Report - a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=Beauty120s,&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&Target=Email&affsource=Beauty120s,&bo=2753,2754,2755,2756

Report Overview

Submitted URL
a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=Beauty120s,&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&Target=Email&affsource=Beauty120s,&bo=2753,2754,2755,2756
IP
18.192.108.151
ASN
#16509 AMAZON-02
Submitted
2023-01-28 14:17:53
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
a.vfgtf.com	unknown	2020-02-06T08:47:32Z	2023-03-13T06:26:49Z	858 B	1.0 kB	18.192.108.151
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	395 B	78 kB	142.250.74.168
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	750 B	458 B	216.239.32.36
a.vfgtg.com	279695	2020-10-09T14:43:03Z	2023-03-10T05:18:20Z	525 B	948 B	18.192.108.151
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.155.77.83
www.ntr4x.com	unknown	2020-02-24T17:36:01Z	2023-03-10T13:00:08Z	574 B	2.2 kB	52.212.63.104
www.xn--vtedrmmer-52a7s.com	unknown	2020-11-10T16:52:01Z	2023-03-09T10:57:41Z	2.7 kB	52 kB	54.230.111.66
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	686 B	1.4 kB	142.250.74.131
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
s.sloffer1.com	unknown	2022-03-23T08:52:34Z	2023-03-13T05:42:13Z	2.3 kB	4.7 kB	3.218.135.42
zzotrack.com	470411	2021-01-12T07:31:38Z	2023-03-13T06:42:54Z	582 B	901 B	18.184.38.55
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	48 kB	34.120.237.76
media.xn--vtedrmmer-52a7s.com	unknown	2021-02-24T13:41:44Z	2023-03-09T10:57:42Z	5.8 kB	670 kB	54.230.111.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
a.vfgtc.com	unknown	2019-09-27T14:31:23Z	2023-03-13T05:42:00Z	1.7 kB	2.0 kB	18.192.108.151
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	676 B	1.5 kB	23.36.76.226
tracking.t0r4.com	unknown	2022-05-18T22:26:48Z	2023-03-10T06:58:27Z	576 B	999 B	172.67.190.127
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	1.8 kB	4.5 kB	54.230.245.118

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-28 14:17:46	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.xn--vtedrmmer-52a7s.com/lp/lp2	27 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 02caf34b7fca4b024541d3eda5298f6f 7b1a634b0c2cdda07816012f54d9b6e71ad52617 f5099ea6d725322450a99e12157cc73fbb1124412a13829f9cc77a8b51ea4c56 Loading...

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7825	124 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7825 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 7c30cc5b8d4d77bbf157492394e54334 002c4cff4f2bffb5e5242f9ed96ddc065f3197f9 3e563415edb9228a8aaf1d90757762ca9406b0d73c544bbb1f5ae2ea3d59a67f Loading...

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7825	1.5 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7825 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash bc543a1964dc1e607103b069492122d3 2d9eb85249f431c91e45f913559b629a7077a491 8eadedc31df40d3cb3bf8884be6019c7b162c771aacb527d1fa6d439c6ff7190 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	186 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen23 Hash 7a5a3c253fb8c0109d401d2a12282f69 03af452f7952d33c9b33de0b60c5228faa845918 1fddad8a6e43ab09d0f93c476f2c471f38a3f7caac143c55c796bb067f3f8ec1 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	1.3 kB	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:00:35 Last Seen2023-03-26 04:31:23 Times Seen7 Hash 71481389f236eeb454e573eef7976ef6 1014e7253341acbcdedba690df735342cba2a901 2714dda1b8c550ad99b21374a3e1d1eaf0e233f5fae7e1a9817675ccb21905cb Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	123 B	2023-03-08	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-08-06 06:43:54 Times Seen27 Hash af597a259741a5bcca3e0455a9f75043 f9ddc0c4be7a54147cab433df839bcd68faf099d ab9368d8ee07df0c6b127f9a7b7d2e7a80cfd590cb5d3c63adcdb0ee96c76562 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	220 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash 20a943567cdc62cc1d2c90810094471d 706f4a3f2947e24a865790fca833c86f907bfe80 5793384b26fd765c81ae3a2ae92d9dd598f57b963d0f76531abb0585d8e10242 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	211 B	2023-03-12	2023-05-21
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen17 Hash 68c2046c1838da555f9324367c6abaf7 a85fabf0943051d754f533497136eda298df85c1 02a1bfcb1da314cb3d780a031f401940761375fb8a2318980f1070cd84fc70f6 Loading...

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7825	273 kB	2023-03-12	2023-06-26
Pretty URL media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7825 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen16 Hash 2fceca9c9c3a844bebbd26dabfb3ab88 8d701f2ba8caa71d80c86d91cfec71feddb519fe 04d1d1916ce115057f37990dc90a883df8d6ad4a0164e4328e7e93b0b3779766 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	119 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash b89ad792871f95eec4ecf1d78003a741 8c8b8b70e32a8ab4be57cf714955c4245f7496b0 d081cefdde20725fc6244726e7fbb808c9d4c8ba15fa35142b5c7f1442f17ded Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	539 B	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:00:35 Last Seen2023-03-26 04:31:23 Times Seen7 Hash a08676f66b7df62b9ffe0285a1a2afc5 a4fc21492b5590f563198f59b5f6f0d534381067 7f2c4faf91066a580c456985543683253c0536c19e5cebe04cd183de9b5ccc24 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	1.1 kB	2023-03-12	2023-03-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-03-26 04:31:23 Times Seen16 Hash 3cf802570312177563e6e605b3da30ff db089637f08db256643c16e5dc26ffe67a66e8c1 e9bf205f3934c182dc6b07c2177ea594674d1422ad271b8d497bb38d3fb77e45 Loading...

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:50:15 Last Seen2023-03-13 09:50:15 Times Seen1 Hash dcc739b9b23adf5df84bf37944276d14 b7b603e5dd3f1ab2821d3a9f452eb5e3cc5322fa b57e690d896677cc9bd301f2c35dc2cdf5340be46e099d297abc2edcdaab0af2 Loading...

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7825	852 kB	2023-03-12	2023-05-21
Pretty URL media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7825 IP 54.230.111.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-05-21 17:23:12 Times Seen19 Hash 5ccd56010145fbf60deadcc15088a84a cf4c53164caa8db2a4cf04c0dab1f07769ca4ffa 3b7f647519c927e4b45563a990b749544903607daf1f703ebc39f6f66d190207 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	897 B	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash a8c2afcd07eaab8c73baa0970701607c e3977b16e5bc014a13619c133695f5ca71325a48 347a88053808fd1b963a4f0d51bdb251fe5d8f39a3f4dd322e0077544fb28ffc Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	2.5 kB	2023-03-08	2023-09-23
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:25:57 Last Seen2023-09-23 13:25:43 Times Seen24 Hash 8a3075a7a7a13fda2fb4449130d1c28e 2213eb26e4febab7ff3ae870f691ed6441e506f0 8686cd0c3d5909495cf9881688031d69c1dccc307807dfad4730e7ee1f256c56 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	153 B	2023-03-12	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-06-26 20:36:00 Times Seen18 Hash a626e19587a0e8b7771a6e4e8b99a5c2 68e4b1996fe44a89bd0697055ab12c2717148d18 630decdccd2c4f9d7ea6962ef81da9024ceb80eb06647d1a26408a64e18e73f5 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	242 B	2023-03-10	2023-06-26
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 15:52:11 Last Seen2023-06-26 20:36:00 Times Seen20 Hash 5907ecd44b1b7b34becc76db32ad778a d37f3639231322f7a1c4110266383b2469835ca1 113ef47ca0bb39409c7971531c25e7276183fe1bf1e2fa62727f8d74d7b72d58 Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	365 B	2023-03-12	2023-08-06
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 06:55:08 Last Seen2023-08-06 06:43:54 Times Seen17 Hash 43d2bd45e416c5d6f06bfbbd740e789c 0b302783e23f14680d765d059ceacd657ff6c6a4 1ae5465b40522dd929c79e57679588f5a864e88506b37dc9bc5561625283b93d Loading...

	www.xn--vtedrmmer-52a7s.com/lp/lp2	2.2 kB	2023-03-13	2023-03-13
Pretty URL www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:50:15 Last Seen2023-03-13 09:50:15 Times Seen1 Hash 0c576617056ba4f747a870419a6b4e2e 65b045a0ce1725db17a43f9d0bb5d4fc5b3e067b 981fc1542d854e9102a72008905c32ddb9963055ab471a28104a4ec94750262e Loading...

		Size	First Seen	Last Seen
	#1 Write - 9c6d421d65ea127b09a2d05a1d3232a1	133 B	2023-03-07	2024-03-08
Pretty Observations First Seen2023-03-07 01:03:02 Last Seen2024-03-08 19:28:03 Times Seen73 Hash 9c6d421d65ea127b09a2d05a1d3232a1 cec9cdbc38e5bd9a83e9db038342e650e22af326 41836613083ad8b4578d6fd56c1a0ceab44924d3739f40cc935d11daf2279fb5 Loading...

HTTP Transactions (56)

	URL	IP	Response	Size
	a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=Beauty120s,&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&Target=Email&affsource=Beauty120s,&bo=2753,2754,2755,2756	18.192.108.151	302	0 B
URL HTTP/1.1 a.vfgtg.com/bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=Beauty120s,&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&Target=Email&affsource=Beauty120s,&bo=2753,2754,2755,2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /bb7e836a-79d2-4d6a-adaf-2b9ae2547988?subID1=Beauty120s,&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&Target=Email&affsource=Beauty120s,&bo=2753,2754,2755,2756 HTTP/1.1 Host: a.vfgtg.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 HTTP/1.1 302 Server: nginx Date: Sat, 28 Jan 2023 14:17:41 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: https://a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=Beauty120s%2C&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&target=&Site=&Bnr=ALGO&cid=w50d84q9137dom7mi50dsl9g&affsource=Beauty120s%2C&source=55609_Beauty120s%2C Pragma: no-cache Set-Cookie: bb7e836a-79d2-4d6a-adaf-2b9ae2547988-v4=e7YBA_BI7NiOc0gI5loszR8HPKkNmc4UIQJlkD0Sw0Y; Max-Age=86400; Expires=Sun, 29-Jan-2023 14:17:41 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly cc-v4=WyV9XYz%2BUhm52eHDtDoyt%2FCdpbMPj0L75gYk8nLcy3UtQly1WcYtN3wTg7dViFVCywGxROd4lRhcVSla3%2BXiXLB5GYnWpSEIAS1Qj%2B3RhvPqoIEWht2PcAGoFqghNVB%2FjgtnPf5fOhaM4uOhsB9KIA%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 14:17:41 GMT; Domain=a.vfgtg.com; Path=/; HttpOnly

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2405562765b49b2782ebd2e2994851d5 be7ac8e558f7875bb1fb86ab5ec674424a5ff269 422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E" Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=11784 Expires: Sat, 28 Jan 2023 17:34:06 GMT Date: Sat, 28 Jan 2023 14:17:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a2104f935c638b4767ca5ae0d738ef23 85c6af15af749be0ceeae6de17c36925b750f166 5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8367 Expires: Sat, 28 Jan 2023 16:37:09 GMT Date: Sat, 28 Jan 2023 14:17:42 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash dcd75ca6daca51c5e39d431468511793 07f76d3bf23d65c9110d810fa71a994e39e085d3 73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 28 Jan 2023 13:43:05 GMT content-type: application/json age: 2077 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 69f73ac59327cd9ad7d99816ccfcc03e c54844f82dbee0d5ee4c8ce344eb0139373e6c6b e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3" Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5872 Expires: Sat, 28 Jan 2023 15:55:34 GMT Date: Sat, 28 Jan 2023 14:17:42 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash 7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK x-amz-id-2: SlPMqLIMryWAkuFi3c6RvBDqSVgqnF0C7tFgOIxJgsDXnqskkcId/s9bRTP/4eHS7YaN12EgDVA= x-amz-request-id: Q7XQF9QM1KWS3XMH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 28 Jan 2023 13:20:59 GMT age: 3403 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2`

	a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=Beauty120s%2C&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&target=&Site=&Bnr=ALGO&cid=w50d84q9137dom7mi50dsl9g&affsource=Beauty120s%2C&source=55609_Beauty120s%2C	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=Beauty120s%2C&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&target=&Site=&Bnr=ALGO&cid=w50d84q9137dom7mi50dsl9g&affsource=Beauty120s%2C&source=55609_Beauty120s%2C IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=Beauty120s%2C&affiliateID=75077&source=10206802496572fa102877bbce550d&subID2=55609&target=&Site=&Bnr=ALGO&cid=w50d84q9137dom7mi50dsl9g&affsource=Beauty120s%2C&source=55609_Beauty120s%2C HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 28 Jan 2023 14:17:42 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub=Beauty120s%2C&aff_sub2=55609&aff_sub3=w6kcn5rogl3gtm7midkknj5g&aff_click_id=10206802496572fa102877bbce550d&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_Beauty120s%2C pragma: no-cache set-cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=8_fVDczchB84iOpzRaxA_0U_b59GNHVlPHi7H0XkpuM; Max-Age=86400; Expires=Sun, 29-Jan-2023 14:17:42 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=4yf5wVCTLslmuvejk%2F9qx0Fp0MC0jPHLQHwCs56vutrWshVZw%2Bq8UIh6XrBs2aFaaQr0OnpiCSUtN5KACOGUm3dPbpmTnJw1CasvYtvHQHAzUgJveSvzYOmegutR7EkdpBMDsh9GrNRjaXGXs9inLg%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 14:17:42 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Sat, 28 Jan 2023 14:17:42 GMT content-type: application/json content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 29814bfbbb2aebcf1ad66146241ffae0 97bc3ab72803111c86575ffe1455173cc4f81f0c c7e601e25729da43b32300924c7a62f652599ef3864def6800096d870b6309cc HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C7E601E25729DA43B32300924C7A62F652599EF3864DEF6800096D870B6309CC" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10377 Expires: Sat, 28 Jan 2023 17:10:39 GMT Date: Sat, 28 Jan 2023 14:17:42 GMT Connection: keep-alive`

	s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub=Beauty120s%2C&aff_sub2=55609&aff_sub3=w6kcn5rogl3gtm7midkknj5g&aff_click_id=10206802496572fa102877bbce550d&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_Beauty120s%2C	3.218.135.42	303 See Other	1.0 kB
URL HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub=Beauty120s%2C&aff_sub2=55609&aff_sub3=w6kcn5rogl3gtm7midkknj5g&aff_click_id=10206802496572fa102877bbce550d&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_Beauty120s%2C IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (1042), with no line terminators Size 1.0 kB (1042 bytes) Hash 174bb04448f6abccb44dbf66062c6a12 4fff064c68e2b4e500958be8dd7007de998a7736 a5e7b919f455b912a43b1bea4c3790f21bde1713403ad46ff09f41ad69b6cf72 HTTP Headers GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub=Beauty120s%2C&aff_sub2=55609&aff_sub3=w6kcn5rogl3gtm7midkknj5g&aff_click_id=10206802496572fa102877bbce550d&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_Beauty120s%2C HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 303 See Other server: nginx/1.19.0 date: Sat, 28 Jan 2023 14:17:42 GMT content-type: text/html; charset=utf-8 content-length: 1042 location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=44542&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&s2=1027e440bd46763f981c10cd2e38b2&s3=Beauty120s%2C%3B55609_Beauty120s%2C&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=Beauty120s%2C&affsource=Beauty120s%2C&aff_click_id=1027e440bd46763f981c10cd2e38b2&affsource=55609_Beauty120s%2C&bo=2753%2C2754%2C2755%2C2756 set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Sun, 29 Jan 2023 14:17:42 GMT; Secure enc_aff_session_3785=ENC03588cb62ed5c7c90698343d7b19edb3e619fbbe93752c476f4732e15f2c016292409aa75db5c4ca7c63dafdf4e36090d368d4e8a013391df62bf3d86b12b357b1a79d98b1f12455acce84b6f8f3a86745415c6d0eca7b4ce7c08da4909c5f18c22124cffdadef61a20f7fd264d3aab3ef447aaeccf75ef8939da22dc9a9f9d439f39c055baeb0ab4b7472bb1ef62a403fd6a8985631eb7bfde230418d3983ab7b09df8da429f5268a19270cc119f090707c5775c2df5b0b8d2443353107a39f05370177cd; Path=/; Expires=Mon, 27 Jan 2025 14:17:42 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 23 Dec 2025 00:57:42 GMT; Secure tracking_id: 1027e440bd46763f981c10cd2e38b2 vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 28 Jan 2023 13:41:40 GMT age: 2162 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=44542&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&s2=1027e440bd46763f981c10cd2e38b2&s3=Beauty120s%2C%3B55609_Beauty120s%2C&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=Beauty120s%2C&affsource=Beauty120s%2C&aff_click_id=1027e440bd46763f981c10cd2e38b2&affsource=55609_Beauty120s%2C&bo=2753%2C2754%2C2755%2C2756	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=44542&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&s2=1027e440bd46763f981c10cd2e38b2&s3=Beauty120s%2C%3B55609_Beauty120s%2C&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=Beauty120s%2C&affsource=Beauty120s%2C&aff_click_id=1027e440bd46763f981c10cd2e38b2&affsource=55609_Beauty120s%2C&bo=2753%2C2754%2C2755%2C2756 IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=44542&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&s2=1027e440bd46763f981c10cd2e38b2&s3=Beauty120s%2C%3B55609_Beauty120s%2C&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=Beauty120s%2C&affsource=Beauty120s%2C&aff_click_id=1027e440bd46763f981c10cd2e38b2&affsource=55609_Beauty120s%2C&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: a.vfgtf.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 28 Jan 2023 14:17:42 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=170910&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w15tsvr0jpgb6m7miml7uh5i&affsource=Beauty120s%2C&source=75077_Beauty120s%2C pragma: no-cache set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=jCwGZ8e8kPAPUD66FjIIJFbMMtg1MlE4hWN-tEKaPz8; Max-Age=86400; Expires=Sun, 29-Jan-2023 14:17:42 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=QaIOKOZV2b8%2BmpkOExooK%2F4MBs8%2Fz7hFdH1JstggRO7uCFru%2BX6BbhbYvHDJPxLxCstMy%2BaznLfqeAqvb2t0sr629wrHFaZweVIiycbkLaHnvWVn9oifGZs5jjmG4SCNZgZoIVKrk7MDU9HcpoXddA%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 14:17:42 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=170910&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w15tsvr0jpgb6m7miml7uh5i&affsource=Beauty120s%2C&source=75077_Beauty120s%2C	18.192.108.151	302 Found	0 B
URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=170910&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w15tsvr0jpgb6m7miml7uh5i&affsource=Beauty120s%2C&source=75077_Beauty120s%2C IP 18.192.108.151:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=Beauty120s%2C%3B55609_Beauty120s%2C&affiliateID=170910&source=1027e440bd46763f981c10cd2e38b2&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=w15tsvr0jpgb6m7miml7uh5i&affsource=Beauty120s%2C&source=75077_Beauty120s%2C HTTP/1.1 Host: a.vfgtc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=8_fVDczchB84iOpzRaxA_0U_b59GNHVlPHi7H0XkpuM; cc-v4=4yf5wVCTLslmuvejk%2F9qx0Fp0MC0jPHLQHwCs56vutrWshVZw%2Bq8UIh6XrBs2aFaaQr0OnpiCSUtN5KACOGUm3dPbpmTnJw1CasvYtvHQHAzUgJveSvzYOmegutR7EkdpBMDsh9GrNRjaXGXs9inLg%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 302 Found server: nginx date: Sat, 28 Jan 2023 14:17:42 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=Beauty120s%2C%3B55609_Beauty120s%2C&aff_sub2=75077&aff_sub3=w6kcn5rogl3gtm7miq69bm58&aff_click_id=1027e440bd46763f981c10cd2e38b2&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_Beauty120s%2C&aff_sub4=ALGO_bucket&source=75077_Beauty120s%2C pragma: no-cache set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=E8I6B6H8NCM9sw4s06J9Vvkkjghsv6DGN-Ry7zWzhGA; Max-Age=86400; Expires=Sun, 29-Jan-2023 14:17:42 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=hl5yO27vxnRGgjqkQRv2X2LZFxyQRltTyrPzxMaqtUXzydWmmTaNElhuX0FHYfay61kMFQPWvlDO2vRTNPI4Qqo01fUzLjugsOLfyctw9Npqmo48fSeqVPsIngBHC9Nq3zm19il7s79wFumObyy0rA%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 14:17:42 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 16a7b6a7128312e2f985d30df18c4487 6017bff79ffb525d9c7f9f32b999b74b5dc69602 663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16" Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10204 Expires: Sat, 28 Jan 2023 17:07:46 GMT Date: Sat, 28 Jan 2023 14:17:42 GMT Connection: keep-alive`

	s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=Beauty120s%2C%3B55609_Beauty120s%2C&aff_sub2=75077&aff_sub3=w6kcn5rogl3gtm7miq69bm58&aff_click_id=1027e440bd46763f981c10cd2e38b2&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_Beauty120s%2C&aff_sub4=ALGO_bucket&source=75077_Beauty120s%2C	3.218.135.42	303 See Other	398 B
URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=Beauty120s%2C%3B55609_Beauty120s%2C&aff_sub2=75077&aff_sub3=w6kcn5rogl3gtm7miq69bm58&aff_click_id=1027e440bd46763f981c10cd2e38b2&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_Beauty120s%2C&aff_sub4=ALGO_bucket&source=75077_Beauty120s%2C IP 3.218.135.42:0 ASN #14618 AMAZON-AES File type HTML document, ASCII text, with very long lines (398), with no line terminators Size 398 B (398 bytes) Hash bd02de74a7fe82ae252db8b7f8a270a7 3f26d55d279c4c89fda817a0c50f2c969fe07921 8e87c4e3ab59cd6298a00a1e123da8b5a7c9fe06d819ac7ad659322336344bdd HTTP Headers GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=Beauty120s%2C%3B55609_Beauty120s%2C&aff_sub2=75077&aff_sub3=w6kcn5rogl3gtm7miq69bm58&aff_click_id=1027e440bd46763f981c10cd2e38b2&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_Beauty120s%2C&aff_sub4=ALGO_bucket&source=75077_Beauty120s%2C HTTP/1.1 Host: s.sloffer1.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC03588cb62ed5c7c90698343d7b19edb3e619fbbe93752c476f4732e15f2c016292409aa75db5c4ca7c63dafdf4e36090d368d4e8a013391df62bf3d86b12b357b1a79d98b1f12455acce84b6f8f3a86745415c6d0eca7b4ce7c08da4909c5f18c22124cffdadef61a20f7fd264d3aab3ef447aaeccf75ef8939da22dc9a9f9d439f39c055baeb0ab4b7472bb1ef62a403fd6a8985631eb7bfde230418d3983ab7b09df8da429f5268a19270cc119f090707c5775c2df5b0b8d2443353107a39f05370177cd; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers HTTP/2 303 See Other server: nginx/1.19.0 date: Sat, 28 Jan 2023 14:17:42 GMT content-type: text/html; charset=utf-8 content-length: 398 location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_Beauty120s%2C&sub3=102414bd0352888cf404d2c972e1cd&bo=2753%2C2754%2C2755%2C2756 set-cookie: enc_aff_session_8373=ENC035265ebf59d2806b90d5917e6970f3ca23c436cf6957793add539600e434c38a14762b3932b21cdb7ddf72013150713d3122e034c61d466ac7be4ada3bfd8994c9da35cded7027a8a649c01860cbd23b53ef2d8ac95dfc750dc321c59b3ecf90acd6f85ae015ec4d940ea35982e320d7252c442d145d3771d14ef07cb5139cd745ac2b350fa9a43a8ecd8d9c9c21bcc656a9103b6c1328f33c17236235712fd42ab85bf28a0a3fd2b21486441539a1787b82e811341ee9825ec2f1f60141bcad66686c05262b087e5c9a148a61503625ba089abc3eb2112eff17777708244f1851dac5837; Path=/; Expires=Mon, 27 Jan 2025 14:17:42 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 23 Dec 2025 00:57:42 GMT; Secure tracking_id: 102414bd0352888cf404d2c972e1cd vary: Accept strict-transport-security: max-age=15724800; includeSubDomains X-Firefox-Spdy: h2

	e1.o.lencr.org/	23.36.76.226	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash ae4d89b20fad914645438df5c12d6482 b15f7fd4ee5e7ec67e0cb3c9f900a9dc7bd8a381 60b501672d537406572381be7e1d20f760c2f6682d061056fa3c05c92fb8548a HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "60B501672D537406572381BE7E1D20F760C2F6682D061056FA3C05C92FB8548A" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10447 Expires: Sat, 28 Jan 2023 17:11:50 GMT Date: Sat, 28 Jan 2023 14:17:43 GMT Connection: keep-alive`

	push.services.mozilla.com/	35.155.77.83	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 35.155.77.83:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: sIllBh8/ccgdmyaS5cm6RA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: nZF8ctGMwE+UQiTW+4zYVvSrajA=`

	tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_Beauty120s%2C&sub3=102414bd0352888cf404d2c972e1cd&bo=2753%2C2754%2C2755%2C2756	172.67.190.127	302 Found	0 B
URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_Beauty120s%2C&sub3=102414bd0352888cf404d2c972e1cd&bo=2753%2C2754%2C2755%2C2756 IP 172.67.190.127:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_Beauty120s%2C&sub3=102414bd0352888cf404d2c972e1cd&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1 Host: tracking.t0r4.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found date: Sat, 28 Jan 2023 14:17:43 GMT content-length: 0 location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_Beauty120s,&campaign=&sum=&clickid=63d52e878d162a000129840a x-adjust-use-original-forwarded-for: 1 set-cookie: afclick=63d52e878d162a000129840a; expires=Sun, 28 Jan 2024 14:17:43 GMT; secure; SameSite=None afoffers={"1085":1674915463}; expires=Sun, 28 Jan 2024 14:17:43 GMT; secure; SameSite=None access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJNULgZb4CeBzBSzNk%2BzFayrtdsojqx1eJueLsg6rQVL6ho0LCJn9bd6oVe1MZWodKdq4o0LKtFRfsROZw1IQhZ1R1%2BdbQE%2BEsJ7l7tjt82mjDCBwYdnptKuohtM5UG4Za81Gg%3D%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 790a5a6c8836b4ed-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	e1.o.lencr.org/	23.36.76.226	200 OK	345 B
URL HTTP/1.1 e1.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 345 B (345 bytes) Hash ae4d89b20fad914645438df5c12d6482 b15f7fd4ee5e7ec67e0cb3c9f900a9dc7bd8a381 60b501672d537406572381be7e1d20f760c2f6682d061056fa3c05c92fb8548a HTTP Headers `POST / HTTP/1.1 Host: e1.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 345 ETag: "60B501672D537406572381BE7E1D20F760C2F6682D061056FA3C05C92FB8548A" Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10447 Expires: Sat, 28 Jan 2023 17:11:50 GMT Date: Sat, 28 Jan 2023 14:17:43 GMT Connection: keep-alive`

	zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_Beauty120s,&campaign=&sum=&clickid=63d52e878d162a000129840a	18.184.38.55	302 Found	0 B
URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_Beauty120s,&campaign=&sum=&clickid=63d52e878d162a000129840a IP 18.184.38.55:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_Beauty120s,&campaign=&sum=&clickid=63d52e878d162a000129840a HTTP/1.1 Host: zzotrack.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found server: nginx date: Sat, 28 Jan 2023 14:17:43 GMT content-length: 0 cache-control: no-store, no-cache, pre-check=0, post-check=0 expires: Thu, 01 Jan 1970 00:00:00 GMT location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=w34eentvmrle9m7mig50dd4c&aff_sub3=170910 pragma: no-cache set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=K1go7KY2pKzkTJiLkWeEFyjpxZ96nLxl_5DUnMrx4wU; Max-Age=86400; Expires=Sun, 29-Jan-2023 14:17:43 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=gFLzkffd2wwENaRGRJTwO6tZ4iortXcBeaJjy%2BzSJz4%2BRiNyx%2FBUGZbJGX%2Bxtk4XnWY5ZshZ7cBKOUonMlXN%2BKUzLapJHFbppJj71E4dU%2FbB5S2A3tDado%2Bosa2Najzo6waeidoY6m5IKDW1vXaYFQ%3D%3D; Max-Age=31536000; Expires=Sun, 28-Jan-2024 14:17:43 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash de54687e4b49a6157da23f0548dcbf51 226a16a081d4feffe4497f42f822d8a77c67ab0d 168761612df24e9d70f5dc83a745b7963595b25b2e318becbe9899eb245dfdd4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 14:17:43 GMT Etag: "63d4b72a-1d7" Server: ECS (dcb/7F17) X-Cache: Miss from cloudfront Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 1iu8szhBexsoLR-mqW0U6KJZJ6lYXLGyC7sDx_irjmqrP4e0PvDvMA==`

	www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=w34eentvmrle9m7mig50dd4c&aff_sub3=170910	52.212.63.104	302 Found	403 B
URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=w34eentvmrle9m7mig50dd4c&aff_sub3=170910 IP 52.212.63.104:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text Size 403 B (403 bytes) Hash 6357cec86de6ac0131641f631aa756c3 6062501e4065f31cf3af4bd22219861b3334e14c dc4261995e920685a4ba63517b7ccf1a6c5bf0be5406ed49c748ffff7d7344e6 HTTP Headers GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=w34eentvmrle9m7mig50dd4c&aff_sub3=170910 HTTP/1.1 Host: www.ntr4x.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found Server: nginx Date: Sat, 28 Jan 2023 14:17:43 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 403 Connection: keep-alive Cache-Control: no-cache, no-store, must-revalidate Expires: Sat, 26 Jul 1997 05:00:00 GMT Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102d0cd72576b76e2a3fdafe1be303&utm_source=170910&utm_content=w34eentvmrle9m7mig50dd4c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 P3p: CP="NOI CUR OUR NOR INT" Pragma: no-cache Set-Cookie: enc_aff_session_1672=ENC036638f55e4884783d171723c9744a461fb71a76d265f0eeacc079f403cecac3dc037a427f3bc137ffd2d0d6ae25310607781cb07f87a675fdbf300c15b42c4f9a9d393d2e61760100bf82aa96e1733c587d6a502f79d9c2a53d8cce0dab4175d56e1ba754d1ecc7633a6a6a685c16d420ef5125a362e7870613f8d3c6405180db10fd417e9190d3acfb63fa6aea393d9fcb9ce7fd23ddfa263914316ea01713a45ac98857e218b87799375698dae3f2fd38bfb47567263ce161873eebd733cf570ccb88d7; expires=Sun, 29 Jan 2023 14:17:43 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Tue, 23 Dec 2025 00:57:43 GMT; path=/; SameSite=None; Secure Tracking_id: 102d0cd72576b76e2a3fdafe1be303 X-Robots-Tag: noindex, nofollow Access-Control-Allow-Origin: * X-Request-Id: f638d8ee7b22486302efbe101e2fa428 Access-Control-Allow-Headers: Tune-SDK-Version

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 769eb7183e7da891952f50bd8eaf2663 23b5c1a8dc82c7b3d0b384979a0ef58def61c4c7 5f64fd8ed843c3db3ea78773e3ba497ecd7d225a502163a6fb18c8bf4739d0e1 HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 14:17:44 GMT Server: ECS (dcb/7F82) X-Cache: Miss from cloudfront Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 9Rqn0ZzKoz-vHTuN6E0HabQXnJYyaedueGmU3e_KfTCl1YamYPlAZA==`

	www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102d0cd72576b76e2a3fdafe1be303&utm_source=170910&utm_content=w34eentvmrle9m7mig50dd4c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781	54.230.111.66	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102d0cd72576b76e2a3fdafe1be303&utm_source=170910&utm_content=w34eentvmrle9m7mig50dd4c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 IP 54.230.111.66:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /campaign?utm_campaign=6535&utm_term=102d0cd72576b76e2a3fdafe1be303&utm_source=170910&utm_content=w34eentvmrle9m7mig50dd4c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie" date: Sat, 28 Jan 2023 14:17:44 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /landingpage pragma: no-cache server: nginx/1.22.0 set-cookie: PHPSESSID=n6de5um6b62cjcks9gt4n3ah3a; path=/ AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B676832DF7AD4ACCE7E110D6737F4464FAA0D0AE9CB49E94B3C75CF4AF869187B48;PATH=/ x-cache: Miss from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 8dZT6odKYpHufLN4WeMTQ0r9d9ZvTMZcJA6nUHI4uw14WmGDFCktJw== X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2415 Expires: Sat, 28 Jan 2023 14:57:59 GMT Date: Sat, 28 Jan 2023 14:17:44 GMT Connection: keep-alive`

	www.xn--vtedrmmer-52a7s.com/landingpage	54.230.111.66	302 Found	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage IP 54.230.111.66:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /landingpage HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=n6de5um6b62cjcks9gt4n3ah3a; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B676832DF7AD4ACCE7E110D6737F4464FAA0D0AE9CB49E94B3C75CF4AF869187B48 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 302 Found content-type: text/html; charset=UTF-8 content-length: 0 cache-control: no-store, no-cache, must-revalidate date: Sat, 28 Jan 2023 14:17:44 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT location: /lp/lp2 pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: xH1oe4SjsQC61ggRTo89J9wDxA9AXKw8J-Q-fB-eLjbl7I82DfvSxg== X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2415 Expires: Sat, 28 Jan 2023 14:57:59 GMT Date: Sat, 28 Jan 2023 14:17:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.77.32	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.77.32:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 2e21811f62c077f45a93d7c3b543998d 3e890a73bb51d9dd1021d5339271aa40833ba258 c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1" Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2415 Expires: Sat, 28 Jan 2023 14:57:59 GMT Date: Sat, 28 Jan 2023 14:17:44 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg	34.120.237.76	200 OK	4.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.5 kB (4475 bytes) Hash 4205d8106659e00fff1cbe9262918b8c ab4f6528594a1725934727dc7d834c028a79c609 31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4475 x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_e6HsaIAMF5Lg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:56:46 GMT age: 58858 etag: "ab4f6528594a1725934727dc7d834c028a79c609" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg	34.120.237.76	200 OK	7.8 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.8 kB (7819 bytes) Hash 6a40be482a56db1e4d48ba4a8cf515ba da9c7255d5840c025526c6c24354750d9ba3a4ef fa0bfe56b97ce5cf450e4799db2fe6d5645553b71d1e2bd928df0278a81a33c8 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fddac8c39-e94f-40c1-bf35-4a70c575efbe.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7819 x-amzn-requestid: b9c17e9a-8da5-4736-a8bc-ea430feaef8d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_diGfbIAMFX2g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d445f0-695dd291002d9cc425df0edc;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:20 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: Gf-xQLbrbbXCRM8Q720PrSNSrvoelOoNlqbKwfiZHNIKCD_59TARLQ== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:03:06 GMT etag: "da9c7255d5840c025526c6c24354750d9ba3a4ef" content-type: image/jpeg age: 58478 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7538 bytes) Hash 131eb343c5abd61939457d69bd371348 ffb2035cf64fc83f01db5c6f26ffa264b6aac95b 8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7538 x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3fobF-ZoAMFjjA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:14:23 GMT age: 57801 etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg	34.120.237.76	200 OK	7.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.6 kB (7585 bytes) Hash ea24bcba583bd8bd139559448a343e68 b9d37c2b14f890d41983a59f352e8f7caa9c94bb e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7585 x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa_vkE5roAMF0Hw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw== via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 22:46:13 GMT age: 55891 etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7395 bytes) Hash 3b5b797e164d0f2c91200829d1ec90f8 15a55176d8e55b6816acabae5c7cc3e4528648c9 16eb29148856512f556b22b86a153e54032caaf98dbf141119f8c126e009591f HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fb39717-4b7d-45c4-b211-c2990bf99811.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7395 x-amzn-requestid: 166e5623-fc91-4b12-80c8-f5e1a762b387 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-ELH3eIAMF56w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443b4-439b5d2b67b9347d4d634d9d;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:48 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: L1BWTWAPsW5tfkJO0UBR4dKoW3_0Le7QhZLjBxtsY0fmf7cwEYWrMQ== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:49:07 GMT age: 59317 etag: "15a55176d8e55b6816acabae5c7cc3e4528648c9" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg	34.120.237.76	200 OK	7.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.0 kB (7028 bytes) Hash 57b73886cbbb719eda5f733c018eedfb b84ed40973f8a0d3c10529e34f9466746cfdaf0c 4ba11c23e0bbd2aed53b04ad0b3d22161af1971ddcfb75ae55734de9a49af207 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cadb8fa-5527-46cd-92dd-6316ac84a7d5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7028 x-amzn-requestid: c1743fed-205a-431b-8648-474facde6d09 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fa-CwFtboAMF9rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63d443ab-5b94864c707c42fc36fbc63a;Sampled=0 x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7LUa_R8g8Rlv7JJA0_okht-vGe-xBSyZ5TPJTFakAHlncQPZKEdULQ== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 27 Jan 2023 21:48:58 GMT age: 59326 etag: "b84ed40973f8a0d3c10529e34f9466746cfdaf0c" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 36147c185553851c38547798733a9fb2 912ec40237eae2ed558d09103c86c41f87896eca a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 14:17:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E	142.250.74.168	200 OK	77 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E IP 142.250.74.168:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (19467) Size 77 kB (77194 bytes) Hash 27820d48a1c53274dbab66462c521283 cb7392b476bb7635467f3788b8f80ee9cb8df6df 7e284cdbe537b15524f7976f06c08a0a6c3cdd2907928e355eee927c587706ea HTTP Headers `GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sat, 28 Jan 2023 14:17:45 GMT expires: Sat, 28 Jan 2023 14:17:45 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 77194 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.131	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 36147c185553851c38547798733a9fb2 912ec40237eae2ed558d09103c86c41f87896eca a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 28 Jan 2023 14:17:45 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash cbd7682fa014e71bcabff092c043a5aa ff50357f4673941cd24549e9402a28569aca4cfb bf3b5ab5290d8e10100fef3575e4ff8382cb41f3da7a6b180abc8c52a30c8aab HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 14:17:45 GMT Server: ECS (dcb/7F82) X-Cache: Miss from cloudfront Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: xr9Xc3ZGCeapt0hJn5xMly3n5YQcUEodi_Nzn6XEHHButQIyFYvF-g==`

	media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7825	54.230.111.76	200 OK	10 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10042 bytes) Hash dea19df8bf5758e2af9921e166e1420d 4f4610c28f3bad69e8b72d7f6379dcf61f50bd39 2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78 HTTP Headers `GET /project/489/logo_dark.png?config=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 10042 date: Mon, 16 Jan 2023 13:17:16 GMT last-modified: Fri, 13 Nov 2020 10:55:08 GMT etag: "dea19df8bf5758e2af9921e166e1420d" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: NhLvDAloRM9KPzuri8oCt8zmMGPlS5JL5cW95RRZjOZjpQquTgUbmA== age: 1040429 vary: Origin X-Firefox-Spdy: h2`

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash cbd7682fa014e71bcabff092c043a5aa ff50357f4673941cd24549e9402a28569aca4cfb bf3b5ab5290d8e10100fef3575e4ff8382cb41f3da7a6b180abc8c52a30c8aab HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=164556 Date: Sat, 28 Jan 2023 14:17:45 GMT Etag: "63d50e55-1d7" Expires: Mon, 30 Jan 2023 12:00:21 GMT Last-Modified: Sat, 28 Jan 2023 12:00:21 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 2gvEilBxj95REywWxiEJoEXpVqUrsochIoTqk2amZchqJuwNCUtW1w==`

	media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7825	54.230.111.76	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (50442) Size 84 kB (83844 bytes) Hash 88fc9f004fb667d33f56de0d9e011e49 fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb 2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8 HTTP Headers `GET /css/landingpage/matchm/style.css?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/css content-length: 83844 date: Mon, 16 Jan 2023 13:17:16 GMT last-modified: Mon, 21 Nov 2022 10:58:28 GMT etag: "88fc9f004fb667d33f56de0d9e011e49" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: wrTTQfolUDt50OdZas4jaTeqqqBY5M3X_igkoR7wHuNevapjlnOaWg== age: 1040430 vary: Origin X-Firefox-Spdy: h2

	ocsp.sca1b.amazontrust.com/	54.230.245.118	200 OK	471 B
URL HTTP/1.1 ocsp.sca1b.amazontrust.com/ IP 54.230.245.118:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash cbd7682fa014e71bcabff092c043a5aa ff50357f4673941cd24549e9402a28569aca4cfb bf3b5ab5290d8e10100fef3575e4ff8382cb41f3da7a6b180abc8c52a30c8aab HTTP Headers `POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Cache-Control: 'max-age=158059' Date: Sat, 28 Jan 2023 14:17:45 GMT Server: ECS (dcb/7F5F) X-Cache: Miss from cloudfront Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: qHYjEnlwnL_3Ju7TXZmashqVZ2PykD2YizLHjpSo2DO21jqImtUPRg==`

	media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7825	54.230.111.76	200 OK	84 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (65426) Size 84 kB (83821 bytes) Hash ce3ccb44a305193a7ab00bfdb69b4e23 c33ded560d8928ee37892bcab8398fac77e2ed07 7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9 HTTP Headers `GET /js/landingpage/script.js?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site` HTTP/2 200 OK content-type: text/javascript content-length: 83821 date: Mon, 16 Jan 2023 13:17:16 GMT last-modified: Mon, 15 Aug 2022 09:38:18 GMT etag: "ce3ccb44a305193a7ab00bfdb69b4e23" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: ofm0uYv9WJATcsG87DuezcAl9mc-wvmk6C4KLstpkhRRAvzPdBw8kg== age: 1040430 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7825	54.230.111.76	200 OK	48 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp2/LP2_adult.jpg?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x594, components 3\012- data Size 48 kB (48325 bytes) Hash a44c25dedd43edb73532247e0fb53dff 9c2d5134a8dbe684174cc7963966c0269f893c2a a21353bd80fba56b015461cd9dc88ac2edc3e41552412fe7943477f487536032 HTTP Headers `GET /images/landingpage/lp2/LP2_adult.jpg?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 48325 date: Mon, 16 Jan 2023 13:39:58 GMT last-modified: Wed, 29 Apr 2020 08:37:02 GMT etag: "a44c25dedd43edb73532247e0fb53dff" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: BNqyFQCzkKCqnEgci2bpdq2OwCFGRA20sUoN6ayc4KzSNHHKwDSUEw== age: 1039068 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7825	54.230.111.76	200 OK	21 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_female.jpg?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data Size 21 kB (20723 bytes) Hash 17f81e45188df50b9edb9d05a0839f53 9ba3613b7a7d33c899b0c4f3c6570520996dd6e5 04659fbd63d9bddb6400d664d70223e15f463b529a09c8183b35c45b184fb04f HTTP Headers `GET /images/niche/adult/reg_gender_female.jpg?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 20723 last-modified: Fri, 17 Apr 2020 10:14:38 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 28 Jan 2023 10:30:44 GMT etag: "17f81e45188df50b9edb9d05a0839f53" x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: J9YzLGO1wVyUFmHe2Jx8TjeH4p2KnOICBpEbXZa3WGtVsPC3BUi9Rg== age: 13622 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7825	54.230.111.76	200 OK	23 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/niche/adult/reg_gender_male.jpg?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 380x405, components 3\012- data Size 23 kB (22808 bytes) Hash 9fdb43ee4f4ff25db06ba41ef6496561 ff361b7424649b76708203f53d7fc47517fd7139 d6f41e5d0991e565d290e45bea26d979a0a96f2c18ab2e61695c5db33a5d51a4 HTTP Headers `GET /images/niche/adult/reg_gender_male.jpg?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 22808 last-modified: Fri, 17 Apr 2020 10:14:38 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 28 Jan 2023 13:42:19 GMT etag: "9fdb43ee4f4ff25db06ba41ef6496561" x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: NtMt-9ixsu9FI0k2-CYhn0aZuI3RSkFxdMwLCg0XaAfSbSrS4iXnlg== age: 2127 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7825	54.230.111.76	200 OK	4.3 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size 4.3 kB (4286 bytes) Hash 56283d52626ba639ee4fc7c0a6c84324 b150126aede65c06da7573ac4488ff0043da0431 9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281 HTTP Headers `GET /project/489/favicon.ico?config=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 200 OK content-type: image/x-icon content-length: 4286 date: Mon, 16 Jan 2023 13:17:17 GMT last-modified: Fri, 13 Nov 2020 10:55:42 GMT etag: "56283d52626ba639ee4fc7c0a6c84324" cache-control: max-age=3153600 accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 4f8jCAjtN8oftY6qAkC9eyPZDM5l7FRuh_15maUdjVxBqb6PXl33ew== age: 1040429 vary: Origin X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/images/project/layout/responsive/fonts/glyphicons-halflings-regular.woff2	54.230.111.76	200 OK	18 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/project/layout/responsive/fonts/glyphicons-halflings-regular.woff2 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data Size 18 kB (18028 bytes) Hash 448c34a56d699c29117adc64c43affeb ca35b697d99cae4d1b60f2d60fcd37771987eb07 fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c HTTP Headers GET /images/project/layout/responsive/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.xn--vtedrmmer-52a7s.com Connection: keep-alive Referer: https://media.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site TE: trailers HTTP/2 200 OK content-type: application/octet-stream content-length: 18028 access-control-allow-origin: * access-control-allow-methods: GET access-control-max-age: 3000 last-modified: Tue, 24 Apr 2018 08:38:18 GMT accept-ranges: bytes server: AmazonS3 date: Sat, 28 Jan 2023 14:17:46 GMT etag: "448c34a56d699c29117adc64c43affeb" x-cache: RefreshHit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 6uztgqzdnAD7E3nuUbb__uAgPWNmCfcRacOFBeMgbx4Vb4KxVO2zmQ== X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7825	54.230.111.76	200 OK	757 B
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (1532), with no line terminators Size 757 B (757 bytes) Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c d369fce98ab7c8750527c5c2f64130dda8729dbf e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067 HTTP Headers `GET /js/manifest/script.js?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 757 date: Mon, 16 Jan 2023 13:17:23 GMT last-modified: Thu, 08 Oct 2020 13:26:42 GMT etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: cFLK8nE7lAx4tklz2kkbEUB2dqeITHnPXUFj3qmqW5uj3bEatmZpCw== age: 1040423 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7825	54.230.111.76	200 OK	98 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (53333) Size 98 kB (97544 bytes) Hash 064699c25e405c0e166d7662c3561761 27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7 1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a HTTP Headers `GET /css/project/matchm/style.css?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/css content-length: 97544 date: Mon, 16 Jan 2023 13:17:23 GMT last-modified: Mon, 21 Nov 2022 10:58:32 GMT etag: "064699c25e405c0e166d7662c3561761" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: dgP5iA6ePzqt_D4QhcgD4Ws-H8Eo5XrYjaUJHYvdEg-oFNtPnvIwpQ== age: 1040423 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7825	54.230.111.76	200 OK	236 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65433) Size 236 kB (236255 bytes) Hash f5ef8833e788ec24ffaac4864a1a9fb6 c4fbc75d56f0269014baf42d5de92ce35f9371f9 9947197e08fb77b400bb6e3294799a442828cb004532c9b7d9872bda9ab16cea HTTP Headers `GET /js/vendor/script.js?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 236255 date: Mon, 16 Jan 2023 13:17:23 GMT last-modified: Mon, 15 Aug 2022 09:38:09 GMT etag: "f5ef8833e788ec24ffaac4864a1a9fb6" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Mg5PQ1fhE3sQzNc0VV-ah-1r5UmEtnUj6EL7sfeUl_-ZrWOxkuCx3w== age: 1040423 vary: Origin X-Firefox-Spdy: h2

	media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7825	54.230.111.76	200 OK	37 kB
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65435) Size 37 kB (36974 bytes) Hash f1e681a0bb4eb99a76e4fc67ca697e89 c0be4bbc6827461c7b7b4cbf059b160e914fd65a 67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9 HTTP Headers `GET /js/main/script.js?version=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` HTTP/2 200 OK content-type: text/javascript content-length: 36974 date: Mon, 16 Jan 2023 13:17:23 GMT last-modified: Mon, 15 Aug 2022 09:38:12 GMT etag: "f1e681a0bb4eb99a76e4fc67ca697e89" cache-control: max-age=3153600 content-encoding: gzip accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: b6rvcYQZkCjrN_jmfxLxGN1ilIjKAWP0k7f0w5AIpRD9Z5w9j8lLCg== age: 1040423 vary: Origin X-Firefox-Spdy: h2

	region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=2oe1p0&_p=285696456&cid=654434156.1674915469&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674915468&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1	216.239.32.36	204 No Content	0 B
URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E&gtm=2oe1p0&_p=285696456&cid=654434156.1674915469&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674915468&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 IP 216.239.32.36:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /g/collect?v=2&tid=G-NVWF78EY0E&gtm=2oe1p0&_p=285696456&cid=654434156.1674915469&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674915468&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp2&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.xn--vtedrmmer-52a7s.com Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0 `HTTP/2 204 No Content access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com date: Sat, 28 Jan 2023 14:17:46 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true content-type: text/plain cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/blank.html	54.230.111.66	404 Not Found	50 kB
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html IP 54.230.111.66:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9332), with CRLF, LF line terminators Size 50 kB (49512 bytes) Hash e03b1e84da4e1810f5e22f53bf5bea2b 0263eb833c0d04248b6a3be384f1d994bc460a36 46f87a7f94682bed6f88d924082eda8292da546a71a0e10d52b71299ed978ae8 HTTP Headers GET /lp/blank.html HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp2 Cookie: PHPSESSID=n6de5um6b62cjcks9gt4n3ah3a; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B676832DF7AD4ACCE7E110D6737F4464FAA0D0AE9CB49E94B3C75CF4AF869187B48 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Sat, 28 Jan 2023 14:17:45 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Error from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: cEiyZot9VdFSc8d9MDvQ4OHbZWAS1XShhx-5Y5ozbLBPXM3GCgqr_A== X-Firefox-Spdy: h2`

	www.xn--vtedrmmer-52a7s.com/lp/lp2	54.230.111.66	200 OK	0 B
URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp2 IP 54.230.111.66:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers GET /lp/lp2 HTTP/1.1 Host: www.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Cookie: PHPSESSID=n6de5um6b62cjcks9gt4n3ah3a; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A325281BBDFE933F527319264CC570F029B676832DF7AD4ACCE7E110D6737F4464FAA0D0AE9CB49E94B3C75CF4AF869187B48 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 TE: trailers `HTTP/2 200 OK content-type: text/html; charset=UTF-8 cache-control: no-store, no-cache, must-revalidate date: Sat, 28 Jan 2023 14:17:44 GMT expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: nginx/1.22.0 x-cache: Miss from cloudfront via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: ftfDCMTftIjMJxw4JDBBzbL5cOWJvbsi5mmFsdVaPEJFJ0pYO9DXQA== X-Firefox-Spdy: h2`

	media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7825	54.230.111.76	403 Forbidden	0 B
URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7825 IP 54.230.111.76:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /project//logo_dark.png?config=7825 HTTP/1.1 Host: media.xn--vtedrmmer-52a7s.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.xn--vtedrmmer-52a7s.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site TE: trailers` `HTTP/2 403 Forbidden content-type: application/xml date: Sat, 28 Jan 2023 14:17:44 GMT server: AmazonS3 x-cache: Error from cloudfront via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: XY1T2Dl_F9BU00Q_KekSrB0zfyDYnGQmM4TtYDlzzUXu_kZz_R_1VQ== vary: Origin X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML