v2.trckguardlnk.com/click
3.66.74.238301 Moved Permanently 134 B URL HTTP/1.1 v2.trckguardlnk.com/click
IP 3.66.74.238:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /click HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 22 Nov 2022 11:01:27 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://v2.trckguardlnk.com:443/click
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5685
Expires: Tue, 22 Nov 2022 12:36:12 GMT
Date: Tue, 22 Nov 2022 11:01:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4843de3bf95411e6aa89834def44bb86
1f1882351ac63fba73a22014382f69df5e02ec96
1e6ed1df02f8fa6c89ddca66f7c9981f8a06127d7ec90b503703137e823bb4b7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3038
Cache-Control: max-age=87628
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:27 GMT
Etag: "637b5375-1d7"
Expires: Wed, 23 Nov 2022 11:21:55 GMT
Last-Modified: Mon, 21 Nov 2022 10:31:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3455
Expires: Tue, 22 Nov 2022 11:59:02 GMT
Date: Tue, 22 Nov 2022 11:01:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 22 Nov 2022 10:09:22 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3125
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dmYQqmiV1dbupfs1D6UdLo/jJBVn3m4DQJOBo6Fu8l647qv2vNaDcInMJW5Vh2sKmplbzmt8mj4=
x-amz-request-id: TTBRD9VHZ2J82FPG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 22 Nov 2022 11:00:25 GMT
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
age: 62
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 22 Nov 2022 11:01:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash e00ede23280e78380f8a6f48d0c1327b
41de8db6db736fc6e024d4f218e26e1ea450acab
ffc08a4ee98848448f4ce34e8adc9044e664ae407d85f049919a9ec0905a3d43
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87347
Date: Tue, 22 Nov 2022 11:01:27 GMT
Etag: "637b4c57-1d7"
Expires: Wed, 23 Nov 2022 11:17:14 GMT
Last-Modified: Mon, 21 Nov 2022 10:00:55 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 83JoeqIPOg3L1WwY_fpr_rEtxrOhEQtBYtbFRHgpyBNi1sESQp1cUQ==
Age: 4579
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 22 Nov 2022 10:08:53 GMT
cache-control: public,max-age=3600
age: 3155
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 23874ff3690a90d96bfcf36b2a9c892e
79eeb37b42d5a4eede83a6631eaf3388c4ef4583
208a712d15b98cf1f0e336c16b12a2209606dfb417d044c6903729aa79cb0563
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 22 Nov 2022 11:01:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 21 Nov 2022 22:07:28 GMT
Expires: Mon, 28 Nov 2022 22:07:27 GMT
Etag: "79eeb37b42d5a4eede83a6631eaf3388c4ef4583"
Cache-Control: max-age=604047,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76e12ad2f9b3b4fd-OSL
v2.trckguardlnk.com/click
3.66.74.238302 Found 122 B URL HTTP/2 v2.trckguardlnk.com/click
IP 3.66.74.238:0
File type HTML document, ASCII text
Hash a4831d7d9380149c3bbc34241b11391b
c2210051e94b8ecbb505fc27f547023bbeee958c
738cf62be97bc3afea96f82bac6c0f38230da838275b5ae8fc47dd5292dca4fe
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /click HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 22 Nov 2022 11:01:28 GMT
content-type: text/html; charset=UTF-8
location: https://onaie.rdtk.io/611bd83d03d75600017974c8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4789
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:28 GMT
Last-Modified: Tue, 22 Nov 2022 09:41:39 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash e00ede23280e78380f8a6f48d0c1327b
41de8db6db736fc6e024d4f218e26e1ea450acab
ffc08a4ee98848448f4ce34e8adc9044e664ae407d85f049919a9ec0905a3d43
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88033
Date: Tue, 22 Nov 2022 11:01:28 GMT
Etag: "637b4c57-1d7"
Expires: Wed, 23 Nov 2022 11:28:41 GMT
Last-Modified: Mon, 21 Nov 2022 10:00:55 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UK_w6Hf4ZRUL29k0Y9L9FVCcHqFJ2SOmmFC8i7eNuA7rNLfCrKjQhA==
Age: 5267
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CXlVBdcE/Bvgt8E9kqoROA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0HFD7OVGtjj+ZZun2OY3MnMz/nI=
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash eef5b6d0f045e15db7f6c8694c1c6bdd
b2ae1f64877fee3707ce9802cc4233f48a2ad9a9
2b0abdc7267d1e8043cb1f18cf93ec24b8b83be760ef77c9f3f0880aa83b852c
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 11:01:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:22:26 GMT
Expires: Tue, 22 Nov 2022 20:22:26 GMT
ETag: "b2ae1f64877fee3707ce9802cc4233f48a2ad9a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
go.trm-tracklnk.com/favicon.ico
18.194.62.185200 OK 318 B URL HTTP/2 go.trm-tracklnk.com/favicon.ico
IP 18.194.62.185:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash a976d227e5d1dcf62f5f7e623211dd1b
a2a9dc1abdd3d888484678663928cb024c359ee6
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271
GET /favicon.ico HTTP/1.1
Host: go.trm-tracklnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6f3a770e5af1fd4cadc5f004b81e1040=unique; U-88f0bf2899c595146bff13b20342eb6a=unique; o_88f0bf2899c595146bff13b20342eb6a=4d3c1e1f-e0be-4e58-b280-f37b110f54ce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 11:01:29 GMT
content-type: image/x-icon
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2
www.tmb5trk.com/25WL5RG/BQK1ZL/?uid=4282&sub1=72f0ff99803b8b76d104d7f9abf2a6d4&sub2=14&sub3={sub3}
34.98.69.69302 Found 101 B URL HTTP/2 www.tmb5trk.com/25WL5RG/BQK1ZL/?uid=4282&sub1=72f0ff99803b8b76d104d7f9abf2a6d4&sub2=14&sub3={sub3}
IP 34.98.69.69:0
File type HTML document, ASCII text
Hash 50257f466335b6d32c042eea47d363c2
50639a5e51e1cf3c905ef5f80d2734037a6b180f
6bb0a738cb67f5c8067beb9a3b60058356d148dfa16788b2e36dab676ea10049
GET /25WL5RG/BQK1ZL/?uid=4282&sub1=72f0ff99803b8b76d104d7f9abf2a6d4&sub2=14&sub3={sub3} HTTP/1.1
Host: www.tmb5trk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 22 Nov 2022 11:01:29 GMT
content-type: text/html; charset=utf-8
content-length: 101
location: https://flingpals.com/landing8?transaction_id=1c005ce2badd45c38a57aecb3e94c3e2
set-cookie: uniqueClick_BQK1ZL=f5ad6775-e16f-451c-91ed-27ed7e90d736:1669114889; Path=/; Expires=Wed, 23 Nov 2022 11:01:29 GMT; Secure; SameSite=None
transaction_id=1c005ce2badd45c38a57aecb3e94c3e2; Path=/; Expires=Mon, 20 Feb 2023 11:01:29 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 82605638-0ee5-4d44-88bf-de3cfe0caa3b
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash eef5b6d0f045e15db7f6c8694c1c6bdd
b2ae1f64877fee3707ce9802cc4233f48a2ad9a9
2b0abdc7267d1e8043cb1f18cf93ec24b8b83be760ef77c9f3f0880aa83b852c
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 22 Nov 2022 11:01:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 21 Nov 2022 20:22:26 GMT
Expires: Tue, 22 Nov 2022 20:22:26 GMT
ETag: "b2ae1f64877fee3707ce9802cc4233f48a2ad9a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 804755c7e438531c9ba2e781947e1640
7a93c31638ee89a561bac2174482a5d12aa62d63
aa6f123fed093048bd006bf5a0ea0a7b310d735436af0ca07a06574f2026ba9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA6F123FED093048BD006BF5A0EA0A7B310D735436AF0CA07A06574F2026BA9B"
Last-Modified: Sun, 20 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Tue, 22 Nov 2022 12:14:35 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 528d729159d8b08ed1fe05472dc65ce4
b7d570a7a095e127fd408b8272b93a52c5038b46
d6404764bcc3f2e7c4462b6b31fbc0e315c9cbf51b7424194c2bc6f4a21a33de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8365a642-a490-4221-8f9f-867864b12d62.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9862
x-amzn-requestid: 02281c2f-2a42-4891-97af-8d21a4cd0d2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrJEdYIAMFijQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee47-7c96415239d22bfc219f53f6;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nyT50MW4_CxOyrrPcWgPokRPAoPOH1M21Py4zB5DGlVuFRbk7sr0oQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:37 GMT
age: 46792
etag: "b7d570a7a095e127fd408b8272b93a52c5038b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ccd43a87165914b33d3d0abf4daac17
495bc194d9cf043cad38e9aab650a3e74a542c68
3e95928493b984c636a5fa77b22c29b3245ba4bba7d730a8545145b17a5986f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4db9b106-0a0e-4fae-92b6-a8812d365210.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8075
x-amzn-requestid: 5d8d5076-abee-484e-98e6-e2f8641133e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IqUGXnIAMF4gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee41-3c973b4d2d40cbaa2c5df221;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: T0RMlGqGin5SFk8QxAiY8UwJEGnkwtuJLKqnTMrx8h7qJbI5MeQ11g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 21:48:15 GMT
age: 47594
etag: "495bc194d9cf043cad38e9aab650a3e74a542c68"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 04:39:13 GMT
age: 22936
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dafd9e17dc0023e71ae513c6025e4b80
12e2654db1f384bb04f5c5042848b25dda86b710
e9c885a102dc811648cec4ac292db63564e81a48d7a3611cb31fba73b37286dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c73cec7-245a-480e-8dfe-cc11a12b2656.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4639
x-amzn-requestid: 8a93fa29-158b-4402-aac4-85ad29a74ae1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-I6oELooAMFWFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637beeaa-5a85509b26d9aeef7ae59b4c;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:33:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Z_LKFsiB_s81UenxBOVg9_qX_7vBHUZix7XF8YguDCytRn5opLkLRA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:01:10 GMT
age: 46819
etag: "12e2654db1f384bb04f5c5042848b25dda86b710"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ed6b76d15fc8d6295acdb6fb47461d3
b8c928f93a8d82b48491448d811a95ad99dc6aef
de326836a9de677438b9ae724198e94348b0900c62817ff10de3677ce93fdae0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe35a8d1-e974-48d4-a8b7-1add4aa5d251.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8685
x-amzn-requestid: 66455cc7-83d7-4570-99f9-5fa838da947f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrAHwKoAMFUHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee46-354d65e9609bc05647556a5a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -9tZPsMl7i5hr0N1rwJdQBLiOImuEO12RDL0pcPNjf6t-LkRbPaN2A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 21 Nov 2022 22:02:46 GMT
etag: "b8c928f93a8d82b48491448d811a95ad99dc6aef"
content-type: image/jpeg
age: 46723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f3fad7453f45dfa617243c8beac64e1
56414a905340e1b1478a0a40a52b25365a724524
7befcfbedac5652eb04bc675b67f7b642631d4e918f7aaee17b0b594e26854d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9029340f-28c3-4004-9012-9a24977dfd45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6031
x-amzn-requestid: f59b04c5-4955-4847-9a7f-d9d53b47ca52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b3cV0GC-oAMF5hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637940f1-0425b3cf6a4650b60936feba;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 20:47:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: StZ9dxgY8W0WwUUqsxyeISFnbm_WGGcm_AMuo9dzfhF9Yp7wM0TMMg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 08:17:57 GMT
age: 9812
etag: "56414a905340e1b1478a0a40a52b25365a724524"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8b3495d3e7c1b526a50853fa0e07bd2
021c1de3785f49acccf30dad73100bc8e97a6298
c23c3f5afcbf1091ed6637bb82e6fdc850d50196652ac57f522c19b18c278355
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C23C3F5AFCBF1091ED6637BB82E6FDC850D50196652AC57F522C19B18C278355"
Last-Modified: Tue, 22 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Tue, 22 Nov 2022 17:00:50 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8b3495d3e7c1b526a50853fa0e07bd2
021c1de3785f49acccf30dad73100bc8e97a6298
c23c3f5afcbf1091ed6637bb82e6fdc850d50196652ac57f522c19b18c278355
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C23C3F5AFCBF1091ED6637BB82E6FDC850D50196652AC57F522C19B18C278355"
Last-Modified: Tue, 22 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21561
Expires: Tue, 22 Nov 2022 17:00:50 GMT
Date: Tue, 22 Nov 2022 11:01:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 32 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash ef5af757f1ce8e9dd80a039d35f64eaf
b578a0a087f15422f79bc8e5953ecd0cad396364
bc0d61c5bf07eaab388a6d5d4d55065201fc5531a26bb1ff68fd244001963b9b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 3.9 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash bf19e8a4f97a2af7ef48582979e1099b
8e26f40a97dcbb03b07197a79c756efd95972086
682217da79f124030a065677d501955453510eaa40ea89547ef02c8d2428ee6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 7.4 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 4764edbe5b990305b59294ea9f1ab49f
8e7928e056c01197a19de6b91790af9b91baef88
dbcc2c55ceacff0ca671a4d836011e8da3927526cea18ff1c80e273c058d1a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4245
Cache-Control: max-age=94566
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:29 GMT
Etag: "637b69da-117"
Expires: Wed, 23 Nov 2022 13:17:35 GMT
Last-Modified: Mon, 21 Nov 2022 12:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
maps.googleapis.com/maps/api/js?key=AIzaSyBHPsW-6NkYf2aFFhxjWmVh6sy2y3Hi_FA&libraries=places&callback=initAutocomplete&language=en
216.58.211.10200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBHPsW-6NkYf2aFFhxjWmVh6sy2y3Hi_FA&libraries=places&callback=initAutocomplete&language=en
IP 216.58.211.10:0
File type ASCII text, with very long lines (2441)
Hash 4a6bb140e9e92184f5dd6ad4d83e1dfb
d94c903bbba758ac4575fa6c54d5273417424c23
cba6ea2a7c872efb0307f3a0ef17e0e275f3189fc33a674adc93a2e5ab6f647a
GET /maps/api/js?key=AIzaSyBHPsW-6NkYf2aFFhxjWmVh6sy2y3Hi_FA&libraries=places&callback=initAutocomplete&language=en HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 11:01:29 GMT
expires: Tue, 22 Nov 2022 11:31:29 GMT
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55565
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 43 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 07631077275b88a746a834b9522c4341
bf60baa715b3b0e0719f1d56423e46dcd06aef93
bb1bd73aad03e6e9ea5a44b4b1940a0b54e275769f9a7304fad0402ae6517ea8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4246
Cache-Control: max-age=94566
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Etag: "637b69da-117"
Expires: Wed, 23 Nov 2022 13:17:36 GMT
Last-Modified: Mon, 21 Nov 2022 12:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.trm-tracklnk.com/click?a=14&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO&o=4492
18.194.62.185200 OK 64 kB URL HTTP/2 go.trm-tracklnk.com/click?a=14&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO&o=4492
IP 18.194.62.185:0
Hash 653a27bc274e606f6ce71a7e9f81fca8
39749bcd8b762d9610da255083846507bf29e6b4
18df70d4cc52c42872195c3ca9ae7cd34fda3f8250ee483df912e003f93b1022
GET /click?a=14&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO&o=4492 HTTP/1.1
Host: go.trm-tracklnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6f3a770e5af1fd4cadc5f004b81e1040=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 22 Nov 2022 11:01:29 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-88f0bf2899c595146bff13b20342eb6a=unique; expires=Thu, 22-Dec-2022 11:01:29 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_88f0bf2899c595146bff13b20342eb6a=4d3c1e1f-e0be-4e58-b280-f37b110f54ce; expires=Tue, 29-Nov-2022 11:01:29 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KL7VLD4
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KL7VLD4
IP 142.250.74.168:0
File type ASCII text, with very long lines (4288)
Hash 59b144e15607bd1ad3347596f3d7ae1e
611aa6b9ab9b901eac848477b528afd381befddd
f2689d93609118b3c85f8ac93307822b7f3676fc0d8ea24fe0ad9d50a8af02bf
GET /gtm.js?id=GTM-KL7VLD4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 22 Nov 2022 11:01:30 GMT
expires: Tue, 22 Nov 2022 11:01:30 GMT
cache-control: private, max-age=900
last-modified: Tue, 22 Nov 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flingpals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:53:49 GMT
expires: Thu, 16 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 490061
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/frederickathegreat/v15/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--Sjxbc.woff2
216.58.207.195200 OK 203 kB URL HTTP/2 fonts.gstatic.com/s/frederickathegreat/v15/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--Sjxbc.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 203144, version 1.0\012- data
Size 203 kB (203144 bytes)
Hash 2e423ceed8ba7a985ce9d2a30885ca77
b63c7a759b247e1606d303c42a363fc7cff9656b
1375ac69dc481d77cd150b7c72029c4e6383c5bd9751ca5b55993b0cccae2eb4
GET /s/frederickathegreat/v15/9Bt33CxNwt7aOctW2xjbCstzwVKsIBVV--Sjxbc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://flingpals.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 203144
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 01:34:55 GMT
expires: Sat, 18 Nov 2023 01:34:55 GMT
cache-control: public, max-age=31536000
age: 379595
last-modified: Thu, 21 Apr 2022 16:24:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flingpals.com/landing8?transaction_id=1c005ce2badd45c38a57aecb3e94c3e2
104.21.15.215200 OK 28 kB URL HTTP/2 flingpals.com/landing8?transaction_id=1c005ce2badd45c38a57aecb3e94c3e2
IP 104.21.15.215:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6196)
Hash cc5d77d37bf31e4b1c9aa8c02bbf7a34
0b68dc933d84a7211c0271ad8ae66f1bac91d86d
ba9eec7d8ec044aae839af270157633c1fd0f05196498e2540062a8b2f4becdb
GET /landing8?transaction_id=1c005ce2badd45c38a57aecb3e94c3e2 HTTP/1.1
Host: flingpals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 11:01:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, private
cf-cache-status: DYNAMIC
set-cookie: XSRF-TOKEN=eyJpdiI6Ilc2ZnZvcTNSV0R2MDlkdjJEamE4WFE9PSIsInZhbHVlIjoiSU5SZWNsVE43c2plTkgyV2hHRHdGeHVuTUw2QTljaVZiNzBNZGtNMS9RUUNtellLRVVmVWpMaUZvR1MreUJCUnJTWmRETE1HVGU5dVhxRFFvU2lOcmdOTFVIT2tqc0pqWWUrbllXTDl0cTRhNlE3aGNoTzE5bTFaaXhsUjd5N3UiLCJtYWMiOiI0ZGNjYjU3OTIwZDFlODlkYTc5ZmYwNTkxZjdmZmMzNTI1ZDI5MDE0MDllMDk5Y2NiMjBjZjU2NTY4ODMzZTA5IiwidGFnIjoiIn0%3D; expires=Sun, 21-Nov-2027 11:01:29 GMT; Max-Age=157680000; path=/
flingpals_session=eyJpdiI6IjY3a0hoSFdjcm4rTnNJdEh1TU5JV3c9PSIsInZhbHVlIjoiTmhucnFRZzR3c3RrRDhETFp5Mm1ncjJYY2R2VWowR1A5ZWhyd0VGVXZvYWRXeEJpTG8wc3kvL0dodkkwTVd5dFlUdWNtRGZINkQ0elhtRXFzVjJqaDh6SVlHTXBOcDhTckNCejAzUGwrL2prQlZhMFY1RFF3Y1c1N0F6MG1Jdm4iLCJtYWMiOiJjYmQxZWE4OWY0ODkwMDdjZTQxYTAxNjUxZDEyZTQ2NDc0MTkxZDIzMjM4ZTRlNzQ1NjFlODVjMTllMWM2NGE2IiwidGFnIjoiIn0%3D; expires=Sun, 21-Nov-2027 11:01:29 GMT; Max-Age=157680000; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tv5gUx8Oa3VQmw0xN%2Fa6M%2B57V%2Bl2Vj9sj0HWcA7jcnBdTqb%2FahK5%2B50squVeFcSyP3HtSQjCoPHhJV97%2FwE86uEcvKGNNkO1JWc4yNpkTeR69GHQBNeMGUdZbgWBkeZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e12adcdba0b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 585eab785e44953b9e6d7c389024ff3e
57582825e9a285177f38cd2fa868ad3a8eab85d1
f1c62af1e27c8510576adcb62b28be35f290d2ee71e873f7000c194980522e80
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Fredericka+the+Great%7CRaleway:700%7CRoboto:400,700
142.250.74.10200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Fredericka+the+Great%7CRaleway:700%7CRoboto:400,700
IP 142.250.74.10:0
Hash e5e8b720dd58fe60a599351c553948e4
30c30584c999555a7db57570472ada2a7edb689e
6cd5ad3c88481b743474e2466af20b9b45b51e2ec44dc1f9f37b9215aaed3e06
GET /css?family=Fredericka+the+Great%7CRaleway:700%7CRoboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 22 Nov 2022 11:01:29 GMT
date: Tue, 22 Nov 2022 11:01:29 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ed3ae8e878b9c8c9c5fc3ab22d8547d6
e4d08dc74fa84a3bcc9d442e225e8f7a6c124822
e135b6fb23500cb2edbf836719ed450cdb6b1e86b7c8491289cb4e1ccbd9ce84
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
142.250.74.163200 OK 1.6 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
IP 142.250.74.163:0
File type PNG image data, 120 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash f28a13545ca7be5cd9ea31bdd9ea7f8e
f4f45a59720b9d637b1e7e0ed5783ee84887287f
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
GET /mapfiles/api-3/images/powered-by-google-on-white3.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 1616
date: Tue, 22 Nov 2022 11:01:30 GMT
expires: Tue, 22 Nov 2022 11:01:30 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
142.250.74.163200 OK 3.4 kB URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
IP 142.250.74.163:0
File type PNG image data, 34 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e9dd969ceb057a228067a1c539127f9
fb2da26959858054157960bb7f8e6c145648eaac
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
GET /mapfiles/api-3/images/autocomplete-icons.png HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 3351
date: Tue, 22 Nov 2022 11:01:30 GMT
expires: Tue, 22 Nov 2022 11:01:30 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 22 Nov 2022 10:41:09 GMT
expires: Tue, 22 Nov 2022 12:41:09 GMT
cache-control: public, max-age=7200
age: 1221
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 461760f30678f8aa3ad801eb88dc59d9
7b3c33ec99c429ad19918895014e309ca947f31a
fe8c62f7c90fa17a3d286b4abc0c8d7aa338d26aa4724d0d5dbaaab7b889b382
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=0A0ACFB601D76FE203D4DDD200806E9A; domain=.bing.com; expires=Sun, 17-Dec-2023 11:01:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDD1729E38CE410599F3CFAF42E43798 Ref B: OSL30EDGE0317 Ref C: 2022-11-22T11:01:30Z
date: Tue, 22 Nov 2022 11:01:29 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/482689595/?random=1669114890232&cv=11&fst=1669114890232&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&auid=1150035999.1669114890&rfmt=3&fmt=4
142.250.74.66200 OK 891 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/482689595/?random=1669114890232&cv=11&fst=1669114890232&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&auid=1150035999.1669114890&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1871), with no line terminators
Hash 7dd9db8471bc77419f2c1b37c66f8887
3c8e2afc09dbfc30ebac21c047c287223cfbaba8
9d2d62b9496f6143692a3531450c16b9aab6eee22c1e528f52f62f12e0c13d25
GET /pagead/viewthroughconversion/482689595/?random=1669114890232&cv=11&fst=1669114890232&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&auid=1150035999.1669114890&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:01:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 891
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Nov-2022 11:16:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.55241fd65a1af5a1837b.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.55241fd65a1af5a1837b.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 5f82b1a8e62b6a241154cb066c4d1ad8
942982f722f180cb3eac787f0f5edb1f3927696a
36a9999c741ee16ea1337a713b13a62f7e368a437ebe9581c487d42b7c7fe50b
GET /modules.55241fd65a1af5a1837b.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68617
date: Thu, 17 Nov 2022 11:06:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "5f82b1a8e62b6a241154cb066c4d1ad8"
last-modified: Thu, 17 Nov 2022 11:05:52 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WyoLi8smW2Rijn7ZjOTq5vLxAlyZmxRD06_mv2tDQ2ilZ607i3B_7A==
age: 431724
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fab2cb3bd48a955d89176110d75459e4
8e642591b32f0095b8302d23b2aa3d4849352c56
71e3ae0dd72335874bd1e42e216d72a6185fb21786e55efbf3012ee0094692a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-c6ca1c87e308a39aabb76b56ba54398b.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash b6d25d1350d6a014d80689f389e76f97
a957e3d99790759f71a4d9e2fdaf819f60e8c569
fb2a1528b99d3eb4c9374642b5045efaf6e06666fdd48a55560a375449b01079
GET /box-c6ca1c87e308a39aabb76b56ba54398b.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Fri, 04 Nov 2022 12:22:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "b6d25d1350d6a014d80689f389e76f97"
last-modified: Fri, 04 Nov 2022 12:21:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o8N6KLrTha_p8irYs7KvmUdhmW9aLVvw38X8Knd97IwgMTbMklTvwA==
age: 1550364
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:01:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/482689595/?random=1669114890232&cv=11&fst=1669114800000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fflingpals.com%2Flanding8%3Ftransaction_id%3D1c005ce2badd45c38a57aecb3e94c3e2&tiba=FlingPals&fmt=3&is_vtc=1&random=1493888240&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 22 Nov 2022 11:01:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/25145504.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/25145504.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/25145504.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=38D79CF675AC68F81C7F8E9274FB6945; domain=.bing.com; expires=Sun, 17-Dec-2023 11:01:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E978030FF574637913CE858D6C1BC32 Ref B: OSL30EDGE0317 Ref C: 2022-11-22T11:01:30Z
date: Tue, 22 Nov 2022 11:01:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dc18476a17e787dc0700f3ee8dc99bcf
4db3ef7edb2683d8141280b9dd780ce4375e3c0f
4082538731e62eb96bd62690e973875ef9e3048432a3a849d7bedd37872b79ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86906400-26&cid=31548764.1669114890&jid=311158396&gjid=1954630192&_gid=1425054299.1669114890&_u=YEBAAEAAAAAAACAAI~&z=553147036
142.251.1.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86906400-26&cid=31548764.1669114890&jid=311158396&gjid=1954630192&_gid=1425054299.1669114890&_u=YEBAAEAAAAAAACAAI~&z=553147036
IP 142.251.1.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-86906400-26&cid=31548764.1669114890&jid=311158396&gjid=1954630192&_gid=1425054299.1669114890&_u=YEBAAEAAAAAAACAAI~&z=553147036 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://flingpals.com
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://flingpals.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 22 Nov 2022 11:01:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9ef11a2d1e232b4b45e40ff0c29fa8b0
0966963f13e3b149e3e3c8c2c81e7986d1d8a07b
9ce8b9ab5f1dfdc0686d1660ed64c6eff5cc3d1492d82aa769ac58e3a159dd1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 22 Nov 2022 11:01:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vc.hotjar.io/sessions/2098680?s=0.25&r=0.02593947230919924
54.230.111.8204 No Content 0 B URL HTTP/2 vc.hotjar.io/sessions/2098680?s=0.25&r=0.02593947230919924
IP 54.230.111.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sessions/2098680?s=0.25&r=0.02593947230919924 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://flingpals.com
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 22 Nov 2022 11:01:30 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -35pFvjMHp-IjTWsgcQ7xE7EGncqVqZsoQc_ZY1YT5VAG3tAjq87Rw==
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2098680.js?sv=7
143.204.55.54200 OK 47 kB URL HTTP/2 static.hotjar.com/c/hotjar-2098680.js?sv=7
IP 143.204.55.54:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (614)
Hash 2535eafdf62a5d3d74f2e73219e40228
cdcddd673a638d413e1cf29bd36a26b157d313d1
36ae50ecb01e0453436bb7d9679168b4fad1116a8ff22d4259923e9eab5806e6
GET /c/hotjar-2098680.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 22 Nov 2022 11:01:30 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/2d6b9421625488d4260016e1852eba91
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FOUyAWlAJ47qM3Svo_iyvduBkXOt9azsEEcWLIUo369LxrpRpzpPxw==
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.13.0/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.13.0/css/all.css
IP 172.64.132.15:0
GET /releases/v5.13.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flingpals.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 22 Nov 2022 11:01:29 GMT
content-type: text/css
x-amz-id-2: Uf0XlYCz7Clm9D6oQjonuREcw5hy38GFHoqaxpCH71tWng9+IOD/oUF+GkYXXBayLgGEEJ5y5bQ=
x-amz-request-id: BJWZ43SG4HERPHVF
last-modified: Wed, 30 Jun 2021 15:38:38 GMT
etag: W/"76cb46c10b6c0293433b371bae2414b2"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2296222
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FqMxnLUTdUyhl1uOqAiiEgdOLaPUMUcin334fSH4IfLuBBU4i6ThDsjGwgjA6yYaezrFiQJ57%2Bko%2FAeAbI5PpZ9KBfVSYDUmuHNtLWqxOKT68f2Onci8PIat%2FcgOQkW0hoCQ7hK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e12ade686788b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.trm-tracklnk.com/click?a=14&s=8&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO
18.194.62.185302 Found 0 B URL HTTP/2 go.trm-tracklnk.com/click?a=14&s=8&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO
IP 18.194.62.185:0
GET /click?a=14&s=8&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO HTTP/1.1
Host: go.trm-tracklnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 22 Nov 2022 11:01:28 GMT
content-type: text/html; charset=UTF-8
location: https://go.trm-tracklnk.com/click?a=14&sub_id1=637cac08d1bf3c00011b97c9&sub_id3=2YO&o=4492
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6f3a770e5af1fd4cadc5f004b81e1040=unique; expires=Thu, 22-Dec-2022 11:01:28 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2