema.org	chromecache_453.2.dr	false	URL Reputation: safe	unknown
https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applica	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	false		unknown
https://github.com/lancedikson/bowser	chromecache_393.2.dr	false		unknown
https://developers.google.com/recaptcha/docs/faq#my-computer-or-network-may-be-sending-automated-que	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1JlFc-K.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://play.google.com/log?format=json&hasfast=true	chromecache_363.2.dr	false		unknown
https://developers.google.com/recaptcha/docs/faq#are-there-any-qps-or-daily-limits-on-my-use-of-reca	chromecache_281.2.dr, chromecache_425.2.dr, chromecache_363.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1JlFc-K.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~loc	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	false		unknown
https://www.zillow.com/corp/Terms.htm	chromecache_364.2.dr, chromecache_449.2.dr	false		unknown
https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
https://policies.google.com/privacy	chromecache_271.2.dr	false	URL Reputation: safe	unknown
https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2)	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr	false		unknown
http://scripts.sil.org/OFL	chromecache_367.2.dr, chromecache_364.2.dr, chromecache_432.2.dr, chromecache_416.2.dr, chromecache_399.2.dr, chromecache_417.2.dr, chromecache_453.2.dr, chromecache_374.2.dr, chromecache_418.2.dr	false	URL Reputation: safe	unknown

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
35.157.66.55	unknown	United States	16509	AMAZON-02US	false
45.40.130.49	proxy.k8s.pnc.phx.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
198.71.248.123	proxy.k8s.pnc.iad.secureserver.net	United States	26496	AS-26496-GO-DADDY-COM-LLCUS	false
216.58.206.36	unknown	United States	15169	GOOGLEUS	false
142.250.184.196	www.google.com	United States	15169	GOOGLEUS	false
3.121.64.201	isteam.wsimg.com	United States	16509	AMAZON-02US	false
13.248.243.5	metmassk-usalloggies.godaddysites.com	United States	16509	AMAZON-02US	true
172.217.18.4	unknown	United States	15169	GOOGLEUS	false
216.58.206.68	unknown	United States	15169	GOOGLEUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false

Private

IP
192.168.2.4
192.168.2.5

General Information

Joe Sandbox version:	41.0.0 Charoite
Analysis ID:	1521124
Start date and time:	2024-09-28 04:39:50 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 4m 18s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	browseurl.jbs
Sample URL:	https://metmassk-usalloggies.godaddysites.com/
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	9
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal56.phis.win@26/342@40/12
EGA Information:	Failed
HCA Information:	Successful, ratio: 100% Number of executed functions: 0 Number of non-executed functions: 0
Cookbook Comments:	Browse: https://metmassk-usalloggies.godaddysites.com/about Browse: https://metmassk-usalloggies.godaddysites.com/active-listings Browse: https://metmassk-usalloggies.godaddysites.com/testimonials Browse: https://metmassk-usalloggies.godaddysites.com/contact Browse: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base Browse: https://metmassk-usalloggies.godaddysites.com/ellis-property Browse: https://metmassk-usalloggies.godaddysites.com/bluff-house Browse: https://metmassk-usalloggies.godaddysites.com/an-american-refuge Browse: https://metmassk-usalloggies.godaddysites.com/dowell-residence

Warnings

Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.181.238, 64.233.167.84, 34.104.35.123, 23.38.98.114, 23.38.98.78, 2.18.64.8, 2.18.64.27, 104.102.33.222, 52.165.165.26, 172.217.16.202, 142.250.186.67, 199.232.214.172, 13.85.23.206, 192.229.221.95, 87.248.205.0, 52.165.164.15, 216.58.212.138, 172.217.18.10, 172.217.23.106, 216.58.212.170, 172.217.16.138, 142.250.185.74, 142.250.186.74, 142.250.185.170, 216.58.206.74, 142.250.74.202, 142.250.186.42, 142.250.186.106, 142.250.185.106, 142.250.186.138, 142.250.185.138, 23.201.246.20, 172.217.18.3, 142.250.185.67, 142.250.184.195, 93.184.221.240, 142.250.185.131, 142.250.186.142
Excluded domains from analysis (whitelisted): e8843.dsca.akamaiedge.net, e40258.g.akamaiedge.net, slscr.update.microsoft.com, e6001.dscx.akamaiedge.net, clientservices.googleapis.com, wu.azureedge.net, clients2.google.com, ocsp.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, ocsp.edge.digicert.com, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, update.googleapis.com, www.gstatic.com, global-wildcard.wsimg.com.sni-only.edgekey.net, wu-b-net.trafficmanager.net, csp.secureserver.net.edgekey.net, glb.sls.prod.dcat.dsp.trafficmanager.net, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, fonts.gstatic.com, ctldl.windowsupdate.com.delivery.microsoft.com, wu.ec.azureedge.net, wildcard-sni-only.api.secureserver.net.edgekey.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, wildcard-ipv6.godaddy.com.edgekey.net, edgedl.me.gvt1.com, e64861
Not all processes where analyzed, report is missing behavior information
Report size getting too big, too many NtCreateFile calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Simulations

Behavior and APIs

⊘No simulations

LLM Input / Output

Input	Output
URL: https://metmassk-usalloggies.godaddysites.com/ Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"ACCEPT", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/about Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"ACCEPT", "text_input_field_labels":[], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/active-listings Model: jbxai	{ "brand":["Metamask"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"LEARN MORE", "text_input_field_labels":["Virtual Tour Available", "Brief description of Ellis Property Home", "Brief description of the Bluff House"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://www.godaddy.com/websites/website-builder?isc=pwugc&utm_source=wsb&utm_medium=applications&utm_campaign=en-us_corp_applications_base Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/contact Model: jbxai	{ "brand":["Metamask"], "contains_trigger_text":false, "trigger_text":null, "prominent_button_name":"SEND", "text_input_field_labels":["Name", "Email*"], "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/testimonials Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/contact Model: jbxai	{ "phishing_score":9, "brands":"Metamask", "legit_domain":"metamask.io", "classification":"known", "reasons":["The legitimate domain for Metamask is metamask.io.", "The provided URL 'metmassk-usalloggies.godaddysites.com' contains misspellings and extra characters.", "The domain 'godaddysites.com' is a hosting service and not directly associated with Metamask.", "The URL structure and the use of 'godaddysites.com' indicate it is likely a phishing attempt."], "brand_matches":[false], "url_match":false, "brand_input":"Metamask", "input_fields":"Name, Email*"}

URL: https://metmassk-usalloggies.godaddysites.com/ellis-property Model: jbxai	{ "brand":["Metamask"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/bluff-house Model: jbxai	{ "brand":[], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/an-american-refuge Model: jbxai	{ "brand":["Metamask"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

URL: https://metmassk-usalloggies.godaddysites.com/dowell-residence Model: jbxai	{ "brand":["Metamask"], "contains_trigger_text":false, "trigger_text":"", "prominent_button_name":"unknown", "text_input_field_labels":"unknown", "pdf_icon_visible":false, "has_visible_captcha":false, "has_urgent_text":false, "has_visible_qrcode":false}

Joe Sandbox View / Context

IPs

⊘No context

Domains

⊘No context

ASNs

⊘No context

JA3 Fingerprints

⊘No context

Dropped Files

⊘No context

Process:	C:\Program Files\Google\Chrome\Application\chrome.exe
File Type:	ASCII text, with very long lines (51853)
Category:	downloaded
Size (bytes):	60918
Entropy (8bit):	5.352244498853432
Encrypted:	false
SSDEEP:	768:RfLoCGFoLb8vvw4xUC/ib7V/Kc5EVou1TRA/LkIT8OTGGOumJ66KzElpzLEP2szr:4j1TRqD8OEumJ66KzEnXEP2szmOT
MD5:	20AC8B618ED466D933448B28D49BC29B
SHA1:	BBAAFAEB13C431646684725AAB530123E16081C0
SHA-256:	F19AF319D1B7D54D26D8A10921F48C72777F959AD7CD916416F2FB9B2BA88199
SHA-512:	09776B34673A921E5E4C93035371A763C5F87F1A6E9CDF25E3B2095DAA26FFE06DF6B705AAE45C7A865D4FA8C715AC6486563060EFF0DB406381A2F7B8E39CA4
Malicious:	false
Reputation:	low
URL:	https://img1.wsimg.com/blobby/go/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/gpub/67caf222bd30b3e7/script.js
Preview:	navigator&&navigator.connection&&(window.networkInfo=navigator.connection,navigator.connection.addEventListener&&navigator.connection.addEventListener("change",({target:n})=>window.networkInfo=n));.const imageObserver=new IntersectionObserver((e,r)=>{var a=e=>{if(e.hasAttribute("data-lazyimg")){var t=e.getAttribute("data-srclazy");let o=e.getAttribute("data-srcsetlazy")\|\|"";if(t&&(e.src=t),o&&window.networkInfo){var n=window.networkInfo.downlink;const r=[{min:0,max:5,regex:/(.?(?=, ))/,qMod:!0},{min:5,max:8,regex:/(.2x)/}];r.forEach(({min:e,max:t,regex:r,qMod:a})=>{e<=n&&n<t&&(r=o.match(r),o=(r&&r.length?r[0]:o)+(a?"/qt=q:"+Math.round((n-e)/(t-e)*100):""))})}e.srcset=o,e.removeAttribute("sizes"),e.removeAttribute("data-lazyimg"),e.removeAttribute("data-srclazy"),e.removeAttribute("data-srcsetlazy")}};e.forEach(e=>{if(e.isIntersecting){const t=e.target;window.networkInfo&&0===window.networkInfo.downlink\|\|([t].concat(Array.from(t.querySelectorAll("[data-lazyimg]"))).forEach(a),r.unobse

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 28, 2024 04:40:44.217799902 CEST	53	58720	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:44.311773062 CEST	53	57116	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:45.308796883 CEST	53	65481	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:46.214386940 CEST	63316	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:46.214577913 CEST	59274	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:46.222609043 CEST	53	59274	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:46.222703934 CEST	53	63316	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:46.905142069 CEST	64747	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:46.905405998 CEST	61809	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:48.773190022 CEST	52668	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:48.779428005 CEST	59002	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:48.779941082 CEST	53	52668	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:48.786057949 CEST	53	59002	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:50.277760029 CEST	61843	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:50.278167009 CEST	54380	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.020512104 CEST	53769	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.022794962 CEST	62234	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.024322033 CEST	57871	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.024626017 CEST	57283	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.030658960 CEST	53	53769	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:56.032350063 CEST	53	62234	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:56.205998898 CEST	56980	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:56.206237078 CEST	63007	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:57.328953981 CEST	51723	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:57.329482079 CEST	63386	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:58.775477886 CEST	53	61318	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:58.786947966 CEST	54532	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:58.787424088 CEST	63166	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:40:58.794260025 CEST	53	63166	1.1.1.1	192.168.2.4
Sep 28, 2024 04:40:58.795841932 CEST	53	54532	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:02.809818983 CEST	138	138	192.168.2.4	192.168.2.255
Sep 28, 2024 04:41:03.523453951 CEST	53	56716	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:18.049149990 CEST	53	60863	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:21.913821936 CEST	56598	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:21.916140079 CEST	61424	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:21.923094034 CEST	53	56598	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:21.925280094 CEST	53	61424	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:22.734441996 CEST	56702	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:22.734642982 CEST	61214	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:22.983710051 CEST	53	54619	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:23.370126963 CEST	49170	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:23.370493889 CEST	49200	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:23.376857996 CEST	53	49170	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:23.376935005 CEST	53	49200	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:23.382349968 CEST	60247	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:23.382590055 CEST	54695	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:23.389128923 CEST	53	60247	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:23.392072916 CEST	53	54695	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:26.920926094 CEST	55927	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:26.921159029 CEST	53371	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:26.927697897 CEST	53	53371	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:26.927720070 CEST	53	55927	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:31.129581928 CEST	65284	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:31.129801035 CEST	51893	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:31.136046886 CEST	53	65284	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:31.136239052 CEST	53	51893	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:43.984270096 CEST	53	55735	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:46.530579090 CEST	53	58742	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:47.135046005 CEST	52171	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:47.135677099 CEST	53387	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:59.069817066 CEST	53	63155	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:59.127075911 CEST	65238	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:59.127548933 CEST	63692	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:41:59.135924101 CEST	53	63692	1.1.1.1	192.168.2.4
Sep 28, 2024 04:41:59.148288012 CEST	53	65238	1.1.1.1	192.168.2.4
Sep 28, 2024 04:42:01.744622946 CEST	61934	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:01.744623899 CEST	54876	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:01.753854990 CEST	53	54876	1.1.1.1	192.168.2.4
Sep 28, 2024 04:42:01.754798889 CEST	53	61934	1.1.1.1	192.168.2.4
Sep 28, 2024 04:42:01.765290976 CEST	61871	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:01.765573978 CEST	59389	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:02.011718035 CEST	65521	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:02.011821032 CEST	51988	53	192.168.2.4	1.1.1.1
Sep 28, 2024 04:42:12.825794935 CEST	53	58912	1.1.1.1	192.168.2.4

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:46 UTC	680	OUT	GET / HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:40:46 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: e4016b8d500ec342c390307f4af6f446 Date: Sat, 28 Sep 2024 02:40:46 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:46 UTC	15034	IN	Data Raw: 31 30 34 65 66 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 104ef<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:40:46 UTC	16384	IN	Data Raw: 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d 2e 32 34 73 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d 2e 32 34 73 20 69 6e 66 69 6e 69 74 65 7d 2e 78 2d 6c 6f 61 64 65 72 20 73 76 67 3a 6e 74 68 2d 63 68 69 6c 64 28 32 29 7b 2d 77 65 62 6b 69 74 2d 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 64 65 72 73 63 61 6c 65 20 2e 37 35 73 20 63 75 62 69 63 2d 62 65 7a 69 65 72 28 2e 32 2c 2e 36 38 2c 2e 31 38 2c 31 2e 30 38 29 20 2d 2e 31 32 73 20 69 6e 66 69 6e 69 74 65 3b 61 6e 69 6d 61 74 69 6f 6e 3a 6c 6f 61 Data Ascii: :loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -.24s infinite;animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -.24s infinite}.x-loader svg:nth-child(2){-webkit-animation:loaderscale .75s cubic-bezier(.2,.68,.18,1.08) -.12s infinite;animation:loa
2024-09-28 02:40:46 UTC	16384	IN	Data Raw: 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 70 69 78 61 73 71 75 61 72 65 2d 36 32 32 37 33 32 2d 75 6e 73 70 6c 61 73 68 2e 6a 70 67 2f 3a 2f 72 73 3d 77 3a 31 30 30 25 32 35 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 39 32 31 70 78 29 20 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 20 33 29 2c 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 39 32 31 70 78 29 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 20 32 38 38 64 70 69 29 7b 2e 78 20 2e 63 31 2d 31 6b 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 3a 6c 69 6e 65 61 72 2d 67 Data Ascii: img.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/pixasquare-622732-unsplash.jpg/:/rs=w:100%25")}}@media (min-width: 1921px) and (-webkit-min-device-pixel-ratio: 3), (min-width: 1921px) and (min-resolution: 288dpi){.x .c1-1k{background-image:linear-g
2024-09-28 02:40:46 UTC	16384	IN	Data Raw: 76 65 2d 6c 69 73 74 69 6e 67 73 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4e 61 76 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 61 20 63 31 2d 34 75 20 63 31 2d 34 76 20 63 31 2d 32 6d 20 63 31 2d 32 6e 20 63 31 2d 32 62 20 63 31 2d 34 77 20 63 31 2d 32 70 20 63 31 2d 35 35 20 63 31 2d 35 36 20 63 31 2d 35 37 20 63 31 2d 35 38 20 63 31 2d 34 33 20 63 31 2d 34 31 20 63 31 2d 34 30 20 63 31 2d 34 32 20 63 31 2d 62 20 63 31 2d 33 31 20 63 31 2d 34 78 20 63 31 2d 35 39 20 63 31 2d 34 7a 20 63 31 2d 35 30 20 63 31 2d 35 31 20 63 31 2d 35 32 20 63 31 2d 35 33 20 63 31 2d 35 34 22 20 64 61 74 61 2d 74 63 63 6c 3d 22 75 78 32 2e 48 45 41 44 45 52 2e 68 65 61 64 65 72 39 2e 4e 61 76 2e 44 65 66 61 75 6c 74 2e 4c 69 6e 6b Data Ascii: ve-listings" data-typography="NavAlpha" class="x-el x-el-a c1-4u c1-4v c1-2m c1-2n c1-2b c1-4w c1-2p c1-55 c1-56 c1-57 c1-58 c1-43 c1-41 c1-40 c1-42 c1-b c1-31 c1-4x c1-59 c1-4z c1-50 c1-51 c1-52 c1-53 c1-54" data-tccl="ux2.HEADER.header9.Nav.Default.Link
2024-09-28 02:40:46 UTC	2627	IN	Data Raw: 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 32 6e 20 63 31 2d 32 62 20 63 31 2d 35 74 20 63 31 2d 32 33 20 63 31 2d 32 35 20 63 31 2d 38 74 20 63 31 2d 35 6d 20 63 31 2d 62 20 63 31 2d 38 75 20 63 31 2d 63 20 63 31 2d 35 39 20 63 31 2d 38 76 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 20 78 2d 72 74 22 3e 3c 70 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 22 3e 3c 73 70 61 6e 3e 57 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 74 6f 20 61 6e 61 6c 79 7a 65 20 77 65 62 73 69 74 65 20 74 72 61 66 66 69 63 20 61 6e 64 20 6f 70 74 69 6d 69 7a 65 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 65 78 70 65 72 69 65 6e 63 65 2e 20 42 79 20 61 63 63 65 70 74 69 6e 67 20 6f 75 72 20 75 73 65 20 6f 66 20 63 6f 6f 6b Data Ascii: a" class="x-el c1-1 c1-2 c1-2n c1-2b c1-5t c1-23 c1-25 c1-8t c1-5m c1-b c1-8u c1-c c1-59 c1-8v c1-d c1-e c1-f c1-g x-rt"><p style="margin:0"><span>We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cook

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:50 UTC	161	OUT	HEAD /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-28 02:40:51 UTC	467	IN	HTTP/1.1 200 OK Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF67) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-neu-z1 Cache-Control: public, max-age=223451 Date: Sat, 28 Sep 2024 02:40:51 GMT Connection: close X-CID: 2

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:52 UTC	239	OUT	GET /fs/windows/config.json HTTP/1.1 Connection: Keep-Alive Accept: / Accept-Encoding: identity If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT Range: bytes=0-2147483646 User-Agent: Microsoft BITS/7.8 Host: fs.microsoft.com
2024-09-28 02:40:52 UTC	515	IN	HTTP/1.1 200 OK ApiVersion: Distribute 1.1 Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json Content-Type: application/octet-stream ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7" Last-Modified: Tue, 16 May 2017 22:58:00 GMT Server: ECAcc (lpl/EF06) X-CID: 11 X-Ms-ApiVersion: Distribute 1.2 X-Ms-Region: prod-weu-z1 Cache-Control: public, max-age=223480 Date: Sat, 28 Sep 2024 02:40:52 GMT Content-Length: 55 Connection: close X-CID: 2
2024-09-28 02:40:52 UTC	55	IN	Data Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:56 UTC	680	OUT	GET /sw.js HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://metmassk-usalloggies.godaddysites.com/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
2024-09-28 02:40:56 UTC	663	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/javascript Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 8dca7182115c64686c9248e0fb5894fd Date: Sat, 28 Sep 2024 02:40:56 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:56 UTC	15721	IN	Data Raw: 38 31 35 34 0d 0a 28 28 29 3d 3e 7b 22 75 73 65 20 73 74 72 69 63 74 22 3b 76 61 72 20 65 3d 7b 38 39 35 3a 28 29 3d 3e 7b 74 72 79 7b 73 65 6c 66 5b 22 77 6f 72 6b 62 6f 78 3a 63 61 63 68 65 61 62 6c 65 2d 72 65 73 70 6f 6e 73 65 3a 36 2e 34 2e 31 22 5d 26 26 5f 28 29 7d 63 61 74 63 68 28 65 29 7b 7d 7d 2c 32 35 39 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 42 3a 28 29 3d 3e 61 7d 29 2c 73 28 39 31 33 29 3b 63 6c 61 73 73 20 61 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 29 7b 74 68 69 73 2e 70 72 6f 6d 69 73 65 3d 6e 65 77 20 50 72 6f 6d 69 73 65 28 28 28 65 2c 74 29 3d 3e 7b 74 68 69 73 2e 72 65 73 6f 6c 76 65 3d 65 2c 74 68 69 73 2e 72 65 6a 65 63 74 3d 74 7d 29 29 7d 7d 7d 2c 31 32 35 3a 28 65 2c 74 2c 73 29 3d 3e 7b 73 2e 64 28 74 2c 7b 56 3a Data Ascii: 8154(()=>{"use strict";var e={895:()=>{try{self["workbox:cacheable-response:6.4.1"]&&_()}catch(e){}},259:(e,t,s)=>{s.d(t,{B:()=>a}),s(913);class a{constructor(){this.promise=new Promise(((e,t)=>{this.resolve=e,this.reject=t}))}}},125:(e,t,s)=>{s.d(t,{V:
2024-09-28 02:40:56 UTC	16384	IN	Data Raw: 65 2c 74 29 7c 7c 52 2e 68 61 73 28 65 2c 74 29 7d 2c 73 28 35 35 30 29 3b 63 6f 6e 73 74 20 76 3d 22 63 61 63 68 65 2d 65 6e 74 72 69 65 73 22 2c 62 3d 65 3d 3e 7b 63 6f 6e 73 74 20 74 3d 6e 65 77 20 55 52 4c 28 65 2c 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 29 3b 72 65 74 75 72 6e 20 74 2e 68 61 73 68 3d 22 22 2c 74 2e 68 72 65 66 7d 3b 63 6c 61 73 73 20 78 7b 63 6f 6e 73 74 72 75 63 74 6f 72 28 65 29 7b 74 68 69 73 2e 5f 64 62 3d 6e 75 6c 6c 2c 74 68 69 73 2e 5f 63 61 63 68 65 4e 61 6d 65 3d 65 7d 5f 75 70 67 72 61 64 65 44 62 28 65 29 7b 63 6f 6e 73 74 20 74 3d 65 2e 63 72 65 61 74 65 4f 62 6a 65 63 74 53 74 6f 72 65 28 76 2c 7b 6b 65 79 50 61 74 68 3a 22 69 64 22 7d 29 3b 74 2e 63 72 65 61 74 65 49 6e 64 65 78 28 22 63 61 63 68 65 4e 61 6d 65 22 2c 22 Data Ascii: e,t)\|\|R.has(e,t)},s(550);const v="cache-entries",b=e=>{const t=new URL(e,location.href);return t.hash="",t.href};class x{constructor(e){this._db=null,this._cacheName=e}_upgradeDb(e){const t=e.createObjectStore(v,{keyPath:"id"});t.createIndex("cacheName","
2024-09-28 02:40:56 UTC	1016	IN	Data Raw: 6d 65 28 28 74 3d 3e 74 2e 74 65 73 74 28 65 2e 68 72 65 66 29 29 29 29 2c 6e 65 77 20 74 2e 4e 65 74 77 6f 72 6b 46 69 72 73 74 28 7b 63 61 63 68 65 4e 61 6d 65 3a 22 6e 65 74 77 6f 72 6b 2d 66 69 72 73 74 22 2c 70 6c 75 67 69 6e 73 3a 5b 6e 65 77 20 61 2e 43 61 63 68 65 61 62 6c 65 52 65 73 70 6f 6e 73 65 50 6c 75 67 69 6e 28 7b 73 74 61 74 75 73 65 73 3a 5b 32 30 30 5d 7d 29 5d 7d 29 29 2c 28 30 2c 65 2e 72 65 67 69 73 74 65 72 52 6f 75 74 65 29 28 28 28 7b 72 65 71 75 65 73 74 3a 65 7d 29 3d 3e 22 73 74 79 6c 65 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 7c 7c 22 73 63 72 69 70 74 22 3d 3d 3d 65 2e 64 65 73 74 69 6e 61 74 69 6f 6e 29 2c 6e 65 77 20 74 2e 53 74 61 6c 65 57 68 69 6c 65 52 65 76 61 6c 69 64 61 74 65 28 7b 63 61 63 68 65 4e 61 6d Data Ascii: me((t=>t.test(e.href)))),new t.NetworkFirst({cacheName:"network-first",plugins:[new a.CacheableResponsePlugin({statuses:[200]})]})),(0,e.registerRoute)((({request:e})=>"style"===e.destination\|\|"script"===e.destination),new t.StaleWhileRevalidate({cacheNam

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:56 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:40:56 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:40:56 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: c206e5df150a2f5f64777c0fcf535b8e X-Runtime: 0.005162 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:40:56 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:56 UTC	578	OUT	GET /manifest.webmanifest HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: manifest Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:40:56 UTC	666	IN	HTTP/1.1 200 OK Link: <https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: application/manifest+json Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 4e22c4bd9d3e836e35843a7581efd964 Date: Sat, 28 Sep 2024 02:40:56 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:56 UTC	551	IN	Data Raw: 32 31 62 0d 0a 7b 22 73 63 6f 70 65 22 3a 22 2f 22 2c 22 73 74 61 72 74 5f 75 72 6c 22 3a 22 2f 22 2c 22 64 69 73 70 6c 61 79 22 3a 22 73 74 61 6e 64 61 6c 6f 6e 65 22 2c 22 69 63 6f 6e 73 22 3a 5b 7b 22 73 69 7a 65 73 22 3a 22 31 39 32 78 31 39 32 22 2c 22 74 79 70 65 22 3a 22 69 6d 61 67 65 2f 70 6e 67 22 2c 22 73 72 63 22 3a 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 39 32 2c 68 3a 31 39 32 2c 6d 22 7d 2c 7b 22 73 69 7a 65 73 22 3a 22 Data Ascii: 21b{"scope":"/","start_url":"/","display":"standalone","icons":[{"sizes":"192x192","type":"image/png","src":"//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:192,h:192,m"},{"sizes":"

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:56 UTC	669	OUT	GET /bluff-house HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
2024-09-28 02:40:57 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 6c54aea63db58bbfb04017be82be4a2a Date: Sat, 28 Sep 2024 02:40:56 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:57 UTC	15034	IN	Data Raw: 31 34 31 35 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 1415b<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e Data Ascii: icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and (min
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 65 3a 6c 69 6e 65 61 72 2d 67 72 61 64 69 65 6e 74 28 74 6f 20 62 6f 74 74 6f 6d 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 31 30 30 25 29 2c 20 75 72 6c 28 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 66 65 33 37 36 62 36 35 6f 79 4a 32 30 30 5f 4c 61 72 67 65 5f 31 39 31 30 35 35 33 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 31 30 30 25 32 35 2f 72 73 3d 77 3a 34 36 30 35 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 Data Ascii: e:linear-gradient(to bottom, rgba(0, 0, 0, 0) 0%, rgba(0, 0, 0, 0) 100%), url("//img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txpfe376b65oyJ200_Large_1910553.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:4605,m")}}@media (min-widt
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 63 31 2d 32 69 20 63 31 2d 32 36 20 63 31 2d 32 35 20 63 31 2d 32 37 20 63 31 2d 32 38 20 63 31 2d 32 39 20 63 31 2d 32 61 20 63 31 2d 32 62 22 3e 4d 65 74 61 f0 9d 92 8e 61 73 6b 20 4c 6f 67 69 6e 20 7c 20 4d 65 74 f0 9d 93 aa 6d 61 73 6b 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 61 6c 65 72 22 20 64 61 74 61 2d 73 69 7a 65 3d 22 6c 61 72 67 65 22 20 64 61 74 61 2d 73 63 61 6c 65 72 2d 69 64 3d 22 73 63 61 6c 65 72 2d 6c 6f 67 6f 2d 63 6f 6e 74 61 69 6e 65 72 2d 38 32 38 33 32 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4c 6f 67 6f 41 6c 70 68 61 22 20 63 6c 61 Data Ascii: c1-2i c1-26 c1-25 c1-27 c1-28 c1-29 c1-2a c1-2b">Metaask Login \| Metmask</span><span role="heading" aria-level="NaN" data-ux="scaler" data-size="large" data-scaler-id="scaler-logo-container-82832" aria-hidden="true" data-typography="LogoAlpha" cla
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 6a 70 67 2f 3a 2f 63 72 3d 74 3a 31 35 2e 35 37 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 38 34 2e 34 33 25 32 35 2f 72 73 3d 77 3a 34 30 33 2c 68 3a 32 30 32 2c 63 67 3a 74 72 75 65 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 66 65 33 37 36 62 36 35 6f 79 4a 32 30 30 5f 4c 61 72 67 65 5f 31 39 32 34 35 31 31 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 31 35 2e 35 37 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 38 34 2e 34 33 25 32 35 2f 72 73 3d 77 3a 38 30 36 2c 68 3a 34 30 33 2c 63 67 3a 74 72 75 65 20 32 78 2c 20 2f 2f 69 6d 67 31 Data Ascii: jpg/:/cr=t:15.57%25,l:0%25,w:100%25,h:84.43%25/rs=w:403,h:202,cg:true, //img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txpfe376b65oyJ200_Large_1924511.jpg/:/cr=t:15.57%25,l:0%25,w:100%25,h:84.43%25/rs=w:806,h:403,cg:true 2x, //img1
2024-09-28 02:40:57 UTC	1711	IN	Data Raw: 63 31 2d 34 6f 20 63 31 2d 62 20 63 31 2d 62 30 20 63 31 2d 63 20 63 31 2d 34 35 20 63 31 2d 62 31 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 20 78 2d 72 74 22 3e 3c 70 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 22 3e 3c 73 70 61 6e 3e 57 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 74 6f 20 61 6e 61 6c 79 7a 65 20 77 65 62 73 69 74 65 20 74 72 61 66 66 69 63 20 61 6e 64 20 6f 70 74 69 6d 69 7a 65 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 65 78 70 65 72 69 65 6e 63 65 2e 20 42 79 20 61 63 63 65 70 74 69 6e 67 20 6f 75 72 20 75 73 65 20 6f 66 20 63 6f 6f 6b 69 65 73 2c 20 79 6f 75 72 20 64 61 74 61 20 77 69 6c 6c 20 62 65 20 61 67 67 72 65 67 61 74 65 64 20 77 69 74 68 20 61 6c 6c 20 6f 74 68 65 72 20 75 73 65 72 20 64 61 74 61 2e 3c 2f Data Ascii: c1-4o c1-b c1-b0 c1-c c1-45 c1-b1 c1-d c1-e c1-f c1-g x-rt"><p style="margin:0"><span>We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.</

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:57 UTC	663	OUT	GET /about HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
2024-09-28 02:40:57 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 4d1efb7b259dc9efc81799c30ddaed32 Date: Sat, 28 Sep 2024 02:40:57 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:57 UTC	15034	IN	Data Raw: 66 38 32 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: f824<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 64 65 76 69 63 65 Data Ascii: g.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and (min-device
2024-09-28 02:40:57 UTC	16384	IN	Data Raw: 22 20 63 6c 61 73 73 3d 22 6c 61 79 6f 75 74 20 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 20 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 2d 31 33 20 6c 6f 63 61 6c 65 2d 65 6e 2d 55 53 20 6c 61 6e 67 2d 65 6e 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 50 61 67 65 22 20 69 64 3d 22 70 61 67 65 2d 38 31 32 34 39 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 78 2d 65 6c 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 33 20 63 31 2d 34 20 63 31 2d 35 20 63 31 2d 36 20 63 31 2d 37 20 63 31 2d 38 20 63 31 2d 39 20 63 31 2d 61 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 Data Ascii: " class="layout layout-layout layout-layout-layout-13 locale-en-US lang-en"><div data-ux="Page" id="page-81249" class="x-el x-el-div x-el c1-1 c1-2 c1-3 c1-4 c1-5 c1-6 c1-7 c1-8 c1-9 c1-a c1-b c1-c c1-d c1-e c1-f c1-g c1-1 c1-2 c1-b c1-c c1-d c1-e c1-f c1
2024-09-28 02:40:58 UTC	15735	IN	Data Raw: 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 2f 64 69 76 3e 3c 2f 73 70 61 6e 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 6e 61 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 72 6f 6c 65 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 20 64 61 74 61 2d 75 78 3d 22 4e 61 76 69 67 61 74 69 6f 6e 44 72 61 77 65 72 22 20 69 64 3d 22 6e 2d 38 31 32 35 30 2d 6e 61 76 49 64 2d 6d 6f 62 69 6c 65 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 68 20 63 31 2d 35 31 20 63 31 2d 35 32 20 63 31 2d 34 20 63 31 2d 35 33 20 63 31 2d 34 70 20 63 31 2d 35 34 20 63 31 2d 69 20 63 31 2d 35 35 20 63 31 2d 35 36 20 63 31 2d 35 37 20 63 31 2d 35 38 20 63 Data Ascii: c1-e c1-f c1-g"></div></span></div></div></div></div></div></nav></div></div><div role="navigation" data-ux="NavigationDrawer" id="n-81250-navId-mobile" class="x-el x-el-div c1-1 c1-2 c1-h c1-51 c1-52 c1-4 c1-53 c1-4p c1-54 c1-i c1-55 c1-56 c1-57 c1-58 c

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:59 UTC	672	OUT	GET /ellis-property HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
2024-09-28 02:40:59 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 3e788d804d74b9b5dbe9577b97e8a47c Date: Sat, 28 Sep 2024 02:40:59 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:59 UTC	15034	IN	Data Raw: 31 34 31 31 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 14111<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 Data Ascii: .x-icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and (
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 31 30 30 25 29 2c 20 75 72 6c 28 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 34 62 38 34 35 37 37 38 6e 79 4a 32 30 30 5f 4c 61 72 67 65 5f 33 34 38 31 36 38 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 31 30 30 25 32 35 2f 72 73 3d 77 3a 34 36 30 35 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 31 39 32 30 70 78 Data Ascii: a(0, 0, 0, 0) 0%, rgba(0, 0, 0, 0) 100%), url("//img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp4b845778nyJ200_Large_348168.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:4605,m")}}@media (min-width: 1536px) and (max-width: 1920px
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 32 61 20 63 31 2d 32 62 22 3e 4d 65 74 61 f0 9d 92 8e 61 73 6b 20 4c 6f 67 69 6e 20 7c 20 4d 65 74 f0 9d 93 aa 6d 61 73 6b 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 61 6c 65 72 22 20 64 61 74 61 2d 73 69 7a 65 3d 22 6c 61 72 67 65 22 20 64 61 74 61 2d 73 63 61 6c 65 72 2d 69 64 3d 22 73 63 61 6c 65 72 2d 6c 6f 67 6f 2d 63 6f 6e 74 61 69 6e 65 72 2d 38 32 38 38 31 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4c 6f 67 6f 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 2d 32 32 20 63 31 2d 32 20 63 31 2d 32 63 20 63 31 2d Data Ascii: 2a c1-2b">Metaask Login \| Metmask</span><span role="heading" aria-level="NaN" data-ux="scaler" data-size="large" data-scaler-id="scaler-logo-container-82881" aria-hidden="true" data-typography="LogoAlpha" class="x-el x-el-span c1-22 c1-2 c1-2c c1-
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 2f 72 73 3d 77 3a 34 30 33 2c 68 3a 32 30 32 2c 63 67 3a 74 72 75 65 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 34 62 38 34 35 37 37 38 6e 79 4a 32 30 30 5f 4c 61 72 67 65 5f 33 34 38 34 34 34 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 37 35 2e 30 33 25 32 35 2f 72 73 3d 77 3a 38 30 36 2c 68 3a 34 30 33 2c 63 67 3a 74 72 75 65 20 32 78 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 Data Ascii: /rs=w:403,h:202,cg:true, //img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp4b845778nyJ200_Large_348444.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:75.03%25/rs=w:806,h:403,cg:true 2x, //img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6
2024-09-28 02:40:59 UTC	1637	IN	Data Raw: 69 6e 3a 30 22 3e 3c 73 70 61 6e 3e 57 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 74 6f 20 61 6e 61 6c 79 7a 65 20 77 65 62 73 69 74 65 20 74 72 61 66 66 69 63 20 61 6e 64 20 6f 70 74 69 6d 69 7a 65 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 65 78 70 65 72 69 65 6e 63 65 2e 20 42 79 20 61 63 63 65 70 74 69 6e 67 20 6f 75 72 20 75 73 65 20 6f 66 20 63 6f 6f 6b 69 65 73 2c 20 79 6f 75 72 20 64 61 74 61 20 77 69 6c 6c 20 62 65 20 61 67 67 72 65 67 61 74 65 64 20 77 69 74 68 20 61 6c 6c 20 6f 74 68 65 72 20 75 73 65 72 20 64 61 74 61 2e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 35 20 63 Data Ascii: in:0"><span>We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.</span></p></div><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-15 c

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:40:59 UTC	673	OUT	GET /active-listings HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=1&C_TOUCH=2024-09-28T02:40:50.866Z
2024-09-28 02:40:59 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: b70ff99dbccd2b6b03c854668da45bd4 Date: Sat, 28 Sep 2024 02:40:59 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:40:59 UTC	15034	IN	Data Raw: 31 31 38 65 39 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 118e9<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 Data Ascii: }.x-icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 30 38 32 2d 66 62 2d 39 31 22 20 63 6c 61 73 73 3d 22 6c 61 79 6f 75 74 20 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 20 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 2d 6c 61 79 6f 75 74 2d 31 33 20 6c 6f 63 61 6c 65 2d 65 6e 2d 55 53 20 6c 61 6e 67 2d 65 6e 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 50 61 67 65 22 20 69 64 3d 22 70 61 67 65 2d 38 34 32 32 35 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 78 2d 65 6c 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 33 20 63 31 2d 34 20 63 31 2d 35 20 63 31 2d 36 20 63 31 2d 37 20 63 31 2d 38 20 63 31 2d 39 20 63 31 2d 61 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d Data Ascii: 082-fb-91" class="layout layout-layout layout-layout-layout-13 locale-en-US lang-en"><div data-ux="Page" id="page-84225" class="x-el x-el-div x-el c1-1 c1-2 c1-3 c1-4 c1-5 c1-6 c1-7 c1-8 c1-9 c1-a c1-b c1-c c1-d c1-e c1-f c1-g c1-1 c1-2 c1-b c1-c c1-d c1-
2024-09-28 02:40:59 UTC	16384	IN	Data Raw: 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 2f 64 69 76 3e 3c 2f 73 70 61 6e 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 6e 61 76 3e 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 72 6f 6c 65 3d 22 6e 61 76 69 67 61 74 69 6f 6e 22 20 64 61 74 61 2d 75 78 3d 22 4e 61 76 69 67 61 74 69 6f 6e 44 72 61 77 65 72 22 20 69 64 3d 22 6e 2d 38 34 32 32 36 2d 6e 61 76 49 64 2d 6d 6f 62 69 6c 65 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 68 20 63 31 2d 35 31 20 63 31 2d 35 32 20 63 31 2d 34 20 63 31 2d 35 33 20 63 31 2d 34 70 20 63 31 2d 35 34 20 63 31 2d 69 20 63 31 2d 35 35 20 63 31 2d 35 36 20 63 31 2d 35 Data Ascii: c1-c c1-d c1-e c1-f c1-g"></div></span></div></div></div></div></div></nav></div></div><div role="navigation" data-ux="NavigationDrawer" id="n-84226-navId-mobile" class="x-el x-el-div c1-1 c1-2 c1-h c1-51 c1-52 c1-4 c1-53 c1-4p c1-54 c1-i c1-55 c1-56 c1-5
2024-09-28 02:40:59 UTC	7741	IN	Data Raw: 43 61 72 64 57 72 61 70 70 65 72 49 6d 61 67 65 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 69 20 63 31 2d 33 37 20 63 31 2d 33 38 20 63 31 2d 36 33 20 63 31 2d 34 20 63 31 2d 37 68 20 63 31 2d 37 69 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 61 20 64 61 74 61 2d 75 78 3d 22 45 6c 65 6d 65 6e 74 22 20 68 72 65 66 3d 22 2f 64 6f 77 65 6c 6c 2d 72 65 73 69 64 65 6e 63 65 22 20 74 61 72 67 65 74 3d 22 22 20 72 65 6c 3d 22 22 20 64 61 74 61 2d 70 61 67 65 3d 22 66 30 62 30 39 65 65 66 2d 61 62 34 66 2d 34 33 33 39 2d 38 34 33 37 2d 39 63 34 38 38 61 39 39 63 65 36 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 61 20 63 31 2d Data Ascii: CardWrapperImage" class="x-el x-el-div c1-1 c1-2 c1-1i c1-37 c1-38 c1-63 c1-4 c1-7h c1-7i c1-b c1-c c1-d c1-e c1-f c1-g"><a data-ux="Element" href="/dowell-residence" target="" rel="" data-page="f0b09eef-ab4f-4339-8437-9c488a99ce6a" class="x-el x-el-a c1-

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:02 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:03 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:41:03 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: 4bbccbbb6f1d990dc24987da4f4173f1 X-Runtime: 0.008913 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:03 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:03 UTC	670	OUT	GET /testimonials HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
2024-09-28 02:41:03 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: edceba469d0d9c777979c728b666a51f Date: Sat, 28 Sep 2024 02:41:03 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:03 UTC	15034	IN	Data Raw: 31 36 38 35 37 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 16857<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:41:03 UTC	16384	IN	Data Raw: 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 Data Ascii: -icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and (mi
2024-09-28 02:41:03 UTC	16384	IN	Data Raw: 74 6f 20 62 6f 74 74 6f 6d 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 31 30 30 25 29 2c 20 75 72 6c 28 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 68 75 74 6f 6d 6f 2d 61 62 72 69 61 6e 74 6f 2d 37 34 39 32 38 33 2d 75 6e 73 70 6c 61 73 68 2e 6a 70 67 2f 3a 2f 72 73 3d 77 3a 34 36 30 35 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 20 31 39 32 30 70 78 29 7b 2e 78 20 2e 63 31 2d 38 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 69 6d 61 67 65 Data Ascii: to bottom, rgba(0, 0, 0, 0) 0%, rgba(0, 0, 0, 0) 100%), url("//img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/hutomo-abrianto-749283-unsplash.jpg/:/rs=w:4605,m")}}@media (min-width: 1536px) and (max-width: 1920px){.x .c1-8y{background-image
2024-09-28 02:41:03 UTC	16384	IN	Data Raw: 63 31 2d 39 70 7b 66 6c 65 78 2d 62 61 73 69 73 3a 36 36 2e 36 36 36 36 36 36 36 36 36 36 36 36 36 36 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 39 71 7b 6d 61 78 2d 77 69 64 74 68 3a 36 36 2e 36 36 36 36 36 36 36 36 36 36 36 36 36 36 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 62 36 7b 77 69 64 74 68 3a 37 30 25 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 62 78 7b 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 30 32 34 70 78 29 7b 2e 78 20 2e 63 31 2d 63 36 7b 66 6c 65 78 2d 62 61 73 69 73 3a 30 25 Data Ascii: c1-9p{flex-basis:66.66666666666666%}}@media (min-width: 1024px){.x .c1-9q{max-width:66.66666666666666%}}@media (min-width: 1024px){.x .c1-b6{width:70%}}@media (min-width: 1024px){.x .c1-bx{font-size:12px}}@media (min-width: 1024px){.x .c1-c6{flex-basis:0%
2024-09-28 02:41:03 UTC	16384	IN	Data Raw: 34 62 22 20 64 61 74 61 2d 74 63 63 6c 3d 22 75 78 32 2e 48 45 41 44 45 52 2e 68 65 61 64 65 72 39 2e 4e 61 76 2e 4d 6f 72 65 4d 65 6e 75 2e 4c 69 6e 6b 2e 44 65 66 61 75 6c 74 2e 38 31 33 31 33 2e 63 6c 69 63 6b 2c 63 6c 69 63 6b 22 3e 41 63 74 69 76 65 20 4c 69 73 74 69 6e 67 73 3c 2f 61 3e 3c 2f 6c 69 3e 3c 6c 69 20 64 61 74 61 2d 75 78 3d 22 4c 69 73 74 49 74 65 6d 22 20 72 6f 6c 65 3d 22 6d 65 6e 75 69 74 65 6d 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 6c 69 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 33 71 20 63 31 2d 31 38 20 63 31 2d 33 7a 20 63 31 2d 31 64 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 34 74 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 61 20 72 65 6c 3d 22 22 20 72 6f 6c 65 3d 22 6c 69 6e 6b 22 20 Data Ascii: 4b" data-tccl="ux2.HEADER.header9.Nav.MoreMenu.Link.Default.81313.click,click">Active Listings</a></li><li data-ux="ListItem" role="menuitem" class="x-el x-el-li c1-1 c1-2 c1-3q c1-18 c1-3z c1-1d c1-b c1-c c1-4t c1-d c1-e c1-f c1-g"><a rel="" role="link"
2024-09-28 02:41:03 UTC	11691	IN	Data Raw: 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 70 20 64 61 74 61 2d 75 78 3d 22 54 65 78 74 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 42 6f 64 79 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 70 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 72 20 63 31 2d 31 66 20 63 31 2d 34 77 20 63 31 2d 31 36 20 63 31 2d 31 38 20 63 31 2d 62 38 20 63 31 2d 34 63 20 63 31 2d 62 39 20 63 31 2d 62 61 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 52 65 76 69 65 77 73 20 6f 6e 20 5a 69 6c 6c 6f 77 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 45 6c 65 6d 65 6e 74 22 20 69 64 3d 22 62 73 2d 35 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 Data Ascii: 1-e c1-f c1-g"><p data-ux="Text" data-typography="BodyAlpha" class="x-el x-el-p c1-1 c1-2 c1-1r c1-1f c1-4w c1-16 c1-18 c1-b8 c1-4c c1-b9 c1-ba c1-b c1-c c1-d c1-e c1-f c1-g">Reviews on Zillow</p></div><div data-ux="Element" id="bs-5" class="x-el x-el-div

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:05 UTC	665	OUT	GET /contact HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
2024-09-28 02:41:05 UTC	845	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin,<https://api.ola.godaddy.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 735f61588eaccbf542d10b33d5f58ef5 Date: Sat, 28 Sep 2024 02:41:05 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:05 UTC	15539	IN	Data Raw: 66 66 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f Data Ascii: ff2d<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com/
2024-09-28 02:41:05 UTC	16384	IN	Data Raw: 61 70 7d 2e 78 20 2e 63 31 2d 36 70 7b 6d 61 72 67 69 6e 2d 72 69 67 68 74 3a 2d 31 32 70 78 7d 2e 78 20 2e 63 31 2d 36 71 7b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 2d 32 34 70 78 7d 2e 78 20 2e 63 31 2d 36 72 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 31 32 70 78 7d 2e 78 20 2e 63 31 2d 36 77 7b 66 6c 65 78 2d 67 72 6f 77 3a 31 7d 2e 78 20 2e 63 31 2d 36 78 7b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 31 7d 2e 78 20 2e 63 31 2d 36 79 7b 66 6c 65 78 2d 62 61 73 69 73 3a 30 25 7d 2e 78 20 2e 63 31 2d 36 7a 7b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 32 70 78 7d 2e 78 20 2e 63 31 2d 37 30 7b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 32 70 78 7d 2e 78 20 2e 63 31 2d 37 62 7b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 7d 2e 78 20 2e 63 Data Ascii: ap}.x .c1-6p{margin-right:-12px}.x .c1-6q{margin-bottom:-24px}.x .c1-6r{margin-left:-12px}.x .c1-6w{flex-grow:1}.x .c1-6x{flex-shrink:1}.x .c1-6y{flex-basis:0%}.x .c1-6z{padding-right:12px}.x .c1-70{padding-left:12px}.x .c1-7b{justify-content:center}.x .c
2024-09-28 02:41:05 UTC	16384	IN	Data Raw: 63 6f 6e 74 61 69 6e 65 72 2d 38 34 32 39 32 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4c 6f 67 6f 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 2d 32 32 20 63 31 2d 32 20 63 31 2d 32 63 20 63 31 2d 32 64 20 63 31 2d 32 33 20 63 31 2d 31 39 20 63 31 2d 31 37 20 63 31 2d 31 36 20 63 31 2d 31 38 20 63 31 2d 31 6b 20 63 31 2d 32 65 20 63 31 2d 32 34 20 63 31 2d 32 66 20 63 31 2d 32 67 20 63 31 2d 32 68 20 63 31 2d 6b 20 63 31 2d 32 69 20 63 31 2d 32 6a 20 63 31 2d 32 35 20 63 31 2d 32 37 20 63 31 2d 32 6b 20 63 31 2d 32 6c 20 63 31 2d 32 6d 20 63 31 2d 32 6e 22 3e 4d 65 74 61 f0 9d 92 8e 61 73 6b 20 4c 6f 67 69 6e 20 7c 20 4d 65 74 f0 9d 93 Data Ascii: container-84292" aria-hidden="true" data-typography="LogoAlpha" class="x-el x-el-span c1-22 c1-2 c1-2c c1-2d c1-23 c1-19 c1-17 c1-16 c1-18 c1-1k c1-2e c1-24 c1-2f c1-2g c1-2h c1-k c1-2i c1-2j c1-25 c1-27 c1-2k c1-2l c1-2m c1-2n">Metaask Login \| Met
2024-09-28 02:41:05 UTC	16384	IN	Data Raw: 34 20 63 31 2d 37 35 20 63 31 2d 37 36 20 63 31 2d 37 37 20 63 31 2d 64 20 63 31 2d 37 38 20 63 31 2d 37 39 20 63 31 2d 37 61 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 64 61 74 61 2d 61 69 64 3d 22 43 4f 4e 54 41 43 54 5f 46 4f 52 4d 5f 43 4f 4e 54 41 49 4e 45 52 5f 52 45 4e 44 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 37 62 20 63 31 2d 36 33 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 66 6f 72 6d 20 61 72 69 61 2d 6c 69 76 65 3d 22 70 6f 6c 69 74 65 22 20 64 61 74 61 2d 75 78 3d 22 46 6f 72 6d 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 66 6f 72 6d 20 Data Ascii: 4 c1-75 c1-76 c1-77 c1-d c1-78 c1-79 c1-7a c1-e c1-f c1-g"><div data-ux="Block" data-aid="CONTACT_FORM_CONTAINER_REND" class="x-el x-el-div c1-1 c1-2 c1-7b c1-63 c1-b c1-c c1-d c1-e c1-f c1-g"><form aria-live="polite" data-ux="Form" class="x-el x-el-form
2024-09-28 02:41:05 UTC	647	IN	Data Raw: 65 28 60 5c 78 33 43 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 70 6f 6c 79 2f 76 33 2f 70 6f 6c 79 66 69 6c 6c 2e 6d 69 6e 2e 6a 73 3f 72 75 6d 3d 30 26 75 6e 6b 6e 6f 77 6e 3d 70 6f 6c 79 66 69 6c 6c 26 66 6c 61 67 73 3d 67 61 74 65 64 26 66 65 61 74 75 72 65 73 3d 49 6e 74 6c 2e 7e 6c 6f 63 61 6c 65 2e 65 6e 2d 55 53 22 3e 5c 78 33 43 2f 73 63 72 69 70 74 3e 60 29 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 62 6c 6f 62 62 79 2f 67 6f 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 67 70 75 62 2f 63 39 63 37 39 35 39 34 63 36 32 32 30 37 61 63 2f 73 63 Data Ascii: e(`\x3Cscript src="https://img1.wsimg.com/poly/v3/polyfill.min.js?rum=0&unknown=polyfill&flags=gated&features=Intl.~locale.en-US">\x3C/script>`)</script><script src="//img1.wsimg.com/blobby/go/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/gpub/c9c79594c62207ac/sc

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:05 UTC	674	OUT	GET /dowell-residence HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=2&C_TOUCH=2024-09-28T02:40:59.153Z
2024-09-28 02:41:06 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 5893b604b00ab2727fd551a7054d7c48 Date: Sat, 28 Sep 2024 02:41:05 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:06 UTC	15034	IN	Data Raw: 31 34 30 38 34 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 14084<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:41:06 UTC	16384	IN	Data Raw: 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 Data Ascii: )}.x-icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen and
2024-09-28 02:41:06 UTC	16384	IN	Data Raw: 74 74 6f 6d 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 31 30 30 25 29 2c 20 75 72 6c 28 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 35 37 64 33 66 66 61 33 70 79 4a 32 30 30 5f 4c 61 72 67 65 5f 31 31 39 32 30 33 38 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 31 30 30 25 32 35 2f 72 73 3d 77 3a 34 36 30 35 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 Data Ascii: ttom, rgba(0, 0, 0, 0) 0%, rgba(0, 0, 0, 0) 100%), url("//img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp57d3ffa3pyJ200_Large_1192038.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:4605,m")}}@media (min-width: 1536px) and (max-wid
2024-09-28 02:41:06 UTC	16384	IN	Data Raw: 20 63 31 2d 32 38 20 63 31 2d 32 39 20 63 31 2d 32 61 20 63 31 2d 32 62 22 3e 4d 65 74 61 f0 9d 92 8e 61 73 6b 20 4c 6f 67 69 6e 20 7c 20 4d 65 74 f0 9d 93 aa 6d 61 73 6b 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 61 6c 65 72 22 20 64 61 74 61 2d 73 69 7a 65 3d 22 6c 61 72 67 65 22 20 64 61 74 61 2d 73 63 61 6c 65 72 2d 69 64 3d 22 73 63 61 6c 65 72 2d 6c 6f 67 6f 2d 63 6f 6e 74 61 69 6e 65 72 2d 38 32 38 37 31 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4c 6f 67 6f 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 2d 32 Data Ascii: c1-28 c1-29 c1-2a c1-2b">Metaask Login \| Metmask</span><span role="heading" aria-level="NaN" data-ux="scaler" data-size="large" data-scaler-id="scaler-logo-container-82871" aria-hidden="true" data-typography="LogoAlpha" class="x-el x-el-span c1-2
2024-09-28 02:41:06 UTC	16384	IN	Data Raw: 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 37 34 2e 39 25 32 35 2f 72 73 3d 77 3a 34 30 33 2c 68 3a 32 30 32 2c 63 67 3a 74 72 75 65 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 35 37 64 33 66 66 61 33 70 79 4a 32 30 30 5f 4c 61 72 67 65 5f 32 32 38 39 37 30 39 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 32 35 2e 31 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 37 34 2e 39 25 32 35 2f 72 73 3d 77 3a 38 30 36 2c 68 3a 34 30 33 2c 63 67 3a 74 72 75 65 20 32 78 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f Data Ascii: 5,l:0%25,w:100%25,h:74.9%25/rs=w:403,h:202,cg:true, //img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp57d3ffa3pyJ200_Large_2289709.jpg/:/cr=t:25.1%25,l:0%25,w:100%25,h:74.9%25/rs=w:806,h:403,cg:true 2x, //img1.wsimg.com/isteam/ip/
2024-09-28 02:41:06 UTC	1496	IN	Data Raw: 65 20 61 67 67 72 65 67 61 74 65 64 20 77 69 74 68 20 61 6c 6c 20 6f 74 68 65 72 20 75 73 65 72 20 64 61 74 61 2e 3c 2f 73 70 61 6e 3e 3c 2f 70 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 64 61 74 61 2d 75 78 3d 22 42 6c 6f 63 6b 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 64 69 76 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 35 20 63 31 2d 35 75 20 63 31 2d 62 20 63 31 2d 63 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 22 3e 3c 61 20 64 61 74 61 2d 75 78 2d 62 74 6e 3d 22 70 72 69 6d 61 72 79 22 20 64 61 74 61 2d 75 78 3d 22 42 75 74 74 6f 6e 50 72 69 6d 61 72 79 22 20 63 6f 6c 6f 72 3d 22 48 49 47 48 43 4f 4e 54 52 41 53 54 22 20 68 72 65 66 3d 22 22 20 64 61 74 61 2d 61 69 64 3d 22 46 4f 4f 54 45 52 5f 43 4f 4f 4b 49 45 5f 43 4c 4f Data Ascii: e aggregated with all other user data.</span></p></div><div data-ux="Block" class="x-el x-el-div c1-1 c1-2 c1-15 c1-5u c1-b c1-c c1-d c1-e c1-f c1-g"><a data-ux-btn="primary" data-ux="ButtonPrimary" color="HIGHCONTRAST" href="" data-aid="FOOTER_COOKIE_CLO

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:07 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:08 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:41:07 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: 95bce415a226e4918f447e392b683717 X-Runtime: 0.004831 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:08 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:07 UTC	676	OUT	GET /an-american-refuge HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: same-origin Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/sw.js Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _scc_session=pc=3&C_TOUCH=2024-09-28T02:41:05.801Z
2024-09-28 02:41:08 UTC	1350	IN	HTTP/1.1 200 OK Link: <//img1.wsimg.com/ceph-p3-01/website-builder-data-prod/static/widgets/UX.4.28.12.js>; rel=preload; as=script; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2>; rel=preload; as=font; crossorigin,<https://img1.wsimg.com/gfonts/s/vollkorn/v23/0yb9GDoxxrvAnPhYGxkpaE0.woff2>; rel=preload; as=font; crossorigin,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://isteam.wsimg.com>; rel=preconnect; crossorigin Cache-Control: max-age=30 Content-Security-Policy: frame-ancestors 'self' godaddy.com *.godaddy.com Content-Type: text/html;charset=utf-8 Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: c22e2d5a7b6ea8ee1e71265a680843ab Date: Sat, 28 Sep 2024 02:41:08 GMT Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:08 UTC	15034	IN	Data Raw: 31 34 31 61 31 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 3c 68 65 61 64 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 66 38 39 61 37 63 61 2d 30 37 63 34 2d 34 30 36 66 2d 61 35 62 63 2d 62 34 63 39 61 30 38 32 66 62 39 31 2f 66 61 76 69 63 6f 6e 2f 36 37 34 39 66 62 36 61 2d 39 66 34 37 2d 34 34 35 66 2d 39 66 64 62 2d 30 31 63 31 38 64 30 38 64 38 38 32 2e 70 6e 67 2f 3a 2f 72 73 3d 77 3a 31 36 2c 68 3a 31 36 2c 6d 22 20 73 69 7a 65 73 3d 22 31 36 78 31 36 22 2f 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d Data Ascii: 141a1<!DOCTYPE html><html lang="en-US"><head><link rel="icon" href="//img1.wsimg.com/isteam/ip/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/favicon/6749fb6a-9f47-445f-9fdb-01c18d08d882.png/:/rs=w:16,h:16,m" sizes="16x16"/><link rel="icon" href="//img1.wsimg.com
2024-09-28 02:41:08 UTC	16384	IN	Data Raw: 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 39 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 39 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 2d 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 2d 31 38 30 64 65 67 29 7d 2e 78 2d 69 63 6f 6e 3e 73 76 67 2e 72 6f 74 61 74 65 31 38 30 7b 74 72 61 6e 73 66 6f 72 6d 3a 72 6f 74 61 74 65 28 31 38 30 64 65 67 29 7d 2e 78 2d 72 74 20 6f 6c 2c 2e 78 2d 72 74 20 75 6c 7b 74 65 78 74 2d 61 6c 69 67 6e 3a 6c 65 66 74 7d 2e 78 2d 72 74 20 70 7b 6d 61 72 67 69 6e 3a 30 7d 2e 6d 74 65 2d 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7b 64 69 73 70 6c 61 79 3a 69 6e 6c 69 6e 65 2d 62 6c 6f 63 6b 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 Data Ascii: eg)}.x-icon>svg.rotate90{transform:rotate(90deg)}.x-icon>svg.rotate-180{transform:rotate(-180deg)}.x-icon>svg.rotate180{transform:rotate(180deg)}.x-rt ol,.x-rt ul{text-align:left}.x-rt p{margin:0}.mte-inline-block{display:inline-block}@media only screen a
2024-09-28 02:41:08 UTC	16384	IN	Data Raw: 62 6f 74 74 6f 6d 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 30 25 2c 20 72 67 62 61 28 30 2c 20 30 2c 20 30 2c 20 30 29 20 31 30 30 25 29 2c 20 75 72 6c 28 22 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 31 38 36 63 37 32 37 36 6b 79 4a 32 30 30 5f 4c 61 72 67 65 5f 32 32 36 31 33 33 35 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 30 25 32 35 2c 6c 3a 30 25 32 35 2c 77 3a 31 30 30 25 32 35 2c 68 3a 31 30 30 25 32 35 2f 72 73 3d 77 3a 34 36 30 35 2c 6d 22 29 7d 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 20 31 35 33 36 70 78 29 20 61 6e 64 20 28 6d 61 78 2d 77 Data Ascii: bottom, rgba(0, 0, 0, 0) 0%, rgba(0, 0, 0, 0) 100%), url("//img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp186c7276kyJ200_Large_2261335.jpg/:/cr=t:0%25,l:0%25,w:100%25,h:100%25/rs=w:4605,m")}}@media (min-width: 1536px) and (max-w
2024-09-28 02:41:08 UTC	16384	IN	Data Raw: 32 37 20 63 31 2d 32 38 20 63 31 2d 32 39 20 63 31 2d 32 61 20 63 31 2d 32 62 22 3e 4d 65 74 61 f0 9d 92 8e 61 73 6b 20 4c 6f 67 69 6e 20 7c 20 4d 65 74 f0 9d 93 aa 6d 61 73 6b 3c 2f 73 70 61 6e 3e 3c 73 70 61 6e 20 72 6f 6c 65 3d 22 68 65 61 64 69 6e 67 22 20 61 72 69 61 2d 6c 65 76 65 6c 3d 22 4e 61 4e 22 20 64 61 74 61 2d 75 78 3d 22 73 63 61 6c 65 72 22 20 64 61 74 61 2d 73 69 7a 65 3d 22 6c 61 72 67 65 22 20 64 61 74 61 2d 73 63 61 6c 65 72 2d 69 64 3d 22 73 63 61 6c 65 72 2d 6c 6f 67 6f 2d 63 6f 6e 74 61 69 6e 65 72 2d 38 32 39 35 38 22 20 61 72 69 61 2d 68 69 64 64 65 6e 3d 22 74 72 75 65 22 20 64 61 74 61 2d 74 79 70 6f 67 72 61 70 68 79 3d 22 4c 6f 67 6f 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 78 2d 65 6c 2d 73 70 61 6e 20 63 31 Data Ascii: 27 c1-28 c1-29 c1-2a c1-2b">Metaask Login \| Metmask</span><span role="heading" aria-level="NaN" data-ux="scaler" data-size="large" data-scaler-id="scaler-logo-container-82958" aria-hidden="true" data-typography="LogoAlpha" class="x-el x-el-span c1
2024-09-28 02:41:08 UTC	16384	IN	Data Raw: 34 37 25 32 35 2c 6c 3a 31 2e 30 39 25 32 35 2c 77 3a 39 38 2e 30 36 25 32 35 2c 68 3a 37 33 2e 35 33 25 32 35 2f 72 73 3d 77 3a 34 30 33 2c 68 3a 32 30 32 2c 63 67 3a 74 72 75 65 2c 6d 2c 20 2f 2f 69 6d 67 31 2e 77 73 69 6d 67 2e 63 6f 6d 2f 69 73 74 65 61 6d 2f 69 70 2f 63 63 32 35 33 66 66 61 2d 38 32 39 38 2d 34 66 61 63 2d 61 63 34 65 2d 39 38 33 36 63 36 63 37 30 66 30 36 2f 53 74 6f 63 6b 73 79 5f 74 78 70 31 38 36 63 37 32 37 36 6b 79 4a 32 30 30 5f 4c 61 72 67 65 5f 32 32 36 31 33 31 36 2e 6a 70 67 2f 3a 2f 63 72 3d 74 3a 32 36 2e 34 37 25 32 35 2c 6c 3a 31 2e 30 39 25 32 35 2c 77 3a 39 38 2e 30 36 25 32 35 2c 68 3a 37 33 2e 35 33 25 32 35 2f 72 73 3d 77 3a 38 30 36 2c 68 3a 34 30 33 2c 63 67 3a 74 72 75 65 2c 6d 20 32 78 2c 20 2f 2f 69 6d 67 31 Data Ascii: 47%25,l:1.09%25,w:98.06%25,h:73.53%25/rs=w:403,h:202,cg:true,m, //img1.wsimg.com/isteam/ip/cc253ffa-8298-4fac-ac4e-9836c6c70f06/Stocksy_txp186c7276kyJ200_Large_2261316.jpg/:/cr=t:26.47%25,l:1.09%25,w:98.06%25,h:73.53%25/rs=w:806,h:403,cg:true,m 2x, //img1
2024-09-28 02:41:08 UTC	1781	IN	Data Raw: 22 42 6f 64 79 41 6c 70 68 61 22 20 63 6c 61 73 73 3d 22 78 2d 65 6c 20 63 31 2d 31 20 63 31 2d 32 20 63 31 2d 31 72 20 63 31 2d 31 66 20 63 31 2d 34 76 20 63 31 2d 31 36 20 63 31 2d 31 38 20 63 31 2d 61 79 20 63 31 2d 34 6f 20 63 31 2d 62 20 63 31 2d 61 7a 20 63 31 2d 63 20 63 31 2d 34 35 20 63 31 2d 62 30 20 63 31 2d 64 20 63 31 2d 65 20 63 31 2d 66 20 63 31 2d 67 20 78 2d 72 74 22 3e 3c 70 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 22 3e 3c 73 70 61 6e 3e 57 65 20 75 73 65 20 63 6f 6f 6b 69 65 73 20 74 6f 20 61 6e 61 6c 79 7a 65 20 77 65 62 73 69 74 65 20 74 72 61 66 66 69 63 20 61 6e 64 20 6f 70 74 69 6d 69 7a 65 20 79 6f 75 72 20 77 65 62 73 69 74 65 20 65 78 70 65 72 69 65 6e 63 65 2e 20 42 79 20 61 63 63 65 70 74 69 6e 67 20 6f 75 72 20 75 73 Data Ascii: "BodyAlpha" class="x-el c1-1 c1-2 c1-1r c1-1f c1-4v c1-16 c1-18 c1-ay c1-4o c1-b c1-az c1-c c1-45 c1-b0 c1-d c1-e c1-f c1-g x-rt"><p style="margin:0"><span>We use cookies to analyze website traffic and optimize your website experience. By accepting our us

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:12 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:13 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:41:13 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: 92259738f168387eabaeac0e5eb434ad X-Runtime: 0.008279 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:13 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:14 UTC	793	OUT	GET /sw.js HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive Cache-Control: max-age=0 Accept: / Service-Worker: script Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: serviceworker Referer: https://metmassk-usalloggies.godaddysites.com/sw.js User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=4&C_TOUCH=2024-09-28T02:41:10.760Z If-None-Match: 8dca7182115c64686c9248e0fb5894fd
2024-09-28 02:41:14 UTC	271	IN	HTTP/1.1 304 Not Modified Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 8dca7182115c64686c9248e0fb5894fd Date: Sat, 28 Sep 2024 02:41:14 GMT Connection: close

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report https://metmassk-usalloggies.godaddysites.com/

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Signatures

Sigma Signatures

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Phishing

Compliance

Networking

System Summary

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

LLM Input / Output

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

Chrome Cache Entry: 258

Chrome Cache Entry: 259

Chrome Cache Entry: 260

Chrome Cache Entry: 261

Chrome Cache Entry: 262

Chrome Cache Entry: 263

Chrome Cache Entry: 264

Chrome Cache Entry: 265

Chrome Cache Entry: 266

Chrome Cache Entry: 267

Chrome Cache Entry: 268

Chrome Cache Entry: 269

Chrome Cache Entry: 270

Chrome Cache Entry: 271

Chrome Cache Entry: 272

Chrome Cache Entry: 273

Chrome Cache Entry: 274

Chrome Cache Entry: 275

Chrome Cache Entry: 276

Chrome Cache Entry: 277

Chrome Cache Entry: 278

Chrome Cache Entry: 279

Chrome Cache Entry: 280

Chrome Cache Entry: 281

Chrome Cache Entry: 282

Chrome Cache Entry: 283

Chrome Cache Entry: 284

Windows Analysis Report
https://metmassk-usalloggies.godaddysites.com/

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:18 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:18 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:41:18 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: 38073edfadf27b0e5a8e511ce9429288 X-Runtime: 0.004931 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:18 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:22 UTC	629	OUT	GET /v3/recaptcha HTTP/1.1 Host: contact.apps-api.instantpage.secureserver.net Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:22 UTC	300	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 02:41:22 GMT Content-Type: application/json; charset=utf-8 Content-Length: 54 Connection: close x-powered-by: Slay Access-Control-Allow-Origin: * ETag: W/"36-/JybxMl8Y5PwwWjo7fmcJSDGXLQ" Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:22 UTC	54	IN	Data Raw: 7b 22 73 69 74 65 4b 65 79 22 3a 22 36 4c 66 6a 73 70 67 55 41 41 41 41 41 42 73 62 6a 47 39 69 64 36 71 58 51 4b 5a 6b 71 62 36 5f 48 70 63 65 36 75 69 5f 22 7d Data Ascii: {"siteKey":"6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:24 UTC	381	OUT	GET /v3/recaptcha HTTP/1.1 Host: contact.apps-api.instantpage.secureserver.net Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:25 UTC	300	IN	HTTP/1.1 200 OK Date: Sat, 28 Sep 2024 02:41:24 GMT Content-Type: application/json; charset=utf-8 Content-Length: 54 Connection: close x-powered-by: Slay Access-Control-Allow-Origin: * ETag: W/"36-/JybxMl8Y5PwwWjo7fmcJSDGXLQ" Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:25 UTC	54	IN	Data Raw: 7b 22 73 69 74 65 4b 65 79 22 3a 22 36 4c 66 6a 73 70 67 55 41 41 41 41 41 42 73 62 6a 47 39 69 64 36 71 58 51 4b 5a 6b 71 62 36 5f 48 70 63 65 36 75 69 5f 22 7d Data Ascii: {"siteKey":"6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_"}

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:24 UTC	695	OUT	GET /recaptcha/api.js?render=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_ HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:25 UTC	749	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Expires: Sat, 28 Sep 2024 02:41:25 GMT Date: Sat, 28 Sep 2024 02:41:25 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:25 UTC	641	IN	Data Raw: 35 62 63 0d 0a 2f 2a 20 50 4c 45 41 53 45 20 44 4f 20 4e 4f 54 20 43 4f 50 59 20 41 4e 44 20 50 41 53 54 45 20 54 48 49 53 20 43 4f 44 45 2e 20 2a 2f 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 77 3d 77 69 6e 64 6f 77 2c 43 3d 27 5f 5f 5f 67 72 65 63 61 70 74 63 68 61 5f 63 66 67 27 2c 63 66 67 3d 77 5b 43 5d 3d 77 5b 43 5d 7c 7c 7b 7d 2c 4e 3d 27 67 72 65 63 61 70 74 63 68 61 27 3b 76 61 72 20 67 72 3d 77 5b 4e 5d 3d 77 5b 4e 5d 7c 7c 7b 7d 3b 67 72 2e 72 65 61 64 79 3d 67 72 2e 72 65 61 64 79 7c 7c 66 75 6e 63 74 69 6f 6e 28 66 29 7b 28 63 66 67 5b 27 66 6e 73 27 5d 3d 63 66 67 5b 27 66 6e 73 27 5d 7c 7c 5b 5d 29 2e 70 75 73 68 28 66 29 3b 7d 3b 77 5b 27 5f 5f 72 65 63 61 70 74 63 68 61 5f 61 70 69 27 5d 3d 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 Data Ascii: 5bc/* PLEASE DO NOT COPY AND PASTE THIS CODE. */(function(){var w=window,C='___grecaptcha_cfg',cfg=w[C]=w[C]\|\|{},N='grecaptcha';var gr=w[N]=w[N]\|\|{};gr.ready=gr.ready\|\|function(f){(cfg['fns']=cfg['fns']\|\|[]).push(f);};w['__recaptcha_api']='https://www.g
2024-09-28 02:41:25 UTC	834	IN	Data Raw: 59 66 66 78 72 4d 38 54 6d 5a 54 36 52 41 72 57 47 51 56 43 4a 30 4c 52 69 76 44 37 67 6c 63 41 55 41 41 41 43 51 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 64 76 62 32 64 73 5a 53 35 6a 62 32 30 36 4e 44 51 7a 49 69 77 69 5a 6d 56 68 64 48 56 79 5a 53 49 36 49 6b 52 70 63 32 46 69 62 47 56 55 61 47 6c 79 5a 46 42 68 63 6e 52 35 55 33 52 76 63 6d 46 6e 5a 56 42 68 63 6e 52 70 64 47 6c 76 62 6d 6c 75 5a 7a 49 69 4c 43 4a 6c 65 48 42 70 63 6e 6b 69 4f 6a 45 33 4e 44 49 7a 4e 44 49 7a 4f 54 6b 73 49 6d 6c 7a 55 33 56 69 5a 47 39 74 59 57 6c 75 49 6a 70 30 63 6e 56 6c 4c 43 4a 70 63 31 52 6f 61 58 4a 6b 55 47 46 79 64 48 6b 69 4f 6e 52 79 64 57 56 39 27 3b 69 66 28 76 26 26 76 2e 63 6f 6f 6b 69 65 44 65 70 72 65 63 61 74 69 Data Ascii: YffxrM8TmZT6RArWGQVCJ0LRivD7glcAUAAACQeyJvcmlnaW4iOiJodHRwczovL2dvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkRpc2FibGVUaGlyZFBhcnR5U3RvcmFnZVBhcnRpdGlvbmluZzIiLCJleHBpcnkiOjE3NDIzNDIzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9';if(v&&v.cookieDeprecati
2024-09-28 02:41:25 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:27 UTC	1000	OUT	GET /recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajs HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: cross-site Sec-Fetch-Mode: navigate Sec-Fetch-Dest: iframe Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:27 UTC	1161	IN	HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sat, 28 Sep 2024 02:41:27 GMT Content-Security-Policy: script-src 'report-sample' 'nonce-KItFXzithd-6RqplvfA01g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:27 UTC	229	IN	Data Raw: 35 37 33 33 0d 0a 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 3e 3c 68 74 6d 6c 20 64 69 72 3d 22 6c 74 72 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 65 64 67 65 22 3e 0a 3c 74 69 74 6c 65 3e 72 65 43 41 50 54 43 48 41 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 2f 2a 20 63 79 Data Ascii: 5733<!DOCTYPE HTML><html dir="ltr" lang="en"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><title>reCAPTCHA</title><style type="text/css">/* cy
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 32 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 38 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 Data Ascii: rillic-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu72xKOzY.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C88, U+20B4, U+2DE0-2DFF, U+A64
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6d 43 6e 71 45 75 39 32 46 72 31 4d 75 37 47 78 4b 4f 7a 59 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 41 46 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 30 30 Data Ascii: 0AB;}/* latin-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 400; src: url(//fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKOzY.woff2) format('woff2'); unicode-range: U+0100-02AF, U+0304, U+0308, U+0329, U+1E00
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 45 55 39 66 43 42 63 34 45 73 41 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 35 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 Data Ascii: s.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fCBc4EsA.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 500; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqE
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 30 33 32 39 2c 20 55 2b 32 30 30 30 2d 32 30 36 46 2c 20 55 2b 32 30 37 34 2c 20 55 2b 32 30 41 43 2c 20 55 2b 32 31 32 32 2c 20 55 2b 32 31 39 31 2c 20 55 2b 32 31 39 33 2c 20 55 2b 32 32 31 32 2c 20 55 2b 32 32 31 35 2c 20 55 2b 46 45 46 46 2c 20 55 2b 46 46 46 44 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 39 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 6f 62 6f 74 6f 2f 76 31 38 2f 4b 46 4f 6c 43 6e 71 45 75 39 32 46 72 31 4d 6d 59 55 74 Data Ascii: 0329, U+2000-206F, U+2074, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;}/* cyrillic-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 900; src: url(//fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUt
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 38 2d 30 31 32 39 2c 20 55 2b 30 31 36 38 2d 30 31 36 39 2c 20 55 2b 30 31 41 30 2d 30 31 41 31 2c 20 55 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 41 30 2d 31 45 46 39 2c 20 55 2b 32 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 52 6f 62 6f 74 6f 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 39 30 30 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 72 Data Ascii: 8-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}/* latin-ext */@font-face { font-family: 'Roboto'; font-style: normal; font-weight: 900; src: url(//fonts.gstatic.com/s/r
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 22 68 69 64 64 65 6e 22 20 69 64 3d 22 72 65 63 61 70 74 63 68 61 2d 74 6f 6b 65 6e 22 20 76 61 6c 75 65 3d 22 30 33 41 46 63 57 65 41 34 4d 37 54 52 49 46 70 5f 48 76 77 55 59 53 50 47 55 5f 36 46 59 31 49 6b 74 52 4c 4b 79 56 52 6f 56 5f 47 43 44 6c 74 39 4a 51 42 66 76 38 38 4d 78 34 78 7a 4c 69 4e 4c 62 61 69 73 71 38 43 55 45 69 5a 46 37 63 6e 34 63 51 41 30 44 65 44 54 47 4b 56 47 66 38 4f 55 4f 58 72 54 5f 54 54 6c 31 48 44 76 59 6d 35 50 75 38 69 56 43 6c 34 70 34 7a 32 69 73 4f 68 66 5f 37 49 33 2d 4f 33 5a 59 4b 51 2d 58 7a 55 51 32 76 45 65 6d 42 52 65 65 43 4a 4b 45 38 6c 51 34 46 4e 47 58 77 4c 66 2d 6d 7a 2d 36 38 44 67 4e 68 38 31 48 66 2d 33 4c 4c 67 67 46 4f 66 62 5a 5f 34 4b 4f 79 72 4e 4f 67 63 59 6d 4f 4e 62 62 35 61 59 54 39 69 70 52 Data Ascii: "hidden" id="recaptcha-token" value="03AFcWeA4M7TRIFp_HvwUYSPGU_6FY1IktRLKyVRoV_GCDlt9JQBfv88Mx4xzLiNLbaisq8CUEiZF7cn4cQA0DeDTGKVGf8OUOXrT_TTl1HDvYm5Pu8iVCl4p4z2isOhf_7I3-O3ZYKQ-XzUQ2vEemBReeCJKE8lQ4FNGXwLf-mz-68DgNh81Hf-3LLggFOfbZ_4KOyrNOgcYmONbb5aYT9ipR
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 2d 6c 64 69 74 6c 72 6b 2d 78 48 76 32 75 76 43 4c 42 30 2d 70 4b 65 7a 70 2d 58 58 5f 59 36 42 51 5a 41 6b 48 66 67 76 37 71 42 79 73 64 79 42 36 48 41 47 57 63 7a 61 51 62 68 46 62 75 43 5a 69 47 6a 64 52 64 53 37 57 2d 57 76 72 58 41 66 61 52 55 65 79 4c 39 63 61 54 46 6c 6f 6d 70 50 44 43 6e 6b 59 4b 72 56 4d 37 6d 65 34 6c 52 66 50 4f 39 30 6a 30 63 68 43 53 79 70 39 78 41 36 41 49 5a 71 38 51 43 56 35 36 5a 58 61 48 37 4d 61 44 7a 54 77 4b 75 41 4c 4a 59 39 78 6e 32 37 6b 6a 6d 48 57 54 63 33 37 45 54 53 43 42 48 58 57 58 6c 4a 50 5a 51 61 71 5a 34 52 4f 6f 41 59 6e 2d 50 68 5a 6b 72 49 65 2d 67 54 35 6d 4e 4d 37 34 7a 46 56 39 30 73 59 54 6e 39 48 52 4e 44 67 4c 58 35 61 75 58 69 46 78 67 63 47 5a 34 4d 76 66 47 4d 48 38 30 78 6f 59 50 44 68 39 31 Data Ascii: -lditlrk-xHv2uvCLB0-pKezp-XX_Y6BQZAkHfgv7qBysdyB6HAGWczaQbhFbuCZiGjdRdS7W-WvrXAfaRUeyL9caTFlompPDCnkYKrVM7me4lRfPO90j0chCSyp9xA6AIZq8QCV56ZXaH7MaDzTwKuALJY9xn27kjmHWTc37ETSCBHXWXlJPZQaqZ4ROoAYn-PhZkrIe-gT5mNM74zFV90sYTn9HRNDgLX5auXiFxgcGZ4MvfGMH80xoYPDh91
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 6b 5a 56 55 46 4a 46 55 6a 46 69 59 33 4a 35 61 30 39 4c 5a 58 4e 49 4d 6b 74 78 56 57 67 79 51 55 56 61 54 55 5a 75 64 45 6f 79 64 54 67 78 5a 30 67 76 51 55 5a 57 56 57 68 4b 52 6a 6b 76 53 47 4a 4f 51 56 70 49 51 54 56 31 5a 47 46 76 55 6d 78 34 53 32 68 30 53 45 39 73 57 6c 68 6f 53 32 64 74 53 54 5a 78 62 57 56 58 53 6b 77 31 4f 55 46 69 61 55 6f 31 55 6c 42 56 56 55 56 73 59 32 77 35 62 56 4a 4a 4d 44 46 32 63 58 5a 61 4c 33 42 79 62 6a 56 76 57 6a 4e 5a 61 6e 6c 4a 55 6b 68 69 55 31 6b 77 65 6c 42 61 53 46 5a 30 4b 32 56 50 62 6d 4a 77 55 6a 55 7a 56 32 6b 35 62 54 42 73 51 7a 6b 72 4e 31 6c 44 65 44 68 76 63 54 64 72 5a 30 45 79 65 47 55 79 55 6c 6b 35 54 6d 6c 46 4f 55 78 74 56 7a 56 35 61 45 68 36 57 6b 56 6f 53 55 6c 68 65 6d 68 35 5a 6d 74 78 Data Ascii: kZVUFJFUjFiY3J5a09LZXNIMktxVWgyQUVaTUZudEoydTgxZ0gvQUZWVWhKRjkvSGJOQVpIQTV1ZGFvUmx4S2h0SE9sWlhoS2dtSTZxbWVXSkw1OUFiaUo1UlBVVUVsY2w5bVJJMDF2cXZaL3BybjVvWjNZanlJUkhiU1kwelBaSFZ0K2VPbmJwUjUzV2k5bTBsQzkrN1lDeDhvcTdrZ0EyeGUyUlk5TmlFOUxtVzV5aEh6WkVoSUlhemh5Zmtx
2024-09-28 02:41:27 UTC	1390	IN	Data Raw: 73 53 32 78 77 53 58 52 55 5a 6d 64 32 52 57 6c 72 56 6e 46 75 51 56 56 45 64 55 64 59 53 6e 52 44 56 46 59 30 53 33 67 34 54 54 4a 79 4f 46 70 6c 63 56 70 45 4d 31 6c 6b 59 7a 4e 6c 4e 79 39 49 57 58 70 45 5a 6a 68 4b 61 53 73 78 55 47 45 33 63 32 4e 7a 53 48 52 54 65 6a 6c 55 4f 56 4a 6c 5a 44 63 34 63 30 4a 32 4d 6a 52 33 56 45 68 34 51 57 30 77 4e 6b 4a 4c 54 31 55 72 4d 33 70 48 63 6e 6c 6e 55 6c 70 44 52 57 70 54 56 46 68 4b 52 57 6b 78 51 57 59 35 4d 6b 56 6a 61 6b 46 47 51 33 4d 35 64 6a 56 36 4e 46 56 5a 5a 45 70 6b 4e 6b 46 61 4e 6d 5a 52 55 33 46 53 53 57 64 4f 4b 31 4a 30 64 6a 4e 46 56 55 52 34 4f 47 78 75 5a 69 73 76 63 55 5a 49 51 6c 68 46 55 6d 6c 68 5a 79 39 7a 53 7a 64 30 55 46 70 72 55 7a 68 34 54 46 64 57 4b 79 39 4a 61 32 38 72 62 53 Data Ascii: sS2xwSXRUZmd2RWlrVnFuQVVEdUdYSnRDVFY0S3g4TTJyOFplcVpEM1lkYzNlNy9IWXpEZjhKaSsxUGE3c2NzSHRTejlUOVJlZDc4c0J2MjR3VEh4QW0wNkJLT1UrM3pHcnlnUlpDRWpTVFhKRWkxQWY5MkVjakFGQ3M5djV6NFVZZEpkNkFaNmZRU3FSSWdOK1J0djNFVUR4OGxuZisvcUZIQlhFUmlhZy9zSzd0UFprUzh4TFdWKy9Ja28rbS

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:30 UTC	867	OUT	GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: no-cors Sec-Fetch-Dest: script Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajs Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:30 UTC	812	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs" Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} Content-Length: 18618 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 04:57:25 GMT Expires: Fri, 26 Sep 2025 04:57:25 GMT Cache-Control: public, max-age=31536000 Last-Modified: Tue, 17 Sep 2024 15:00:00 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 164645 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-28 02:41:30 UTC	578	IN	Data Raw: 2f 2a 20 41 6e 74 69 2d 73 70 61 6d 2e 20 57 61 6e 74 20 74 6f 20 73 61 79 20 68 65 6c 6c 6f 3f 20 43 6f 6e 74 61 63 74 20 28 62 61 73 65 36 34 29 20 59 6d 39 30 5a 33 56 68 63 6d 51 74 59 32 39 75 64 47 46 6a 64 45 42 6e 62 32 39 6e 62 47 55 75 59 32 39 74 20 2a 2f 20 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 74 68 69 73 7c 7c 73 65 6c 66 2c 43 3d 66 75 6e 63 74 69 6f 6e 28 64 29 7b 72 65 74 75 72 6e 20 64 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 69 66 28 21 28 61 3d 28 64 3d 6e 75 6c 6c 2c 63 29 2e 74 72 75 73 74 65 64 54 79 70 65 73 2c 61 29 7c 7c 21 61 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 29 72 65 74 75 72 6e 20 64 3b 74 72 79 7b 64 3d 61 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 62 67 22 2c 7b 63 72 65 61 74 65 48 54 4d Data Ascii: /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */ (function(){var c=this\|\|self,C=function(d){return d},m=function(d,a){if(!(a=(d=null,c).trustedTypes,a)\|\|!a.createPolicy)return d;try{d=a.createPolicy("bg",{createHTM
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 27 2c 0a 27 2a 2f 27 2c 0a 27 76 61 72 20 64 42 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 69 66 28 64 2e 6c 65 6e 67 74 68 3d 3d 33 29 7b 66 6f 72 28 43 3d 30 3b 43 3c 33 3b 43 2b 2b 29 61 5b 43 5d 2b 3d 64 5b 43 5d 3b 66 6f 72 28 43 3d 28 64 3d 5b 31 33 2c 38 2c 31 33 2c 31 32 2c 31 36 2c 35 2c 33 2c 31 30 2c 31 35 5d 2c 30 29 3b 43 3c 39 3b 43 2b 2b 29 61 5b 33 5d 28 61 2c 43 25 33 2c 64 5b 43 5d 29 7d 7d 2c 61 32 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 72 65 74 75 72 6e 20 64 2e 50 45 28 66 75 6e 63 74 69 6f 6e 28 6d 29 7b 43 3d 6d 7d 2c 66 61 6c 73 65 2c 61 29 2c 43 7d 2c 63 62 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 Data Ascii: DX-License-Identifier: Apache-2.0','*/','var dB=function(d,a,C){if(d.length==3){for(C=0;C<3;C++)a[C]+=d[C];for(C=(d=[13,8,13,12,16,5,3,10,15],0);C<9;C++)a[3](a,C%3,d[C])}},a2=function(d,a,C){return d.PE(function(m){C=m},false,a),C},cb=function(d,a,C,m,c
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 6e 20 64 2e 59 3f 5a 74 28 64 2e 44 2c 64 29 3a 4a 28 38 2c 74 72 75 65 2c 64 29 7d 2c 58 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 29 7b 66 6f 72 28 63 3d 28 64 3d 64 2e 72 65 70 6c 61 63 65 28 2f 5c 5c 72 5c 5c 6e 2f 67 2c 22 5c 5c 6e 22 29 2c 61 3d 30 2c 5b 5d 29 2c 43 3d 30 3b 61 3c 64 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 6d 3d 64 2e 63 68 61 72 43 6f 64 65 41 74 28 61 29 2c 6d 3c 31 32 38 3f 63 5b 43 2b 2b 5d 3d 6d 3a 28 6d 3c 32 30 34 38 3f 63 5b 43 2b 2b 5d 3d 6d 3e 3e 36 7c 31 39 32 3a 28 28 6d 26 36 34 35 31 32 29 3d 3d 35 35 32 39 36 26 26 61 2b 31 3c 64 2e 6c 65 6e 67 74 68 26 26 28 64 2e 63 68 61 72 43 6f 64 65 41 74 28 61 2b 31 29 26 36 34 35 31 32 29 3d 3d 35 36 33 32 30 3f 28 6d 3d 36 35 35 33 36 2b 28 28 6d 26 31 30 32 33 Data Ascii: n d.Y?Zt(d.D,d):J(8,true,d)},Xt=function(d,a,C,m,c){for(c=(d=d.replace(/\\r\\n/g,"\\n"),a=0,[]),C=0;a<d.length;a++)m=d.charCodeAt(a),m<128?c[C++]=m:(m<2048?c[C++]=m>>6\|192:((m&64512)==55296&&a+1<d.length&&(d.charCodeAt(a+1)&64512)==56320?(m=65536+((m&1023
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 29 7b 66 6f 72 28 3b 61 2e 47 2e 6c 65 6e 67 74 68 3b 29 7b 43 3d 28 61 2e 53 3d 6e 75 6c 6c 2c 61 2e 47 29 2e 70 6f 70 28 29 3b 74 72 79 7b 6d 3d 74 75 28 61 2c 43 29 7d 63 61 74 63 68 28 63 29 7b 4e 28 63 2c 61 29 7d 69 66 28 64 26 26 61 2e 53 29 7b 64 3d 61 2e 53 2c 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 28 61 2c 74 72 75 65 2c 74 72 75 65 29 7d 29 3b 62 72 65 61 6b 7d 7d 72 65 74 75 72 6e 20 6d 7d 2c 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 69 66 28 28 43 3d 74 79 70 65 6f 66 20 64 2c 43 29 3d 3d 22 6f 62 6a 65 63 74 22 29 69 66 28 64 29 7b 69 66 28 64 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 72 65 74 75 72 6e 22 61 72 72 61 79 22 3b 69 66 28 64 20 69 6e 73 74 61 6e 63 65 6f Data Ascii: unction(d,a,C,m){for(;a.G.length;){C=(a.S=null,a.G).pop();try{m=tu(a,C)}catch(c){N(c,a)}if(d&&a.S){d=a.S,d(function(){g(a,true,true)});break}}return m},ll=function(d,a,C){if((C=typeof d,C)=="object")if(d){if(d instanceof Array)return"array";if(d instanceo
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 61 3d 6d 7d 2c 43 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 2c 5a 2c 65 2c 46 29 7b 69 66 28 21 64 2e 6a 69 26 26 28 46 3d 76 6f 69 64 20 30 2c 43 26 26 43 5b 30 5d 3d 3d 3d 47 26 26 28 46 3d 43 5b 32 5d 2c 61 3d 43 5b 31 5d 2c 43 3d 76 6f 69 64 20 30 29 2c 63 3d 77 28 64 2c 33 39 37 29 2c 63 2e 6c 65 6e 67 74 68 3d 3d 30 26 26 28 65 3d 77 28 64 2c 39 30 29 3e 3e 33 2c 63 2e 70 75 73 68 28 61 2c 65 3e 3e 38 26 32 35 35 2c 65 26 32 35 35 29 2c 46 21 3d 76 6f 69 64 20 30 26 26 63 2e 70 75 73 68 28 46 26 32 35 35 29 29 2c 61 3d 22 22 2c 43 26 26 28 43 2e 6d 65 73 73 61 67 65 26 26 28 61 2b 3d 43 2e 6d 65 73 73 61 67 65 29 2c 43 2e 73 74 61 63 6b 26 26 28 61 2b 3d 22 3a 22 2b 43 2e 73 74 61 63 6b 29 29 2c 43 3d 77 28 64 2c 35 30 32 29 Data Ascii: a=m},C},u=function(d,a,C,m,c,Z,e,F){if(!d.ji&&(F=void 0,C&&C[0]===G&&(F=C[2],a=C[1],C=void 0),c=w(d,397),c.length==0&&(e=w(d,90)>>3,c.push(a,e>>8&255,e&255),F!=void 0&&c.push(F&255)),a="",C&&(C.message&&(a+=C.message),C.stack&&(a+=":"+C.stack)),C=w(d,502)
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 35 28 29 29 2c 6e 65 77 20 43 29 2c 6d 7d 5d 7d 2c 46 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 64 28 66 75 6e 63 74 69 6f 6e 28 43 29 7b 43 28 61 29 7d 29 2c 5b 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 7d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 5d 7d 2c 69 6c 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 61 3d 30 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 3c 64 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 66 61 6c 73 65 2c 76 61 6c 75 65 3a 64 5b 61 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 74 72 75 65 7d 7d 7d 2c 43 24 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 2c 5a 2c 65 2c 46 29 7b 66 6f 72 28 28 63 2e 75 5a 3d 57 62 28 63 2e 56 2c 28 63 2e 72 61 3d 63 5b 6b 5d 2c 63 2e Data Ascii: 5()),new C),m}]},Ft=function(d,a){return d(function(C){C(a)}),[function(){return a},function(){}]},il=function(d,a){return a=0,function(){return a<d.length?{done:false,value:d[a++]}:{done:true}}},C$=function(d,a,C,m,c,Z,e,F){for((c.uZ=Wb(c.V,(c.ra=c[k],c.
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 28 66 2c 51 2c 4f 2c 57 2c 70 2c 71 2c 4c 29 7b 66 6f 72 28 51 3d 77 28 66 2c 28 57 3d 28 70 3d 28 4c 3d 42 28 66 29 2c 65 31 28 66 29 29 2c 22 22 29 2c 32 37 33 29 29 2c 71 3d 51 2e 6c 65 6e 67 74 68 2c 4f 3d 30 3b 70 2d 2d 3b 29 4f 3d 28 28 4f 7c 30 29 2b 28 65 31 28 66 29 7c 30 29 29 25 71 2c 57 2b 3d 65 5b 51 5b 4f 5d 5d 3b 52 28 4c 2c 66 2c 57 29 7d 2c 28 52 28 28 28 63 2e 4b 79 3d 28 52 28 34 33 38 2c 28 63 2e 48 45 3d 28 41 28 63 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 2c 4f 2c 57 29 7b 4f 3d 42 28 28 57 3d 28 51 3d 42 28 66 29 2c 42 29 28 66 29 2c 66 29 29 2c 52 28 4f 2c 66 2c 77 28 66 2c 51 29 7c 7c 77 28 66 2c 57 29 29 7d 2c 28 41 28 63 2c 28 52 28 34 36 31 2c 63 2c 28 41 28 63 2c 28 41 28 63 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 2c 4f 29 7b 52 Data Ascii: (f,Q,O,W,p,q,L){for(Q=w(f,(W=(p=(L=B(f),e1(f)),""),273)),q=Q.length,O=0;p--;)O=((O\|0)+(e1(f)\|0))%q,W+=e[Q[O]];R(L,f,W)},(R(((c.Ky=(R(438,(c.HE=(A(c,function(f,Q,O,W){O=B((W=(Q=B(f),B)(f),f)),R(O,f,w(f,Q)\|\|w(f,W))},(A(c,(R(461,c,(A(c,(A(c,function(f,Q,O){R
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 2e 4e 73 3d 21 28 63 2e 42 45 3d 5b 5d 2c 31 29 2c 63 29 2e 58 3d 76 6f 69 64 20 30 2c 5b 5d 29 2c 46 29 2e 74 69 6d 65 4f 72 69 67 69 6e 7c 7c 28 46 2e 74 69 6d 69 6e 67 7c 7c 7b 7d 29 2e 6e 61 76 69 67 61 74 69 6f 6e 53 74 61 72 74 7c 7c 30 2c 63 29 2e 43 3d 5b 5d 2c 6d 26 26 6d 2e 6c 65 6e 67 74 68 3d 3d 32 26 26 28 63 2e 42 45 3d 6d 5b 31 5d 2c 63 2e 44 78 3d 6d 5b 30 5d 29 2c 63 29 2c 30 29 2c 39 30 29 2c 63 2c 30 29 2c 31 35 38 29 29 2c 33 32 35 29 29 2c 33 32 29 29 2c 63 29 2c 63 29 2c 33 32 34 29 29 2c 52 29 28 33 32 31 2c 63 2c 37 39 33 29 2c 34 36 35 29 29 2c 31 34 29 29 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 29 7b 28 66 3d 28 51 3d 42 28 66 29 2c 77 28 66 2e 49 2c 51 29 29 2c 66 29 5b 30 5d 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e Data Ascii: .Ns=!(c.BE=[],1),c).X=void 0,[]),F).timeOrigin\|\|(F.timing\|\|{}).navigationStart\|\|0,c).C=[],m&&m.length==2&&(c.BE=m[1],c.Dx=m[0]),c),0),90),c,0),158)),325)),32)),c),c),324)),R)(321,c,793),465)),14)),function(f,Q){(f=(Q=B(f),w(f.I,Q)),f)[0].removeEventListen
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 74 68 2c 51 3d 4f 2e 58 75 2c 4f 3d 4f 2e 65 69 2c 71 3d 70 3d 3d 30 3f 6e 65 77 20 4f 5b 57 5d 3a 70 3d 3d 31 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 29 3a 70 3d 3d 32 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 29 3a 70 3d 3d 33 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 2c 71 5b 32 5d 29 3a 70 3d 3d 34 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 2c 71 5b 32 5d 2c 71 5b 33 5d 29 3a 32 28 29 2c 52 28 51 2c 66 2c 71 29 29 7d 2c 31 36 29 2c 49 29 28 5b 4c 24 5d 2c 63 29 2c 4d 39 29 2c 5a 5d 2c 63 29 2c 5b 7a 62 2c 61 5d 29 2c 63 29 2c 63 29 2c 74 72 75 65 2c 74 72 75 65 29 7d 2c 5a 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 28 64 3d 64 2e 63 72 65 61 74 65 28 29 2e 73 68 69 66 74 28 29 2c 61 Data Ascii: th,Q=O.Xu,O=O.ei,q=p==0?new O[W]:p==1?new O[W](q[0]):p==2?new O[W](q[0],q[1]):p==3?new O[W](q[0],q[1],q[2]):p==4?new O[W](q[0],q[1],q[2],q[3]):2(),R(Q,f,q))},16),I)([L$],c),M9),Z],c),[zb,a]),c),c),true,true)},Zt=function(d,a){return(d=d.create().shift(),a
2024-09-28 02:41:30 UTC	1390	IN	Data Raw: 28 61 29 3b 65 6c 73 65 20 69 66 28 63 3d 3d 7a 62 29 7b 74 72 79 7b 66 6f 72 28 6d 3d 30 3b 6d 3c 64 2e 43 2e 6c 65 6e 67 74 68 3b 6d 2b 2b 29 74 72 79 7b 43 3d 64 2e 43 5b 6d 5d 2c 43 5b 30 5d 5b 43 5b 31 5d 5d 28 43 5b 32 5d 29 7d 63 61 74 63 68 28 5a 29 7b 7d 7d 63 61 74 63 68 28 5a 29 7b 7d 28 30 2c 61 5b 31 5d 29 28 66 75 6e 63 74 69 6f 6e 28 5a 2c 65 29 7b 64 2e 50 45 28 5a 2c 74 72 75 65 2c 65 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 7b 28 49 28 5b 79 37 5d 2c 28 5a 3d 21 64 2e 47 2e 6c 65 6e 67 74 68 2c 64 29 29 2c 5a 29 26 26 67 28 64 2c 74 72 75 65 2c 66 61 6c 73 65 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 7b 72 65 74 75 72 6e 20 64 2e 7a 6f 28 5a 29 7d 2c 28 6d 3d 28 64 2e 43 3d 5b 5d 2c 64 29 2e 67 28 29 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 Data Ascii: (a);else if(c==zb){try{for(m=0;m<d.C.length;m++)try{C=d.C[m],C[0][C[1]](C[2])}catch(Z){}}catch(Z){}(0,a[1])(function(Z,e){d.PE(Z,true,e)},function(Z){(I([y7],(Z=!d.G.length,d)),Z)&&g(d,true,false)},function(Z){return d.zo(Z)},(m=(d.C=[],d).g(),function(Z)

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:31 UTC	879	OUT	GET /recaptcha/api2/webworker.js?hl=en&v=xds0rzGrktR88uEZ2JUvdgOY HTTP/1.1 Host: www.google.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: same-origin Sec-Fetch-Mode: same-origin Sec-Fetch-Dest: worker Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfjspgUAAAAABsbjG9id6qXQKZkqb6_Hpce6ui_&co=aHR0cHM6Ly9tZXRtYXNzay11c2FsbG9nZ2llcy5nb2RhZGR5c2l0ZXMuY29tOjQ0Mw..&hl=en&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=2j7bu6ncpajs Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:31 UTC	917	IN	HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 Cross-Origin-Embedder-Policy: require-corp Report-To: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} Report-To: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} Expires: Sat, 28 Sep 2024 02:41:31 GMT Date: Sat, 28 Sep 2024 02:41:31 GMT Cache-Control: private, max-age=300 Cross-Origin-Resource-Policy: same-site Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Accept-Ranges: none Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked
2024-09-28 02:41:31 UTC	108	IN	Data Raw: 36 36 0d 0a 69 6d 70 6f 72 74 53 63 72 69 70 74 73 28 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 72 65 63 61 70 74 63 68 61 2f 72 65 6c 65 61 73 65 73 2f 78 64 73 30 72 7a 47 72 6b 74 52 38 38 75 45 5a 32 4a 55 76 64 67 4f 59 2f 72 65 63 61 70 74 63 68 61 5f 5f 65 6e 2e 6a 73 27 29 3b 0d 0a Data Ascii: 66importScripts('https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__en.js');
2024-09-28 02:41:31 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:31 UTC	487	OUT	GET /js/bg/dubcxWuhhbqw8uaLSFFGvELnk5WmffD3wjoYeQZ33gk.js HTTP/1.1 Host: www.google.com Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: / X-Client-Data: CKq1yQEIi7bJAQiktskBCKmdygEIoOHKAQiUocsBCJz+zAEIhaDNAQi5ys0BCIrTzQEY9snNARjrjaUX Sec-Fetch-Site: none Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:32 UTC	812	IN	HTTP/1.1 200 OK Accept-Ranges: bytes Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs" Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} Content-Length: 18618 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 26 Sep 2024 04:57:25 GMT Expires: Fri, 26 Sep 2025 04:57:25 GMT Cache-Control: public, max-age=31536000 Last-Modified: Tue, 17 Sep 2024 15:00:00 GMT Content-Type: text/javascript Vary: Accept-Encoding Age: 164646 Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-28 02:41:32 UTC	578	IN	Data Raw: 2f 2a 20 41 6e 74 69 2d 73 70 61 6d 2e 20 57 61 6e 74 20 74 6f 20 73 61 79 20 68 65 6c 6c 6f 3f 20 43 6f 6e 74 61 63 74 20 28 62 61 73 65 36 34 29 20 59 6d 39 30 5a 33 56 68 63 6d 51 74 59 32 39 75 64 47 46 6a 64 45 42 6e 62 32 39 6e 62 47 55 75 59 32 39 74 20 2a 2f 20 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 63 3d 74 68 69 73 7c 7c 73 65 6c 66 2c 43 3d 66 75 6e 63 74 69 6f 6e 28 64 29 7b 72 65 74 75 72 6e 20 64 7d 2c 6d 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 69 66 28 21 28 61 3d 28 64 3d 6e 75 6c 6c 2c 63 29 2e 74 72 75 73 74 65 64 54 79 70 65 73 2c 61 29 7c 7c 21 61 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 29 72 65 74 75 72 6e 20 64 3b 74 72 79 7b 64 3d 61 2e 63 72 65 61 74 65 50 6f 6c 69 63 79 28 22 62 67 22 2c 7b 63 72 65 61 74 65 48 54 4d Data Ascii: /* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */ (function(){var c=this\|\|self,C=function(d){return d},m=function(d,a){if(!(a=(d=null,c).trustedTypes,a)\|\|!a.createPolicy)return d;try{d=a.createPolicy("bg",{createHTM
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 44 58 2d 4c 69 63 65 6e 73 65 2d 49 64 65 6e 74 69 66 69 65 72 3a 20 41 70 61 63 68 65 2d 32 2e 30 27 2c 0a 27 2a 2f 27 2c 0a 27 76 61 72 20 64 42 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 69 66 28 64 2e 6c 65 6e 67 74 68 3d 3d 33 29 7b 66 6f 72 28 43 3d 30 3b 43 3c 33 3b 43 2b 2b 29 61 5b 43 5d 2b 3d 64 5b 43 5d 3b 66 6f 72 28 43 3d 28 64 3d 5b 31 33 2c 38 2c 31 33 2c 31 32 2c 31 36 2c 35 2c 33 2c 31 30 2c 31 35 5d 2c 30 29 3b 43 3c 39 3b 43 2b 2b 29 61 5b 33 5d 28 61 2c 43 25 33 2c 64 5b 43 5d 29 7d 7d 2c 61 32 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 72 65 74 75 72 6e 20 64 2e 50 45 28 66 75 6e 63 74 69 6f 6e 28 6d 29 7b 43 3d 6d 7d 2c 66 61 6c 73 65 2c 61 29 2c 43 7d 2c 63 62 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 Data Ascii: DX-License-Identifier: Apache-2.0','*/','var dB=function(d,a,C){if(d.length==3){for(C=0;C<3;C++)a[C]+=d[C];for(C=(d=[13,8,13,12,16,5,3,10,15],0);C<9;C++)a[3](a,C%3,d[C])}},a2=function(d,a,C){return d.PE(function(m){C=m},false,a),C},cb=function(d,a,C,m,c
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 6e 20 64 2e 59 3f 5a 74 28 64 2e 44 2c 64 29 3a 4a 28 38 2c 74 72 75 65 2c 64 29 7d 2c 58 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 29 7b 66 6f 72 28 63 3d 28 64 3d 64 2e 72 65 70 6c 61 63 65 28 2f 5c 5c 72 5c 5c 6e 2f 67 2c 22 5c 5c 6e 22 29 2c 61 3d 30 2c 5b 5d 29 2c 43 3d 30 3b 61 3c 64 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 6d 3d 64 2e 63 68 61 72 43 6f 64 65 41 74 28 61 29 2c 6d 3c 31 32 38 3f 63 5b 43 2b 2b 5d 3d 6d 3a 28 6d 3c 32 30 34 38 3f 63 5b 43 2b 2b 5d 3d 6d 3e 3e 36 7c 31 39 32 3a 28 28 6d 26 36 34 35 31 32 29 3d 3d 35 35 32 39 36 26 26 61 2b 31 3c 64 2e 6c 65 6e 67 74 68 26 26 28 64 2e 63 68 61 72 43 6f 64 65 41 74 28 61 2b 31 29 26 36 34 35 31 32 29 3d 3d 35 36 33 32 30 3f 28 6d 3d 36 35 35 33 36 2b 28 28 6d 26 31 30 32 33 Data Ascii: n d.Y?Zt(d.D,d):J(8,true,d)},Xt=function(d,a,C,m,c){for(c=(d=d.replace(/\\r\\n/g,"\\n"),a=0,[]),C=0;a<d.length;a++)m=d.charCodeAt(a),m<128?c[C++]=m:(m<2048?c[C++]=m>>6\|192:((m&64512)==55296&&a+1<d.length&&(d.charCodeAt(a+1)&64512)==56320?(m=65536+((m&1023
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 29 7b 66 6f 72 28 3b 61 2e 47 2e 6c 65 6e 67 74 68 3b 29 7b 43 3d 28 61 2e 53 3d 6e 75 6c 6c 2c 61 2e 47 29 2e 70 6f 70 28 29 3b 74 72 79 7b 6d 3d 74 75 28 61 2c 43 29 7d 63 61 74 63 68 28 63 29 7b 4e 28 63 2c 61 29 7d 69 66 28 64 26 26 61 2e 53 29 7b 64 3d 61 2e 53 2c 64 28 66 75 6e 63 74 69 6f 6e 28 29 7b 67 28 61 2c 74 72 75 65 2c 74 72 75 65 29 7d 29 3b 62 72 65 61 6b 7d 7d 72 65 74 75 72 6e 20 6d 7d 2c 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 29 7b 69 66 28 28 43 3d 74 79 70 65 6f 66 20 64 2c 43 29 3d 3d 22 6f 62 6a 65 63 74 22 29 69 66 28 64 29 7b 69 66 28 64 20 69 6e 73 74 61 6e 63 65 6f 66 20 41 72 72 61 79 29 72 65 74 75 72 6e 22 61 72 72 61 79 22 3b 69 66 28 64 20 69 6e 73 74 61 6e 63 65 6f Data Ascii: unction(d,a,C,m){for(;a.G.length;){C=(a.S=null,a.G).pop();try{m=tu(a,C)}catch(c){N(c,a)}if(d&&a.S){d=a.S,d(function(){g(a,true,true)});break}}return m},ll=function(d,a,C){if((C=typeof d,C)=="object")if(d){if(d instanceof Array)return"array";if(d instanceo
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 61 3d 6d 7d 2c 43 7d 2c 75 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 2c 5a 2c 65 2c 46 29 7b 69 66 28 21 64 2e 6a 69 26 26 28 46 3d 76 6f 69 64 20 30 2c 43 26 26 43 5b 30 5d 3d 3d 3d 47 26 26 28 46 3d 43 5b 32 5d 2c 61 3d 43 5b 31 5d 2c 43 3d 76 6f 69 64 20 30 29 2c 63 3d 77 28 64 2c 33 39 37 29 2c 63 2e 6c 65 6e 67 74 68 3d 3d 30 26 26 28 65 3d 77 28 64 2c 39 30 29 3e 3e 33 2c 63 2e 70 75 73 68 28 61 2c 65 3e 3e 38 26 32 35 35 2c 65 26 32 35 35 29 2c 46 21 3d 76 6f 69 64 20 30 26 26 63 2e 70 75 73 68 28 46 26 32 35 35 29 29 2c 61 3d 22 22 2c 43 26 26 28 43 2e 6d 65 73 73 61 67 65 26 26 28 61 2b 3d 43 2e 6d 65 73 73 61 67 65 29 2c 43 2e 73 74 61 63 6b 26 26 28 61 2b 3d 22 3a 22 2b 43 2e 73 74 61 63 6b 29 29 2c 43 3d 77 28 64 2c 35 30 32 29 Data Ascii: a=m},C},u=function(d,a,C,m,c,Z,e,F){if(!d.ji&&(F=void 0,C&&C[0]===G&&(F=C[2],a=C[1],C=void 0),c=w(d,397),c.length==0&&(e=w(d,90)>>3,c.push(a,e>>8&255,e&255),F!=void 0&&c.push(F&255)),a="",C&&(C.message&&(a+=C.message),C.stack&&(a+=":"+C.stack)),C=w(d,502)
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 35 28 29 29 2c 6e 65 77 20 43 29 2c 6d 7d 5d 7d 2c 46 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 64 28 66 75 6e 63 74 69 6f 6e 28 43 29 7b 43 28 61 29 7d 29 2c 5b 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 7d 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 7d 5d 7d 2c 69 6c 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 20 61 3d 30 2c 66 75 6e 63 74 69 6f 6e 28 29 7b 72 65 74 75 72 6e 20 61 3c 64 2e 6c 65 6e 67 74 68 3f 7b 64 6f 6e 65 3a 66 61 6c 73 65 2c 76 61 6c 75 65 3a 64 5b 61 2b 2b 5d 7d 3a 7b 64 6f 6e 65 3a 74 72 75 65 7d 7d 7d 2c 43 24 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 2c 43 2c 6d 2c 63 2c 5a 2c 65 2c 46 29 7b 66 6f 72 28 28 63 2e 75 5a 3d 57 62 28 63 2e 56 2c 28 63 2e 72 61 3d 63 5b 6b 5d 2c 63 2e Data Ascii: 5()),new C),m}]},Ft=function(d,a){return d(function(C){C(a)}),[function(){return a},function(){}]},il=function(d,a){return a=0,function(){return a<d.length?{done:false,value:d[a++]}:{done:true}}},C$=function(d,a,C,m,c,Z,e,F){for((c.uZ=Wb(c.V,(c.ra=c[k],c.
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 28 66 2c 51 2c 4f 2c 57 2c 70 2c 71 2c 4c 29 7b 66 6f 72 28 51 3d 77 28 66 2c 28 57 3d 28 70 3d 28 4c 3d 42 28 66 29 2c 65 31 28 66 29 29 2c 22 22 29 2c 32 37 33 29 29 2c 71 3d 51 2e 6c 65 6e 67 74 68 2c 4f 3d 30 3b 70 2d 2d 3b 29 4f 3d 28 28 4f 7c 30 29 2b 28 65 31 28 66 29 7c 30 29 29 25 71 2c 57 2b 3d 65 5b 51 5b 4f 5d 5d 3b 52 28 4c 2c 66 2c 57 29 7d 2c 28 52 28 28 28 63 2e 4b 79 3d 28 52 28 34 33 38 2c 28 63 2e 48 45 3d 28 41 28 63 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 2c 4f 2c 57 29 7b 4f 3d 42 28 28 57 3d 28 51 3d 42 28 66 29 2c 42 29 28 66 29 2c 66 29 29 2c 52 28 4f 2c 66 2c 77 28 66 2c 51 29 7c 7c 77 28 66 2c 57 29 29 7d 2c 28 41 28 63 2c 28 52 28 34 36 31 2c 63 2c 28 41 28 63 2c 28 41 28 63 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 2c 4f 29 7b 52 Data Ascii: (f,Q,O,W,p,q,L){for(Q=w(f,(W=(p=(L=B(f),e1(f)),""),273)),q=Q.length,O=0;p--;)O=((O\|0)+(e1(f)\|0))%q,W+=e[Q[O]];R(L,f,W)},(R(((c.Ky=(R(438,(c.HE=(A(c,function(f,Q,O,W){O=B((W=(Q=B(f),B)(f),f)),R(O,f,w(f,Q)\|\|w(f,W))},(A(c,(R(461,c,(A(c,(A(c,function(f,Q,O){R
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 2e 4e 73 3d 21 28 63 2e 42 45 3d 5b 5d 2c 31 29 2c 63 29 2e 58 3d 76 6f 69 64 20 30 2c 5b 5d 29 2c 46 29 2e 74 69 6d 65 4f 72 69 67 69 6e 7c 7c 28 46 2e 74 69 6d 69 6e 67 7c 7c 7b 7d 29 2e 6e 61 76 69 67 61 74 69 6f 6e 53 74 61 72 74 7c 7c 30 2c 63 29 2e 43 3d 5b 5d 2c 6d 26 26 6d 2e 6c 65 6e 67 74 68 3d 3d 32 26 26 28 63 2e 42 45 3d 6d 5b 31 5d 2c 63 2e 44 78 3d 6d 5b 30 5d 29 2c 63 29 2c 30 29 2c 39 30 29 2c 63 2c 30 29 2c 31 35 38 29 29 2c 33 32 35 29 29 2c 33 32 29 29 2c 63 29 2c 63 29 2c 33 32 34 29 29 2c 52 29 28 33 32 31 2c 63 2c 37 39 33 29 2c 34 36 35 29 29 2c 31 34 29 29 2c 66 75 6e 63 74 69 6f 6e 28 66 2c 51 29 7b 28 66 3d 28 51 3d 42 28 66 29 2c 77 28 66 2e 49 2c 51 29 29 2c 66 29 5b 30 5d 2e 72 65 6d 6f 76 65 45 76 65 6e 74 4c 69 73 74 65 6e Data Ascii: .Ns=!(c.BE=[],1),c).X=void 0,[]),F).timeOrigin\|\|(F.timing\|\|{}).navigationStart\|\|0,c).C=[],m&&m.length==2&&(c.BE=m[1],c.Dx=m[0]),c),0),90),c,0),158)),325)),32)),c),c),324)),R)(321,c,793),465)),14)),function(f,Q){(f=(Q=B(f),w(f.I,Q)),f)[0].removeEventListen
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 74 68 2c 51 3d 4f 2e 58 75 2c 4f 3d 4f 2e 65 69 2c 71 3d 70 3d 3d 30 3f 6e 65 77 20 4f 5b 57 5d 3a 70 3d 3d 31 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 29 3a 70 3d 3d 32 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 29 3a 70 3d 3d 33 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 2c 71 5b 32 5d 29 3a 70 3d 3d 34 3f 6e 65 77 20 4f 5b 57 5d 28 71 5b 30 5d 2c 71 5b 31 5d 2c 71 5b 32 5d 2c 71 5b 33 5d 29 3a 32 28 29 2c 52 28 51 2c 66 2c 71 29 29 7d 2c 31 36 29 2c 49 29 28 5b 4c 24 5d 2c 63 29 2c 4d 39 29 2c 5a 5d 2c 63 29 2c 5b 7a 62 2c 61 5d 29 2c 63 29 2c 63 29 2c 74 72 75 65 2c 74 72 75 65 29 7d 2c 5a 74 3d 66 75 6e 63 74 69 6f 6e 28 64 2c 61 29 7b 72 65 74 75 72 6e 28 64 3d 64 2e 63 72 65 61 74 65 28 29 2e 73 68 69 66 74 28 29 2c 61 Data Ascii: th,Q=O.Xu,O=O.ei,q=p==0?new O[W]:p==1?new O[W](q[0]):p==2?new O[W](q[0],q[1]):p==3?new O[W](q[0],q[1],q[2]):p==4?new O[W](q[0],q[1],q[2],q[3]):2(),R(Q,f,q))},16),I)([L$],c),M9),Z],c),[zb,a]),c),c),true,true)},Zt=function(d,a){return(d=d.create().shift(),a
2024-09-28 02:41:32 UTC	1390	IN	Data Raw: 28 61 29 3b 65 6c 73 65 20 69 66 28 63 3d 3d 7a 62 29 7b 74 72 79 7b 66 6f 72 28 6d 3d 30 3b 6d 3c 64 2e 43 2e 6c 65 6e 67 74 68 3b 6d 2b 2b 29 74 72 79 7b 43 3d 64 2e 43 5b 6d 5d 2c 43 5b 30 5d 5b 43 5b 31 5d 5d 28 43 5b 32 5d 29 7d 63 61 74 63 68 28 5a 29 7b 7d 7d 63 61 74 63 68 28 5a 29 7b 7d 28 30 2c 61 5b 31 5d 29 28 66 75 6e 63 74 69 6f 6e 28 5a 2c 65 29 7b 64 2e 50 45 28 5a 2c 74 72 75 65 2c 65 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 7b 28 49 28 5b 79 37 5d 2c 28 5a 3d 21 64 2e 47 2e 6c 65 6e 67 74 68 2c 64 29 29 2c 5a 29 26 26 67 28 64 2c 74 72 75 65 2c 66 61 6c 73 65 29 7d 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 7b 72 65 74 75 72 6e 20 64 2e 7a 6f 28 5a 29 7d 2c 28 6d 3d 28 64 2e 43 3d 5b 5d 2c 64 29 2e 67 28 29 2c 66 75 6e 63 74 69 6f 6e 28 5a 29 Data Ascii: (a);else if(c==zb){try{for(m=0;m<d.C.length;m++)try{C=d.C[m],C[0][C[1]](C[2])}catch(Z){}}catch(Z){}(0,a[1])(function(Z,e){d.PE(Z,true,e)},function(Z){(I([y7],(Z=!d.G.length,d)),Z)&&g(d,true,false)},function(Z){return d.zo(Z)},(m=(d.C=[],d).g(),function(Z)

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:42 UTC	967	OUT	GET /ellis-property HTTP/1.1 Host: metmassk-usalloggies.godaddysites.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none Sec-Fetch-Mode: navigate Sec-Fetch-Dest: document Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9 Cookie: dps_site_id=us-east-1; _tccl_visitor=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; _tccl_visit=fc8483fa-d938-41de-9cff-ab80cf9dbfa7; cookie_warning_dismissed=true; cookie_terms_accepted=true; _scc_session=pc=5&C_TOUCH=2024-09-28T02:41:16.177Z If-None-Match: 3e788d804d74b9b5dbe9577b97e8a47c
2024-09-28 02:41:43 UTC	271	IN	HTTP/1.1 304 Not Modified Vary: Accept-Encoding Server: DPS/2.0.0+sha-227ca78 X-Version: 227ca78 X-SiteId: us-east-1 Set-Cookie: dps_site_id=us-east-1; path=/; secure ETag: 3e788d804d74b9b5dbe9577b97e8a47c Date: Sat, 28 Sep 2024 02:41:43 GMT Connection: close

Timestamp	Bytes transferred	Direction	Data
2024-09-28 02:41:45 UTC	657	OUT	GET /accounts/cf89a7ca-07c4-406f-a5bc-b4c9a082fb91/config?fields[]=cart HTTP/1.1 Host: api.ola.godaddy.com Connection: keep-alive sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117" Accept: / sec-ch-ua-mobile: ?0 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 sec-ch-ua-platform: "Windows" Origin: https://metmassk-usalloggies.godaddysites.com Sec-Fetch-Site: cross-site Sec-Fetch-Mode: cors Sec-Fetch-Dest: empty Referer: https://metmassk-usalloggies.godaddysites.com/ Accept-Encoding: gzip, deflate, br Accept-Language: en-US,en;q=0.9
2024-09-28 02:41:45 UTC	758	IN	HTTP/1.1 404 Not Found Date: Sat, 28 Sep 2024 02:41:45 GMT Content-Type: application/json; charset=utf-8 Content-Length: 29 Connection: close access-control-allow-origin: https://metmassk-usalloggies.godaddysites.com access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD access-control-expose-headers: access-control-max-age: 7200 access-control-allow-credentials: true X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin Cache-Control: no-cache X-Request-Id: 1efed0bf43cb537dd165f15c6deeefee X-Runtime: 0.004332 vary: Accept, Origin Strict-Transport-Security: max-age=15724800; includeSubDomains
2024-09-28 02:41:45 UTC	29	IN	Data Raw: 7b 22 65 72 72 6f 72 22 3a 22 41 63 63 6f 75 6e 74 20 6e 6f 74 20 66 6f 75 6e 64 22 7d Data Ascii: {"error":"Account not found"}