Report - sunflowercoastlineprobe.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kw=[livecamrips,com,conymegan,recorded,videos,we,have,262,videos,available,from,conymegan,completely,free]&psid=livecamrips.com,livecamrips.com&qonafl=9&refer=https://livecamrips.com/model/41763/conymegan/1&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485

Report Overview

Submitted URL
sunflowercoastlineprobe.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kw=[livecamrips,com,conymegan,recorded,videos,we,have,262,videos,available,from,conymegan,completely,free]&psid=livecamrips.com,livecamrips.com&qonafl=9&refer=https://livecamrips.com/model/41763/conymegan/1&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485
IP
192.243.59.13
ASN
#39572 DataWeb Global Group B.V.
Submitted
2024-05-08 01:35:18
Access
public
Website Title
Squirted
Final URL
landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
atlas.atsptp.com	87209	2020-02-13	2020-03-08	2024-05-03	3.6 kB	3.1 kB	66.254.114.63
ocsp.e2m02.amazontrust.com	unknown	2007-05-11	2022-12-07	2024-05-07	676 B	1.5 kB	143.204.53.97
events.launchdarkly.com	1653	2014-07-15	2016-02-06	2024-05-07	1.3 kB	1.0 kB	34.233.157.61
sunflowercoastlineprobe.com	unknown	2024-04-29	2024-04-30	2024-04-30	3.5 kB	4.8 kB	172.240.108.84
static2-ma-ht.project1content.com	unknown	2018-04-17	2022-07-17	2024-05-01	4.6 kB	722 kB	64.210.135.117
app.launchdarkly.com	1861	2014-07-15	2015-06-15	2024-05-06	2.3 kB	2.7 kB	151.101.194.217
landing.squirted.com	unknown	unknown	No data	No data	2.4 kB	271 kB	66.254.114.234
static-landing-assets.project1content.com	125763	2018-04-17	2021-09-02	2024-05-07	15 kB	6.4 MB	64.210.135.117
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	882 B	4.2 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-07	1.6 kB	62 kB	142.250.74.131
images-assets-ht.project1content.com	140041	2018-04-17	2018-06-19	2024-05-07	492 B	2.2 kB	64.210.135.117
clientstream.launchdarkly.com	1222	2014-07-15	2017-04-20	2024-05-06	748 B	571 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	sunflowercoastlineprobe.com	Sinkholed
2024-05-08	medium	sunflowercoastlineprobe.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	landing.squirted.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js	40 kB	2024-04-27	2024-05-19
Pretty URL landing.squirted.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 16:26:02 Last Seen2024-05-19 16:21:20 Times Seen69 Hash 44086a9f945c2c345183cb951c5e8b60 72f7e7293a1b8862436f457b2d82589a12ce17f5 c0a3c7e552bc83c5678550d191559c46761c1e6d8d49060912b3c3d8460fba0b Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js	421 B	2024-03-12	2024-05-19
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:15:37 Last Seen2024-05-19 16:21:20 Times Seen115 Hash a94050f26199e41905e348fbc2ad9724 4ad81ca158f6008863628a9dccd0232870a66a05 a97ab9aa6b0d346531f8fab56ba39727ccf80b4101a4b3f09af3eab4d895108d Loading...

	static2-ma-ht.project1content.com/tour/main.f3e2c2ec.js	466 kB	2024-05-07	2024-05-08
Pretty URL static2-ma-ht.project1content.com/tour/main.f3e2c2ec.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:04:15 Last Seen2024-05-08 19:25:59 Times Seen10 Hash a3d838aade419826389aacaf1f22aa69 0929da51f93e95359840abb12f733eab7b42b508 aea816c7dcc0ab667734c916ce428098478decd5b76e2100be7e46242d0774ca Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js	232 B	2023-03-14	2024-05-19
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:15:36 Last Seen2024-05-19 16:21:20 Times Seen113 Hash ed2f44cc9f2871d8668252e176c16e33 efa4750156409a21bc47ae02827d792d14ca899d 5544d0dd2f72ed204f9d4e9ca610e167ceb31854b27d188e55b1360319962e1b Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js	435 B	2023-03-14	2024-05-19
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:15:36 Last Seen2024-05-19 16:21:20 Times Seen114 Hash bba82fdfdc2684ce6c44701d57090667 8625624d8247f8c9a94ab6ff74e977e54ee1d083 9116e30438d4725883a76b2efb55417c33529009297515869f1b92dd89d7f602 Loading...

	landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU	195 kB	2024-05-08	2024-05-08
Pretty URL landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 03:35:27 Last Seen2024-05-08 03:35:27 Times Seen1 Hash 556369363db3f91da8d563fb60f3aa3e ed7719245f356ab479ad4ee3416ef388b24c760e 858cbab09aff3b70096378e9c44807254ade5b2aea290fd7b7e330ef913b6ab9 Loading...

	landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU	25 B	2023-03-14	2024-05-19
Pretty URL landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 05:15:37 Last Seen2024-05-19 16:21:20 Times Seen110 Hash b16580b1a49d019b1c9281b516e56e3c 0935549944f775033e56a7c1efb45026e72c2ddb b70652cd68568dee5fe607a9d4c67994ea247547f4b83273ac06e062ea867e6f Loading...

	static2-ma-ht.project1content.com/tour/runtime.9e370972.js	8.7 kB	2024-05-07	2024-05-13
Pretty URL static2-ma-ht.project1content.com/tour/runtime.9e370972.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:04:15 Last Seen2024-05-13 03:51:44 Times Seen19 Hash 34b45de1d61d20f7440b25e6ab45dce5 b9ead631c2367d34e91ceaddd39ed7d9c159c825 023c4674b0fd28570ea9ab4f6e45b224ab0d696d4a37e49f6519537b99b1c109 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.39e014d8.js	3.4 kB	2024-05-03	2024-05-19
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.39e014d8.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 00:55:15 Last Seen2024-05-19 16:21:20 Times Seen43 Hash dfb7b4e7dd147ab4b18cc3fd916d244a 7d20ad251172d8d8b85a1a2a8eadefa20e2095d7 f9a30058bb952c22bfba509c73ed1997eb58006ebd5de34478b738bf20429be9 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.9e0ed0d5.js	5.2 kB	2024-05-03	2024-05-19
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.9e0ed0d5.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 00:55:15 Last Seen2024-05-19 16:21:20 Times Seen43 Hash 1fdd630216d7091b61cf1dbcac2e2b6a 521e641f5101c6f95f20d34399403c694abc9802 97b09d394c83b743dc3e6b8d16ac85823b6df0c6c14bf67ce9c643da58c5a0ef Loading...

	static2-ma-ht.project1content.com/tour/vendors~main.43da72ec.js	1.3 MB	2024-05-07	2024-05-15
Pretty URL static2-ma-ht.project1content.com/tour/vendors~main.43da72ec.js IP 64.210.135.117 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 22:04:15 Last Seen2024-05-15 21:37:57 Times Seen23 Hash 77ab7b1b04cf342b76fa13a486e1e521 3b2b17f398109cb7b1cacdf7bd95595fef7b6cfa 9cfeccb17575f25e5f8a3301e50130d7e5e2135002690b1ce96a6ddb9cea60d1 Loading...

	landing.squirted.com/_p1cdn/tour/vortex.modern.min.js	38 kB	2024-02-06	2024-05-19
Pretty URL landing.squirted.com/_p1cdn/tour/vortex.modern.min.js IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 13:03:22 Last Seen2024-05-19 16:21:20 Times Seen97 Hash 06031ae29667c65eb61158093cd96589 1b2eb0f574ed2a8147515b01dbcfa1d59b15aa87 27c67af023f2e2441f9e51f334267c1cab79c99d1f957e82992de8a62b0bd9f3 Loading...

HTTP Transactions (60)

URL IP Response Size

sunflowercoastlineprobe.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kw=[livecamrips,com,conymegan,recorded,videos,we,have,262,videos,available,from,conymegan,completely,free]&psid=livecamrips.com,livecamrips.com&qonafl=9&refer=https://livecamrips.com/model/41763/conymegan/1&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485

172.240.108.84

1.7 kB

URL
sunflowercoastlineprobe.com/cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kw=[livecamrips,com,conymegan,recorded,videos,we,have,262,videos,available,from,conymegan,completely,free]&psid=livecamrips.com,livecamrips.com&qonafl=9&refer=https://livecamrips.com/model/41763/conymegan/1&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485
IP
172.240.108.84:0
ASN
#7979 SERVERS-COM

File type
HTML document, ASCII text, with very long lines (943)
Size
1.7 kB (1707 bytes)
Hash
143471111afb9130582ae28d83c6984b
6453a07ced95a800ff00dfd336acdc9923d63f85
424e2b0f0967824c1a13eb6f06fcb7c1c79230559699e3a1430fc57f45bcd4f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cavtpcge95?adb=n&dev=r&key=8eed0af3ba88434b397fe82f5912d434&kw=[livecamrips,com,conymegan,recorded,videos,we,have,262,videos,available,from,conymegan,completely,free]&psid=livecamrips.com,livecamrips.com&qonafl=9&refer=https://livecamrips.com/model/41763/conymegan/1&res=14.31&scrHeight=1080&scrWidth=1920&ship=&sub3=invoke_layer&tz=-5&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1&v=24.5.6485 HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 01:34:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=22400125; expires=Thu, 09 May 2024 01:34:48 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpdmVjYW1yaXBzLmNvbS9tb2RlbC80MTc2My9jb255bWVnYW4vMSIsImFyIjpbXX19.xXifbd7twrNdLM-aDjHdC2-O5Ju0IgU3mPMTBPXZdco; expires=Wed, 08 May 2024 01:35:48 GMT
uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; expires=Wed, 15 May 2024 01:34:48 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7506189852d7db1f04d7b054537778f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

sunflowercoastlineprobe.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QmxpdmVjYW1yaXBzJTJDY29tJTJDY29ueW1lZ2FuJTJDcmVjb3JkZWQlMkN2aWRlb3MlMkN3ZSUyQ2hhdmUlMkMyNjIlMkN2aWRlb3MlMkNhdmFpbGFibGUlMkNmcm9tJTJDY29ueW1lZ2FuJTJDY29tcGxldGVseSUyQ2ZyZWUlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTUxMzIxNDgmcW9uYWZsPTkmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZtb2RlbCUyRjQxNzYzJTJGY29ueW1lZ2FuJTJGMSZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTlhNjBjZTg1Y2JmZDA4YmQ2OWIzMGU1YjM4YmJmNDViYTQzMWE5MDQ5MjUzZjA3MWE5NmU2ZGJlM2U3ODRmMWQ5NWE0OGZmNDE1MzhkNjM4YTc1ODU1NDM2MGFlYmE3NDA5MDM5OTdmNzcyZmI3NmVmZTcxODNmMzkyMTEyYjk2YzFhNzNiNjg5MDdmYjM2NWMwZTM1ZTI1ZDAxNzJiMTA0MTc2ZmYyMjViODQ3YWNmMTM1YjY3MGQxNWNmZjZjYzY2JnN1YjM9aW52b2tlX2xheWVyJnR6PS01JnV1aWQ9NmNmYzc0NzYtYmI2NS00YTFiLTg1NGYtMGZmMjg5YjcwMzhjJTNBMiUzQTEmdj0yNC41LjY0ODU&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false

172.240.108.84

0 B

URL
sunflowercoastlineprobe.com/api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QmxpdmVjYW1yaXBzJTJDY29tJTJDY29ueW1lZ2FuJTJDcmVjb3JkZWQlMkN2aWRlb3MlMkN3ZSUyQ2hhdmUlMkMyNjIlMkN2aWRlb3MlMkNhdmFpbGFibGUlMkNmcm9tJTJDY29ueW1lZ2FuJTJDY29tcGxldGVseSUyQ2ZyZWUlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTUxMzIxNDgmcW9uYWZsPTkmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZtb2RlbCUyRjQxNzYzJTJGY29ueW1lZ2FuJTJGMSZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTlhNjBjZTg1Y2JmZDA4YmQ2OWIzMGU1YjM4YmJmNDViYTQzMWE5MDQ5MjUzZjA3MWE5NmU2ZGJlM2U3ODRmMWQ5NWE0OGZmNDE1MzhkNjM4YTc1ODU1NDM2MGFlYmE3NDA5MDM5OTdmNzcyZmI3NmVmZTcxODNmMzkyMTEyYjk2YzFhNzNiNjg5MDdmYjM2NWMwZTM1ZTI1ZDAxNzJiMTA0MTc2ZmYyMjViODQ3YWNmMTM1YjY3MGQxNWNmZjZjYzY2JnN1YjM9aW52b2tlX2xheWVyJnR6PS01JnV1aWQ9NmNmYzc0NzYtYmI2NS00YTFiLTg1NGYtMGZmMjg5YjcwMzhjJTNBMiUzQTEmdj0yNC41LjY0ODU&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false
IP
172.240.108.84:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /api/users?token=L2NhdnRwY2dlOTU_YWRiPW4mZGV2PXIma2V5PThlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Jmt3PSU1QmxpdmVjYW1yaXBzJTJDY29tJTJDY29ueW1lZ2FuJTJDcmVjb3JkZWQlMkN2aWRlb3MlMkN3ZSUyQ2hhdmUlMkMyNjIlMkN2aWRlb3MlMkNhdmFpbGFibGUlMkNmcm9tJTJDY29ueW1lZ2FuJTJDY29tcGxldGVseSUyQ2ZyZWUlNUQmcHNpZD1saXZlY2Ftcmlwcy5jb20lMkNsaXZlY2Ftcmlwcy5jb20mcHN0PTE3MTUxMzIxNDgmcW9uYWZsPTkmcmVmZXI9aHR0cHMlM0ElMkYlMkZsaXZlY2Ftcmlwcy5jb20lMkZtb2RlbCUyRjQxNzYzJTJGY29ueW1lZ2FuJTJGMSZyZXM9MTQuMzEmcm10Yz10JnNjckhlaWdodD0xMDgwJnNjcldpZHRoPTE5MjAmc2hpcD0mc2h1PTlhNjBjZTg1Y2JmZDA4YmQ2OWIzMGU1YjM4YmJmNDViYTQzMWE5MDQ5MjUzZjA3MWE5NmU2ZGJlM2U3ODRmMWQ5NWE0OGZmNDE1MzhkNjM4YTc1ODU1NDM2MGFlYmE3NDA5MDM5OTdmNzcyZmI3NmVmZTcxODNmMzkyMTEyYjk2YzFhNzNiNjg5MDdmYjM2NWMwZTM1ZTI1ZDAxNzJiMTA0MTc2ZmYyMjViODQ3YWNmMTM1YjY3MGQxNWNmZjZjYzY2JnN1YjM9aW52b2tlX2xheWVyJnR6PS01JnV1aWQ9NmNmYzc0NzYtYmI2NS00YTFiLTg1NGYtMGZmMjg5YjcwMzhjJTNBMiUzQTEmdj0yNC41LjY0ODU&uuid=6cfc7476-bb65-4a1b-854f-0ff289b7038c%3A2%3A1&pii=&in=false HTTP/1.1
Host: sunflowercoastlineprobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sunflowercoastlineprobe.com/api/users?token=L2NhdnRwY2dlOTU_a2V5PTljYTYwMWE5ZjQ3YzczNWRmNzZkNWNhNDZmYTI2YTY2JnN1Ym1ldHJpYz0yMjQwMDEyNQ
Cookie: u_pl=22400125; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjQwMDEyNSwiayI6IjhlZWQwYWYzYmE4ODQzNGIzOTdmZTgyZjU5MTJkNDM0Iiwic2lkIjoibGl2ZWNhbXJpcHMuY29tLGxpdmVjYW1yaXBzLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MjQxODc0OSwicGlkIjo4MTQ2NDAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNhdnRwY2dlOTUiLCJjcGtzIjp7IjI5IjoiNWM0MTA2NzBlNjkwY2U5ZGYwZDlkYzk3NDM1MDM1ODgifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2xpdmVjYW1yaXBzLmNvbS9tb2RlbC80MTc2My9jb255bWVnYW4vMSIsImFyIjpbXX19.xXifbd7twrNdLM-aDjHdC2-O5Ju0IgU3mPMTBPXZdco; uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Wed, 08 May 2024 01:34:49 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://timelyactive.com/b.3qVG0/Pu3VpTvEbQm/VtJkZdDb0q0gO/DGUs0BMLDYY-1lL/TZQd4INbT/QmwiNLj/Yn?clickId=39d27047416f20477a06fce9801d64aa&sId=22400125
Set-Cookie: uid_id2=6cfc7476-bb65-4a1b-854f-0ff289b7038c:2:1; expires=Wed, 15 May 2024 01:34:49 GMT
iprcbb68272cb1b45fd103c6f4a0dd7dad71=4595700; expires=Thu, 09 May 2024 01:34:49 GMT
pdhtkv=true; expires=Thu, 09 May 2024 01:34:49 GMT
uncs=1; expires=Thu, 09 May 2024 01:34:49 GMT
pdhtkv28=true; expires=Thu, 09 May 2024 01:34:49 GMT
uncs28=1; expires=Thu, 09 May 2024 01:34:49 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 080b601b1c973cc65eaf3def5046e0d2
Strict-Transport-Security: max-age=0; includeSubdomains

static2-ma-ht.project1content.com/tour/main.f3e2c2ec.js

64.210.135.117

200 OK

148 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/main.f3e2c2ec.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
148 kB (148385 bytes)
Hash
271512d8a459f850f095cbb1e645d946
ce80c729e0a8cbaa761f98df231b6911dc149266
e18aef46746ed786a1eaee15b45cd4a0d437c13cd55ea26d0d930f2315fb7931

HTTP Headers

GET /tour/main.f3e2c2ec.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 May 2024 18:53:32 GMT
etag: W/"3add0ad35-71c39-617e1b3ce8300"
expires: Mon, 09 Sep 2024 09:56:08 GMT
cache-control: max-age=10765573
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7619-2-54653-h-0-0---;6139-21-32026----0-0-0
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js

64.210.135.117

200 OK

421 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (421), with no line terminators
Size
421 B (421 bytes)
Hash
a94050f26199e41905e348fbc2ad9724
4ad81ca158f6008863628a9dccd0232870a66a05
a97ab9aa6b0d346531f8fab56ba39727ccf80b4101a4b3f09af3eab4d895108d

HTTP Headers

GET /tour/@one/blocks/async/RowBlock.3b6ad7f7.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
content-length: 421
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a953ca06-1a5-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-37767-h-0-0---;6139-23-32026----0-0-1
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js

64.210.135.117

200 OK

435 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (435), with no line terminators
Size
435 B (435 bytes)
Hash
bba82fdfdc2684ce6c44701d57090667
8625624d8247f8c9a94ab6ff74e977e54ee1d083
9116e30438d4725883a76b2efb55417c33529009297515869f1b92dd89d7f602

HTTP Headers

GET /tour/@one/blocks/async/ColumnBlock.8745db90.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
content-length: 435
last-modified: Tue, 12 Mar 2024 14:28:25 GMT
etag: "3aaacc525-1b3-61377788ff440"
expires: Sun, 14 Jul 2024 07:27:02 GMT
cache-control: max-age=10658011
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-6249-3-33043-h-0-0---;6139-25-32026----0-0-1
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/vendors~main.43da72ec.js

64.210.135.117

200 OK

524 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/vendors~main.43da72ec.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (43463)
Size
524 kB (523489 bytes)
Hash
77ab7b1b04cf342b76fa13a486e1e521
3b2b17f398109cb7b1cacdf7bd95595fef7b6cfa
9cfeccb17575f25e5f8a3301e50130d7e5e2135002690b1ce96a6ddb9cea60d1

HTTP Headers

GET /tour/vendors~main.43da72ec.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 May 2024 18:53:32 GMT
etag: W/"3add27cdc-1491c2-617e1b3ce8300"
expires: Mon, 09 Sep 2024 09:56:08 GMT
cache-control: max-age=10765573
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7619-2-54654-h-0-0---;6139-21-32026----0-0-0
X-Firefox-Spdy: h2

app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0

151.101.194.217

200 OK

23 B

URL OPTIONS HTTP/2
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
gzip compressed data
Size
23 B (23 bytes)
Hash
f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f

HTTP Headers

OPTIONS /sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0 HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Referer: https://landing.squirted.com/
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
date: Wed, 08 May 2024 01:34:51 GMT
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: HIT
x-cache-hits: 98
x-timer: S1715132091.189845,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/runtime.9e370972.js

64.210.135.117

200 OK

3.9 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/runtime.9e370972.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.9 kB (3915 bytes)
Hash
b5c818cd4addc0bd47d7b8a8ec15efd8
c6eafe7479fca757db1adda67058d52fac08c82b
26d1876b85886d45e6ae53ece776856f83a062e659e8aabd29037b08606e3380

HTTP Headers

GET /tour/runtime.9e370972.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 May 2024 18:53:32 GMT
etag: W/"3ad17d715-21ca-617e1b3ce8300"
expires: Fri, 06 Sep 2024 23:46:48 GMT
cache-control: max-age=10556214
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7619-3-54690-h-0-0---;6139-21-32026----0-0-0
X-Firefox-Spdy: h2

app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff

151.101.194.217

200 OK

26 B

URL OPTIONS HTTP/2
app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
JSON text data
Size
26 B (26 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /sdk/goals/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
cache-control: max-age=0
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Wed, 08 May 2024 01:34:51 GMT
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: HIT
x-cache-hits: 99
x-timer: S1715132091.227894,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 26
X-Firefox-Spdy: h2

landing.squirted.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js

66.254.114.234

200 OK

33 kB

URL GET HTTP/2
landing.squirted.com/_p1cdn/tour/atlaslib-js.6f2e1c48.js
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerLet's Encrypt
Subjectsquirted.com
FingerprintB1:7E:6D:C8:C5:03:1E:E5:1C:42:F1:CD:40:7C:74:26:BB:CA:F1:AB
ValidityThu, 14 Mar 2024 00:54:38 GMT - Wed, 12 Jun 2024 00:54:37 GMT

File type
gzip compressed data, max speed, from Unix
Size
33 kB (33363 bytes)
Hash
27e6baf0066497dc931a9a77998055fd
2e750c1941aec6c0137cd89c62577cf91df6ad3f
b3923706b921e9ae9ea465db7af2df00ce1ce57f9204ed2b961a5a13eff4238a

HTTP Headers

GET /_p1cdn/tour/atlaslib-js.6f2e1c48.js HTTP/1.1
Host: landing.squirted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE1Mjk5MjAwLCJpZCI6MjI1NzcxLCJicmFuZCI6InNxdWlydGVkIiwiaG9zdG5hbWUiOiJsYW5kaW5nLnNxdWlydGVkLmNvbSJ9.m2HNfARloEWUQjkd0wdK9iG-HtzjQvZYf3YBvfTv9JE; __s=663AD6B9-42FE72EA01BB2566E4-31FD5E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 19 Apr 2024 16:04:23 GMT
etag: W/"3ac93c13f-9d5b-616753dbc4fc0"
expires: Mon, 19 Aug 2024 02:57:09 GMT
cache-control: max-age=10486975
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15011-1-40882-h-0-0---;15026-118-2028240----0-0-1
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/assets/rta.6e25c31d.jpg

64.210.135.117

200 OK

2.1 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/assets/rta.6e25c31d.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 72x36, components 3
Size
2.1 kB (2065 bytes)
Hash
6e25c31d24acd9a948a91b5a1d8abbc4
8284a9b3b4287780e5f3c011e0b7f6ca7b54dd34
38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5

HTTP Headers

GET /tour/assets/rta.6e25c31d.jpg HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/jpeg
content-length: 2065
last-modified: Tue, 23 Jan 2024 22:03:01 GMT
etag: "3a7dc1c83-811-60fa41c1d4f40"
expires: Fri, 31 May 2024 17:24:50 GMT
cache-control: max-age=10690073
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-54592-h-0-0---;6139-29-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/p1/Integration/Corp_Address/Default/PC/corp_pc.png

64.210.135.117

200 OK

12 kB

URL GET HTTP/2
static-landing-assets.project1content.com/p1/Integration/Corp_Address/Default/PC/corp_pc.png
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 1120 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12017 bytes)
Hash
5cbda9703656566001fc4a34a314371e
52cdd8b1bfa196763731ad13fd4860497d041265
7959f5b954ae8b21dadc7b1c0ab61d3bd973f3e1fc516967a18134e13ed76d35

HTTP Headers

GET /p1/Integration/Corp_Address/Default/PC/corp_pc.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/png
content-length: 12017
last-modified: Thu, 31 Aug 2023 19:22:50 GMT
etag: "385cc9a28-2ef1-6043cf843b680"
expires: Sat, 27 Jan 2024 14:33:35 GMT
cache-control: max-age=10602479
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-1-46084-h-0-0---;6139-29-32026----0-0-1
X-Firefox-Spdy: h2

151.101.194.217

200 OK

180 B

URL OPTIONS HTTP/2
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0
IP
151.101.194.217:443
ASN
#54113 FASTLY

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
JSON text data
Size
180 B (180 bytes)
Hash
f49df299358be8bb6965fe98c18d3de8
1db004cb4142b82410913fa0aa8ef4700ed3af0e
1d9765e0ef4d9d7b952a82a0ebbecde9e35d6eff68b7134c2b971779f886540b

HTTP Headers

GET /sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0 HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: max-age=0
etag: "3dbb"
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 May 2024 01:34:51 GMT
via: 1.1 varnish
x-served-by: cache-hel1410033-HEL, cache-hel1410032-HEL
x-cache: HIT
x-cache-hits: 0
x-timer: S1715132092.538297,VS0,VE6
vary: Authorization, Accept-Encoding
age: 0
content-length: 180
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.9e0ed0d5.js

64.210.135.117

200 OK

25 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.9e0ed0d5.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
25 kB (24797 bytes)
Hash
fa11902e92a16843e43fd435f8bcb460
53489444cf18102499687418d84472cde0c9c0ee
f1897d0d434237bc2a793545865531b8c7257ed93db0b9f13d60c7755dd43b97

HTTP Headers

GET /tour/@one/blocks/async/ImageBlock.9e0ed0d5.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 29 Apr 2024 20:40:22 GMT
etag: W/"3ad79779b-1465-6174243245980"
expires: Fri, 30 Aug 2024 23:10:33 GMT
cache-control: max-age=10574437
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-6141-2-14552-h-0-0---;6139-21-32026----0-0-1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

142.250.74.131

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 09:10:08 GMT
expires: Sat, 03 May 2025 09:10:08 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
age: 404683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.131

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 06:08:19 GMT
expires: Sat, 03 May 2025 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 415592
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/header.jpg

64.210.135.117

200 OK

25 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/header.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x925d36e9", progressive, precision 8, 1920x100, components 3
Size
25 kB (24623 bytes)
Hash
5c5c5fc963a6d843a8d9751ab28b3e8e
10e0df1bcfa3706266b7dff7f7288faeb5cab451
426331dc9e15174017c669cd94e95c32e8fb72fc734f3cb521a53e3177288864

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/header.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/jpeg
content-length: 24623
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e56-602f-5d4d748715f80"
expires: Tue, 30 Jan 2024 04:53:04 GMT
cache-control: max-age=10678119
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-44766-h-0-0---;6139-19-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/navbar.jpg

64.210.135.117

200 OK

18 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/navbar.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x40, components 3
Size
18 kB (17649 bytes)
Hash
82f20f370aad32e99e632a64743910f4
455ae5bbe1d752764a5c7518293daaf569d83b2b
5a5570e3db9e60f7dec96c57374c64e671b96ae67fc562be8482bf3771db20e9

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/navbar.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/jpeg
content-length: 17649
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e5d-44f1-5d4d748715f80"
expires: Thu, 15 Aug 2024 05:27:13 GMT
cache-control: max-age=10632180
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-1-32929-h-0-0---;6139-19-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_01.jpg

64.210.135.117

200 OK

46 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0xa0191a5e", progressive, precision 8, 480x430, components 3
Size
46 kB (46115 bytes)
Hash
64571a33f98e4fb0d9bc6f5dcd2e2237
212aa08e714441fccd76ee7de5fae2e741714843
5deacf1b96aa74965edeed3e887204e1280862d60ab0c0003faedbc90763ff33

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/jpeg
content-length: 46115
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e6c-b423-5d4d748715f80"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-54592-h-0-0---;6139-19-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_03.jpg

64.210.135.117

200 OK

65 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_03.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x9e8269c7", progressive, precision 8, 480x430, components 3
Size
65 kB (65277 bytes)
Hash
786e774cb3bb548f90dd347ebeb6b6b3
94115f46e76f0192b75e92a0d7e1f358aaca89fb
40a9d2efd646324f30035c7b441f986cf5e94ad6ef26eb11441317b5594bec52

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 65277
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e5b-fefd-5d4d748715f80"
expires: Tue, 27 Aug 2024 05:01:54 GMT
cache-control: max-age=10678628
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-32995-h-0-0---;6139-17-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_01.jpg

64.210.135.117

200 OK

84 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x6e5027d8", progressive, precision 8, 480x780, components 3
Size
84 kB (83508 bytes)
Hash
a296180857e9fb2fc6a4eb5502016a68
5a31fbb367d6482f8d5b01b3950c62b22ec1901c
680b7a4a238d09397cca98c83abaf30e6065689c29b05510ce676e4e9fe9b1ae

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 83508
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e63-14634-5d4d74852db00"
expires: Fri, 09 Aug 2024 10:17:51 GMT
cache-control: max-age=10501297
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6141-2-14543-h-0-0---;6139-17-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_02.jpg

64.210.135.117

200 OK

53 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x8233590c", progressive, precision 8, 480x430, components 3
Size
53 kB (53308 bytes)
Hash
7351e022dc87706611f5ac45d6f23216
3c8dbe200315f9fae07eda07178b571e50d4b165
268d4b648af8bf6980c2951a9df9234fc813843e7d66fd5198914dabaa9066fb

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C1_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 53308
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e67-d03c-5d4d74852db00"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-44805-h-0-0---;6139-17-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_02.mp4

64.210.135.117

206 Partial Content

1.9 MB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_02.mp4
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
1.9 MB (1896942 bytes)
Hash
79d1788dd05d678c2105b8d77bc7eb50
495ed95255a86da8a56ebef74290a2e7866af2f3
cc7561ed4271bf81763c2189384b444d9ac418683eccdf70bd51b7d949630034

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R1_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 08 May 2024 01:34:52 GMT
content-type: video/mp4
content-length: 1896942
last-modified: Wed, 05 Jan 2022 15:19:43 GMT
etag: "372a42e68-1cf1ee-5d4d74880a1c0"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1896941/1896942
x-cdn-diag: ams5-6140-1-46083-h-0-0---;6139-17-32026----0-0-1
X-Firefox-Spdy: h2

atlas.atsptp.com/guid?app_id=&eventName=&

66.254.114.63

200 OK

128 B

URL GET HTTP/2
atlas.atsptp.com/guid?app_id=&eventName=&
IP
66.254.114.63:443
ASN
#29789 REFLECTED

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint30:7F:5E:D0:8A:E8:9D:0C:94:94:33:75:73:4B:64:64:5D:0A:D4:31
ValiditySat, 13 Apr 2024 23:31:37 GMT - Fri, 12 Jul 2024 23:31:36 GMT

File type
JSON text data
Size
128 B (128 bytes)
Hash
95939ad94b7671c8c0a248428bd05579
309e801379217f5fae50736e2693f00aa9a038e4
200a9507e3df52a7216e1fb09b7a039a3bfb99df77ffaa09e7063533af5b1b57

HTTP Headers

GET /guid?app_id=&eventName=& HTTP/1.1
Host: atlas.atsptp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/json
content-length: 128
set-cookie: eta_guid=f62b3dc8-d1e1-4791-8288-0dff1361c6ba_1715132091;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;Secure;HttpOnly;
sessionid=0c995acf-a520-41d2-9b58-41c443502af1; Path=/; SameSite=None;Secure;HttpOnly;
access-control-allow-origin: https://landing.squirted.com
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_01.jpg

64.210.135.117

200 OK

74 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x950315ca", progressive, precision 8, 480x430, components 3
Size
74 kB (73502 bytes)
Hash
a1bc4ca2ab53dfd033fe637e26528f24
8a98193e8bd468899e352bda20846454b75d1ab1
ed9ebe94daef438523c707b859e72bfce11256f3c663bb8b053d790be8f5cb9d

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 73502
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e60-11f1e-5d4d74852db00"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-37767-h-0-0---;6139-19-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_02.jpg

64.210.135.117

200 OK

77 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x5b9bbf48", progressive, precision 8, 480x780, components 3
Size
77 kB (76741 bytes)
Hash
7221a1d7f6257a044c10910fbc9a6763
0f3da1abe14ed2cbd3dc71efacb4cca897536df0
4ece7368dd87a8cab454c2b81b1b2367d3f2976d9aabbb55734393c6415aa5a3

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C2_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 76741
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e4e-12bc5-5d4d74852db00"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-54582-h-0-0---;6139-21-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_01.jpg

64.210.135.117

200 OK

120 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x4069beb3", progressive, precision 8, 480x780, components 3
Size
120 kB (119989 bytes)
Hash
9585a0a84c8ced77cf1721cf47f4e028
da6a8ba863c18d5010be82a7d36792a0eb882c52
77b8765120582dc1f08796df9e09309e6283d172e982549f11bb7811e28b8208

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 119989
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e4d-1d4b5-5d4d74852db00"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-1-37648-h-0-0---;6139-23-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_02.jpg

64.210.135.117

200 OK

51 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0xa8ab7c5e", progressive, precision 8, 480x430, components 3
Size
51 kB (51021 bytes)
Hash
49bf9750025039d43dca4d98fda2e179
1fd013d0623a5e71d1a4eadf76295711301a31fb
2b0daaebc141e2d9e0aed3dba86d05b9f90f88d5b474209962c60ad4a93dc1ed

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C3_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 51021
last-modified: Wed, 05 Jan 2022 15:19:40 GMT
etag: "372a42e4c-c74d-5d4d74852db00"
expires: Sat, 03 Aug 2024 12:59:19 GMT
cache-control: max-age=10616127
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-33013-h-0-0---;6139-23-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_01.jpg

64.210.135.117

200 OK

61 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x43410a00", progressive, precision 8, 480x430, components 3
Size
61 kB (60736 bytes)
Hash
a06f51b3dcf73d21c32a2814e7aeae9c
8264b09a310c79c27b831682c716227c4c0ca06a
3c0d141cce3d619b136d16c53f25f7be627ba78acc65dc459a72137a7d8cd5ef

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 60736
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e6f-ed40-5d4d748621d40"
expires: Sat, 03 Aug 2024 12:59:19 GMT
cache-control: max-age=10616127
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-33013-h-0-0---;6139-18-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_02.jpg

64.210.135.117

200 OK

70 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x0d9a3bc4", progressive, precision 8, 480x780, components 3
Size
70 kB (69639 bytes)
Hash
cc8c2fc615d169b80bfab6d92dad2e8f
8f29f67c9b43579bc3427564c9af543b9fa31b13
245ac4f11c518fa2dde88caef8c017b89612b9c6ad1eba1fd2136dcbc56294cc

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C4_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 69639
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e5e-11007-5d4d748621d40"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-54592-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_01.jpg

64.210.135.117

200 OK

65 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x9e8269c7", progressive, precision 8, 480x430, components 3
Size
65 kB (65277 bytes)
Hash
8c7e05607f3b3104c5ac7693778d91c4
4a4abb18871874d75fa08ef33c1a3dca109d4013
0d7e43b612d4b8daf58a9ec52b3e2c144bd55d9755420385d0c3818d53397091

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 65277
last-modified: Wed, 05 Jan 2022 15:19:43 GMT
etag: "372a42e59-fefd-5d4d74880a1c0"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-54693-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_03.jpg

64.210.135.117

200 OK

40 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_03.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x0d9a3bc4", progressive, precision 8, 480x430, components 3
Size
40 kB (39955 bytes)
Hash
fb906de00890a77f050d0d0a47ae2ccd
066f20a1c324d80278edff210ca53d600df9bdea
3cea28bf071f59580429de9db5c2099bc756f1c137de0b4f359adf0cae787637

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 39955
last-modified: Wed, 05 Jan 2022 15:19:43 GMT
etag: "372a42e6b-9c13-5d4d74880a1c0"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-1-46083-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_01.jpg

64.210.135.117

200 OK

87 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x7638c910", progressive, precision 8, 480x780, components 3
Size
87 kB (86879 bytes)
Hash
142aa65b79713e81712aa67c6ef19366
a843715f7d6b0323a3110c48b8f67cd23b9e725d
7cfb189336a14198fe61317f1e15afd0e1a65eb650f8e43e93810b9832c7393d

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 86879
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e61-1535f-5d4d748621d40"
expires: Tue, 27 Aug 2024 22:32:05 GMT
cache-control: max-age=10741613
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-1-32928-h-0-0---;6139-20-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_02.jpg

64.210.135.117

200 OK

58 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x0d9a3bc4", progressive, precision 8, 480x430, components 3
Size
58 kB (58244 bytes)
Hash
318496cafdf85d40f8ad20e6f252044e
2a5365666534c37f03b55b143ac3a4df865117ca
e58adfc2be214f64db51002818093a869e69a3d6314c82b6f575f52c8128ff9c

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C5_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 58244
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e69-e384-5d4d748621d40"
expires: Sun, 25 Aug 2024 18:49:53 GMT
cache-control: max-age=10555474
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-33013-h-0-0---;6139-20-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_01.jpg

64.210.135.117

200 OK

58 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x181a7abf", progressive, precision 8, 480x430, components 3
Size
58 kB (58519 bytes)
Hash
82e17a859b12338536d87ff65d19ed88
a3788d1a11269d74e67c58016a2f541e5b775422
04b2127a81ddb85a3bd2f4e4bbb0a63460cc5a8e918a61a039856bc62f11ced9

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 58519
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e6e-e497-5d4d748621d40"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-3-46187-h-0-0---;6139-20-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_02.jpg

64.210.135.117

200 OK

90 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0xb2a823c4", progressive, precision 8, 480x780, components 3
Size
90 kB (89967 bytes)
Hash
853aad3c376e9bb7d199b6ab5f37a1eb
65fbb871e70e4c79019114bd946731baaa711d45
9c6d9ff783b847741c3a41b86d407b2cac6bb7167bbea4831e71e185463a5d28

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C6_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 89967
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e65-15f6f-5d4d748621d40"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-2-37712-h-0-0---;6139-20-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_01.jpg

64.210.135.117

200 OK

86 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x950315ca", progressive, precision 8, 480x780, components 3
Size
86 kB (86025 bytes)
Hash
4c43b9b03b8245c44d89b726bdfa6de3
a33f63497a5a33587bdfa84ade074719edf7a8dd
8e2d21505d767b0ed988290964beac48dccd95ec3eda2e0223d4f48fb4ee7e76

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 86025
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e6d-15009-5d4d748621d40"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-2-46149-h-0-0---;6139-20-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_02.jpg

64.210.135.117

200 OK

65 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x9e8269c7", progressive, precision 8, 480x430, components 3
Size
65 kB (65277 bytes)
Hash
47b6ecc837afa04452d6b6ca4a41ac55
4adb70d0f70a832cbf02342a03db123376447a3f
0a2a93c494a0633451e02dd3a6de92ef09ec6700536bc085a8f0f9f51d7e6619

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C7_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 65277
last-modified: Wed, 05 Jan 2022 15:19:41 GMT
etag: "372a42e5a-fefd-5d4d748621d40"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-2-54652-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_01.jpg

64.210.135.117

200 OK

51 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0x9b40c591", progressive, precision 8, 480x430, components 3
Size
51 kB (51075 bytes)
Hash
5ce8041723b09f3e4dc5c6e2c9876e92
9a9858cb71ad07cbcf6f1d7d252e1384c3b9ac21
8db7d49c8fc07fa4a121ab611d7f7d2f36e2f69604aa45ff62ebaba0b1f59eb0

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 51075
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e5c-c783-5d4d748715f80"
expires: Mon, 29 Jan 2024 01:14:29 GMT
cache-control: max-age=10578603
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-44698-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_02.jpg

64.210.135.117

200 OK

135 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_02.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0xa74567c8", progressive, precision 8, 480x780, components 3
Size
135 kB (135385 bytes)
Hash
be52754ba3f9e028836c86b4445fc426
1d3eef4a7b7e831e8a62e31ff64ebad2defa646c
35be1ee2232ba227d3cd4252571b91db7e20ab9bc76cde5d095834fe15ee46b1

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/C8_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 135385
last-modified: Wed, 05 Jan 2022 15:19:42 GMT
etag: "372a42e57-210d9-5d4d748715f80"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-44807-h-0-0---;6139-19-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_01.jpg

64.210.135.117

200 OK

44 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_01.jpg
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], comment: "Optimized by JPEGmini 3.15.0.81154240 0xf0ba3b48", progressive, precision 8, 480x430, components 3
Size
44 kB (43975 bytes)
Hash
5949475d42e9782ee6cb1028178f2b37
b0ff294b0eec231dd866f4af7232c8444debea4e
fe49a81cd4a0b2667a689b1c6f396490553aa9b310d0f3da5f4a1607435217b1

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:52 GMT
content-type: image/jpeg
content-length: 43975
last-modified: Wed, 05 Jan 2022 15:19:44 GMT
etag: "372a42e62-abc7-5d4d7488fe400"
expires: Sun, 28 Jan 2024 09:01:07 GMT
cache-control: max-age=10587557
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-2-46148-h-0-0---;6139-19-32026----0-0-1
X-Firefox-Spdy: h2

ocsp.e2m02.amazontrust.com/

143.204.53.97

279 B

URL
ocsp.e2m02.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
279 B (279 bytes)
Hash
461c5f145ff9d9bd60b863b983ec4734
fda89b79b32b4a6acc8a477af80d791abf8fc4e6
dfa4e3ceee269b59eff05a537909568c1f226ae1281349e9efc11d0fdb41577b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 01:34:52 GMT
Last-Modified: Wed, 08 May 2024 00:03:03 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qbqg70xf-moEWuYdc7UeY_5ASB1w0gE9ASiTGG5HWNKzonBGWNzLww==
Age: 5509

ocsp.e2m02.amazontrust.com/

143.204.53.97

279 B

URL
ocsp.e2m02.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
279 B (279 bytes)
Hash
461c5f145ff9d9bd60b863b983ec4734
fda89b79b32b4a6acc8a477af80d791abf8fc4e6
dfa4e3ceee269b59eff05a537909568c1f226ae1281349e9efc11d0fdb41577b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 01:34:52 GMT
Last-Modified: Wed, 08 May 2024 00:06:54 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MBMolqK1EiV7UBf5Gba4_1AdwWLbaCHfhuTDaZa5SAYO1Mt_-0RFaQ==
Age: 5281

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_02.mp4

64.210.135.117

206 Partial Content

1.9 MB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_02.mp4
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
1.9 MB (1934305 bytes)
Hash
d0c271ae8b347d9d60611cbd571d97a2
cce6fb4dd72a0e78cdea9d4f2ec80fdbb36faf7a
1fc6c1f4badcb51ce9a78e181871df21c077fb1f18fce9837de96df695fb23ba

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R2_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Wed, 08 May 2024 01:34:52 GMT
content-type: video/mp4
content-length: 1934305
last-modified: Wed, 05 Jan 2022 15:19:44 GMT
etag: "372a42e64-1d83e1-5d4d7488fe400"
expires: Wed, 28 Aug 2024 06:38:31 GMT
cache-control: max-age=10770807
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1934304/1934305
x-cdn-diag: ams5-6249-3-33052-h-0-0---;6139-18-32026----0-0-0
X-Firefox-Spdy: h2

events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

34.233.157.61

204 No Content

0 B

URL OPTIONS HTTP/2
events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
IP
34.233.157.61:443
ASN
#14618 AMAZON-AES

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerAmazon
Subjectevents.launchdarkly.com
FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF
ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events/diagnostic/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Referer: https://landing.squirted.com/
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Wed, 08 May 2024 01:34:52 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

34.233.157.61

204 No Content

0 B

URL OPTIONS HTTP/2
events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
IP
34.233.157.61:443
ASN
#14618 AMAZON-AES

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerAmazon
Subjectevents.launchdarkly.com
FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF
ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events/diagnostic/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Content-Length: 794
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 202 Accepted
date: Wed, 08 May 2024 01:34:53 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

images-assets-ht.project1content.com/Squirted/Logo/5e3c5221edc020.81700580.png

64.210.135.117

200 OK

1.8 kB

URL GET HTTP/2
images-assets-ht.project1content.com/Squirted/Logo/5e3c5221edc020.81700580.png
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1799 bytes)
Hash
08fb6033d344d3b244a973580ea0a4c3
24949cb8017daf66911c5c1a97f33db6753661a2
4e976c63e3eb95d200b8eac7924196f086ef689d7eaea9f3136df27d3030ce8c

HTTP Headers

GET /Squirted/Logo/5e3c5221edc020.81700580.png HTTP/1.1
Host: images-assets-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:53 GMT
content-type: image/png
content-length: 1799
last-modified: Thu, 06 Feb 2020 17:51:29 GMT
etag: "372181534-707-59debec300a40"
expires: Sat, 27 Jan 2024 21:27:10 GMT
cache-control: max-age=10543878
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-54690-h-0-0---;6139-23-32026----0-0-1
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

142.250.74.131

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22376, version 1.0
Size
22 kB (22376 bytes)
Hash
e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

HTTP Headers

GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:06:28 GMT
expires: Fri, 02 May 2025 02:06:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
age: 516503
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/assets/probiller.5f27a427.png

64.210.135.117

200 OK

8.5 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/assets/probiller.5f27a427.png
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 170 x 43, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8497 bytes)
Hash
5f27a427e3542a7170d713e12763ed5e
c57ffdec39259bec85aa633529df86c8e25638ae
ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483

HTTP Headers

GET /tour/assets/probiller.5f27a427.png HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: image/png
content-length: 8497
last-modified: Tue, 23 Jan 2024 22:03:01 GMT
etag: "3a75bac57-2131-60fa41c1d4f40"
expires: Fri, 31 May 2024 23:00:31 GMT
cache-control: max-age=10641991
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-44807-h-0-0---;6139-29-32026----0-0-1
X-Firefox-Spdy: h2

clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0

0.0.0.0

0 B

URL GET
clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0
IP
0.0.0.0:0
ASN
#0

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerAmazon
Subjectclientstream.launchdarkly.com
FingerprintF2:89:08:7D:7F:36:9E:23:89:08:EA:54:96:96:6A:28:5F:54:7A:8D
ValidityWed, 09 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozNjEsImluc3RhbmNlSWQiOjIyNTc3MSwiaXNEZXYiOmZhbHNlLCJpc0ludGVybmFsVXNlciI6ZmFsc2UsInJvb3RFbnYiOiJwcm9kIiwic2l0ZUlkIjoyMzMyfX0 HTTP/1.1
Host: clientstream.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/event-stream
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: text/event-stream; charset=utf-8
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: no-cache, no-store, must-revalidate
ld-region: eu-west-1
strict-transport-security: max-age=31536000; includeSubDomains
x-content-length: 877
X-Firefox-Spdy: h2

landing.squirted.com/_p1cdn/tour/vortex.modern.min.js

66.254.114.234

200 OK

38 kB

URL GET HTTP/2
landing.squirted.com/_p1cdn/tour/vortex.modern.min.js
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerLet's Encrypt
Subjectsquirted.com
FingerprintB1:7E:6D:C8:C5:03:1E:E5:1C:42:F1:CD:40:7C:74:26:BB:CA:F1:AB
ValidityThu, 14 Mar 2024 00:54:38 GMT - Wed, 12 Jun 2024 00:54:37 GMT

File type
JavaScript source, ASCII text
Size
38 kB (38115 bytes)
Hash
06031ae29667c65eb61158093cd96589
1b2eb0f574ed2a8147515b01dbcfa1d59b15aa87
27c67af023f2e2441f9e51f334267c1cab79c99d1f957e82992de8a62b0bd9f3

HTTP Headers

GET /_p1cdn/tour/vortex.modern.min.js HTTP/1.1
Host: landing.squirted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE1Mjk5MjAwLCJpZCI6MjI1NzcxLCJicmFuZCI6InNxdWlydGVkIiwiaG9zdG5hbWUiOiJsYW5kaW5nLnNxdWlydGVkLmNvbSJ9.m2HNfARloEWUQjkd0wdK9iG-HtzjQvZYf3YBvfTv9JE; __s=663AD6B9-42FE72EA01BB2566E4-31FD5E
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 08 Feb 2024 21:05:55 GMT
etag: W/"3a8c4c948-94e3-610e52d5eb2c0"
expires: Sat, 15 Jun 2024 11:16:34 GMT
cache-control: max-age=10694520
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15026-1-2033864-h-0-0---;15010-124-1338----0-0-0
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4

64.210.135.117

206 Partial Content

219 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
data
Size
219 kB (219157 bytes)
Hash
3fadf8898fd4080d7ac6e1a9a65ccd7b
812479fb25b1b34c838cade4d4c548f4a2135532
836cea3a713bdbc86177265ffbb607e1204abb3ae1ed5dea6aab459742bc28f2

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=786432-
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Wed, 08 May 2024 01:34:52 GMT
content-type: video/mp4
content-length: 1223213
last-modified: Wed, 05 Jan 2022 15:19:45 GMT
etag: "372a42e4f-1eaa2d-5d4d7489f2640"
expires: Sat, 24 Aug 2024 11:43:52 GMT
cache-control: max-age=10441334
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 786432-2009644/2009645
x-cdn-diag: ams5-6141-2-14534-h-0-0---;6139-24-32026----0-0-0
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.39e014d8.js

64.210.135.117

200 OK

3.4 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.39e014d8.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3536), with no line terminators
Size
3.4 kB (3387 bytes)
Hash
7ec41e84d51e84bfa299eaf61a640a6e
2537a9d5347aca428662c0600d82ef588f03eaa1
625d89a9dcb4ec66c6ae211ec182ae6742e8bd6598c68179eea10f7020146924

HTTP Headers

GET /tour/@one/blocks/async/FooterBlock.39e014d8.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 29 Apr 2024 20:40:22 GMT
etag: W/"3ad5bbc71-d3b-6174243245980"
expires: Fri, 30 Aug 2024 23:10:33 GMT
cache-control: max-age=10574437
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-6140-1-46085-h-0-0---;6139-23-32026----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4

64.210.135.117

206 Partial Content

786 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
786 kB (786432 bytes)
Hash
9959ad2eeb964d8450cabc86ca84cdfe
bc00ff6eeb539e5577ce7289fc47d87366103969
8d7b46b0e1a84844dcbe94df6ef257c6d81d160dcb1e9bca3ece27493e802ab4

HTTP Headers

GET /P1TGP/Squirted/Affiliates/Fallback/Default/PC/TGP12/R3_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Wed, 08 May 2024 01:34:52 GMT
content-type: video/mp4
content-length: 2009645
last-modified: Wed, 05 Jan 2022 15:19:45 GMT
etag: "372a42e4f-1eaa2d-5d4d7489f2640"
expires: Sat, 24 Aug 2024 11:43:52 GMT
cache-control: max-age=10441334
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-2009644/2009645
x-cdn-diag: ams5-6141-2-14543-h-0-0---;6139-19-32026----0-0-1
X-Firefox-Spdy: h2

landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU

66.254.114.234

200 OK

196 kB

URL User Request GET HTTP/2
landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Certificate
IssuerLet's Encrypt
Subjectsquirted.com
FingerprintB1:7E:6D:C8:C5:03:1E:E5:1C:42:F1:CD:40:7C:74:26:BB:CA:F1:AB
ValidityThu, 14 Mar 2024 00:54:38 GMT - Wed, 12 Jun 2024 00:54:37 GMT

File type

Size
196 kB (196326 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU HTTP/1.1
Host: landing.squirted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Wed, 08 May 2024 01:34:50 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2B957F0DC8121552F9E514BB96A2F6634FDF3DE67F9BF5DA4CD767409200
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: 4044901
x_ats_page_type: HOME
x_ats_instance_id: 225771
x_ats_instance_type: tour
etag: W/"2fee6-Dx+YzsnSyKVu7yhsaam574okuaE"
content-encoding: br
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE1Mjk5MjAwLCJpZCI6MjI1NzcxLCJicmFuZCI6InNxdWlydGVkIiwiaG9zdG5hbWUiOiJsYW5kaW5nLnNxdWlydGVkLmNvbSJ9.m2HNfARloEWUQjkd0wdK9iG-HtzjQvZYf3YBvfTv9JE; Max-Age=86400; Path=/; Expires=Thu, 09 May 2024 01:34:49 GMT
__s=663AD6B9-42FE72EA01BB2566E4-31FD5E;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

atlas.atsptp.com/events?app_id=10303&eventName=TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C

66.254.114.63

200 OK

128 B

URL GET HTTP/2
atlas.atsptp.com/events?app_id=10303&eventName=TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C
IP
66.254.114.63:443
ASN
#29789 REFLECTED

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint30:7F:5E:D0:8A:E8:9D:0C:94:94:33:75:73:4B:64:64:5D:0A:D4:31
ValiditySat, 13 Apr 2024 23:31:37 GMT - Fri, 12 Jul 2024 23:31:36 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
2fe98a4f2bd2d35008acb5f95afa23b9
920a4ed0869e8b31aeb321247a85a2099daa7e98
71b781c00c20c3a81515df879b6b69cf889b8435fbc3c1afaa3db9b9eb787d60

HTTP Headers

GET /events?app_id=10303&eventName=TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C HTTP/1.1
Host: atlas.atsptp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/json
set-cookie: eta_guid=74e6133e-f550-4e74-a756-f77099fc6b84_1715132091;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;Secure;HttpOnly;
sessionid=4a8a11c2-5346-4e2e-988f-887d49caf8dd; Path=/; SameSite=None;Secure;HttpOnly;
access-control-allow-origin: https://landing.squirted.com
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
x-eta-guid: 74e6133e-f550-4e74-a756-f77099fc6b84
x-eta-sessionid: 4a8a11c2-5346-4e2e-988f-887d49caf8dd
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Sans:400,700

142.250.74.106

200 OK

802 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Droid+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (818), with no line terminators
Size
802 B (802 bytes)
Hash
bca91bbc2743e50ceae52c54a7c5665a
99ffec546f5963c56cb898f6609a9f8ae4edaca4
644a4a68c82188fc10feb8438e750bda879e97cf82c2799022768704d306409c

HTTP Headers

GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 01:34:51 GMT
date: Wed, 08 May 2024 01:34:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js

64.210.135.117

200 OK

232 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js
IP
64.210.135.117:443
ASN
#30361 SWIFTWILL2

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
232 B (232 bytes)
Hash
8024cd3a34127e153b1b5f10d63f5794
28b7def503b61d056d177fcaa8fa367fd58f6acb
cf9192a3bd5fb382f1daaf8cce777bf05edaecf2d097472d10f1009f2a5430bb

HTTP Headers

GET /tour/@one/blocks/async/ContainerBlock.877c97af.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/javascript
content-length: 232
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a99970fe-e8-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-44766-h-0-0---;6139-19-32026----0-0-0
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:400
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2218), with no line terminators
Size
2.2 kB (2162 bytes)
Hash
807b0cff287eb02fda9eb3a87e2746a5
34a0af77abd82f106052590a0e624b2803a6572d
35c288796da2ba3b90a7a7ef7e75a5e7eb55cad381d227beda8c5e400a04caff

HTTP Headers

GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 01:34:51 GMT
date: Wed, 08 May 2024 01:34:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

atlas.atsptp.com/events?app_id=10303&eventName=UNIQUE_TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=UNIQUE_TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C

66.254.114.63

200 OK

128 B

URL GET HTTP/2
atlas.atsptp.com/events?app_id=10303&eventName=UNIQUE_TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=UNIQUE_TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C
IP
66.254.114.63:443
ASN
#29789 REFLECTED

Requested by
https://landing.squirted.com/?ats=eyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0=&apb=miy9c7bpjyfifrnx2bp3&atc=7D573GP8MK-jM0IDMxAjMU
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint30:7F:5E:D0:8A:E8:9D:0C:94:94:33:75:73:4B:64:64:5D:0A:D4:31
ValiditySat, 13 Apr 2024 23:31:37 GMT - Fri, 12 Jul 2024 23:31:36 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
c0bfc0b9c6b7e363ff400f69cdbbaa0f
688bd88ad37a88a2e60453af18a98ec74ef3e119
7a03807721e3e7e29e02d69f387f4f02c8318efa9b724905e604943aff6c44d1

HTTP Headers

GET /events?app_id=10303&eventName=UNIQUE_TRACK&saffCode=eyJhIjozMjQ2NDIsIm4iOjgxLCJzIjo2MDcsImUiOjk2OTUsInAiOjExLCJjbiI6IjdENTczR1A4TUstak0wSURNeEFqTVUifQ%3D%3D&saffCodeType=ats&saffDomain=projectone.com&snetworkCode=SQ&sconversionType=UNIQUE_TRACK&sconvertingPage=https%3A%2F%2Flanding.squirted.com%2F%3Fats%3DeyJhIjozMjQ2NDIsImMiOjU5MzgzNTQ1LCJuIjo4MSwicyI6NjA3LCJlIjo5Njk1LCJwIjoxMX0%3D%26apb%3Dmiy9c7bpjyfifrnx2bp3%26atc%3D7D573GP8MK-jM0IDMxAjMU&suserAgent=Mozilla%2F5.0+(X11%3B+Linux+x86_64%3B+rv%3A96.0)+Gecko%2F20100101+Firefox%2F96.0&nvalue=1&nab=0&ssku=Null&ninstanceId=225771&npageId=4044901&nadId=0&spostbackParams=miy9c7bpjyfifrnx2bp3&sreferralDomain=http%3A%2F%2Forganic%2F&sreferralPath=http%3A%2F%2Forganic%2F&satlasJsVersion=1.7.7&_sscreen=1280+x+1024&_sbrowser=Firefox&_sbrowserVersion=96.0&_bmobile=false&_sos=Linux&_sosVersion=-&_bcookies=true&_sflashVersion=no+check&_slanguages=en-US%2Cen&_splugins=PDF+Viewer%2CChrome+PDF+Viewer%2CChromium+PDF+Viewer%2CMicrosoft+Edge+PDF+Viewer%2CWebKit+built-in+PDF&_errors%5B%5D=100&_errors%5B%5D=%2C HTTP/1.1
Host: atlas.atsptp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://landing.squirted.com
DNT: 1
Connection: keep-alive
Referer: https://landing.squirted.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 01:34:51 GMT
content-type: application/json
set-cookie: eta_guid=695376f4-5904-4e29-99f7-5468b47824f0_1715132091;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;Secure;HttpOnly;
sessionid=9bc4b08d-0707-42c7-9cf4-bfa023391c86; Path=/; SameSite=None;Secure;HttpOnly;
access-control-allow-origin: https://landing.squirted.com
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
x-eta-guid: 695376f4-5904-4e29-99f7-5468b47824f0
x-eta-sessionid: 9bc4b08d-0707-42c7-9cf4-bfa023391c86
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML