a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10296ee566a6a453d730faf69812b3&subID2=55609&target=&Site=&Bnr=ALGO&cid=wa55so5fh1oep9gm2jbg2gfe&affsource=95&source=55609_95
18.192.108.151302 0 B URL HTTP/1.1 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10296ee566a6a453d730faf69812b3&subID2=55609&target=&Site=&Bnr=ALGO&cid=wa55so5fh1oep9gm2jbg2gfe&affsource=95&source=55609_95
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cb5cb9a8-26a4-42ae-946b-aae4b3e52909?subID1=95&affiliateID=75077&source=10296ee566a6a453d730faf69812b3&subID2=55609&target=&Site=&Bnr=ALGO&cid=wa55so5fh1oep9gm2jbg2gfe&affsource=95&source=55609_95 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Thu, 09 Feb 2023 01:30:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wib1vb04n56tq9gmibujc41q&aff_click_id=10296ee566a6a453d730faf69812b3&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95
Pragma: no-cache
Set-Cookie: cb5cb9a8-26a4-42ae-946b-aae4b3e52909-v4=-IqzmnN3LBW5mbgX0w--YvarApQGXm_WwsE5UPqAiTw; Max-Age=86400; Expires=Fri, 10-Feb-2023 01:30:58 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly
cc-v4=A9%2BbgQ7Fg9bsnfZ%2FlppEb09J8%2BaiF9EGySAERI10EcOzVux1JSicd8QCDA3Sxoyz%2BcyoQF%2Bzsne0ZR5sJ42pF9r5ci8B7XfjZziP0hBmULfndVnB37AXGUxIZx0nEFqGzavseCFmW%2BOlUi%2FrP07lvQ%3D%3D; Max-Age=31536000; Expires=Fri, 09-Feb-2024 01:30:58 GMT; Domain=a.vfgtc.com; Path=/; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5846
Expires: Thu, 09 Feb 2023 03:08:24 GMT
Date: Thu, 09 Feb 2023 01:30:58 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2202
Expires: Thu, 09 Feb 2023 02:07:40 GMT
Date: Thu, 09 Feb 2023 01:30:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 00:36:45 GMT
content-type: application/json
age: 3253
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19397
Expires: Thu, 09 Feb 2023 06:54:15 GMT
Date: Thu, 09 Feb 2023 01:30:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vI9zfdCf7mIYl65Zfp0Zjs8qYUMg2v8knp47Ufs0p5eD+bS0QhWlAyY9ILxJlb7Mmx9NyAmm44M=
x-amz-request-id: ATP4ZYPM9EAP5NS0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 00:46:10 GMT
age: 2688
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 01:30:58 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a1f1d5ecdc5d4d4c5ed07065272a58
ee20168a78eda0563316e7aa673850b01bf35a16
57779638577a03f8e5ab529de0c0489402cfc5096def46fec361df0ab3a0f9cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57779638577A03F8E5AB529DE0C0489402CFC5096DEF46FEC361DF0AB3A0F9CD"
Last-Modified: Wed, 08 Feb 2023 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20484
Expires: Thu, 09 Feb 2023 07:12:23 GMT
Date: Thu, 09 Feb 2023 01:30:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 00:51:21 GMT
age: 2378
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wib1vb04n56tq9gmibujc41q&aff_click_id=10296ee566a6a453d730faf69812b3&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95
52.1.220.62303 See Other 888 B URL HTTP/2 s.sloffer1.com/75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wib1vb04n56tq9gmibujc41q&aff_click_id=10296ee566a6a453d730faf69812b3&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95
IP 52.1.220.62:0
File type HTML document, ASCII text, with very long lines (888), with no line terminators
Hash 14af8f44030c1fca63b19c86b856817c
9a4248079466419d1d1f3152cf347e06f6fa4a00
4f03fc0f1b46042b4e6dc554780444c44604a7c8c23053b6530583c4f1582119
GET /75077/3785/26412/?aff_sub4=_bucket&aff_sub5=&aff_sub=95&aff_sub2=55609&aff_sub3=wib1vb04n56tq9gmibujc41q&aff_click_id=10296ee566a6a453d730faf69812b3&bnr=ALGO&target=emails&pyt=multi&bo=2753,2754,2755,2756&source=55609_95 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: nginx/1.19.0
date: Thu, 09 Feb 2023 01:30:59 GMT
content-type: text/html; charset=utf-8
content-length: 888
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&s2=1026796ed072d84cfde1dbfa134e3f&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1026796ed072d84cfde1dbfa134e3f&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756
set-cookie: aff_ran_url_3785=26412; Path=/; Expires=Fri, 10 Feb 2023 01:30:59 GMT; Secure
enc_aff_session_3785=ENC035570ee97a3051ece8e6ef912fc4a1d7bd7f77176b2f1d48b091797a5877c4127b6e9ec2bcf8d3727a7602fe4e949704aa0f57b020b6c63d7b93d1474c66d726e3f20ccf58c6462acee30cf3adb88d8127f5c21b184e2ec8bd1012ffdf0273f5dfc5fedda4c2f9090f4abbf34d4fa80364523cdc8d1c0b76f4cc6e8d4a0c77eb4abe5dcb94fd47f25bbe6913d23baf856c53615737c1458d9b3bf6050d734dac01b4804445382b2d1dd5b205f3e7d6b3c2e60a60f9986f11d8f7d42f117804051162b904a; Path=/; Expires=Sat, 08 Feb 2025 01:30:59 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sat, 03 Jan 2026 12:10:59 GMT; Secure
tracking_id: 1026796ed072d84cfde1dbfa134e3f
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&s2=1026796ed072d84cfde1dbfa134e3f&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1026796ed072d84cfde1dbfa134e3f&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&s2=1026796ed072d84cfde1dbfa134e3f&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1026796ed072d84cfde1dbfa134e3f&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=95%3B55609_95&affiliateID=44542&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&s2=1026796ed072d84cfde1dbfa134e3f&s3=95%3B55609_95&s4=75077&Bnr=ALGO&url=1&target=emails&pyt=multi&affsub=95&affsource=95&aff_click_id=1026796ed072d84cfde1dbfa134e3f&affsource=55609_95&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 09 Feb 2023 01:30:59 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wjq10vvvn9gme9gm2gnbsje4&affsource=95&source=75077_95
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=Xy2NrRanmZ1F0gPwF52vULuNlG0XAFG7lMHYH1n8Hpk; Max-Age=86400; Expires=Fri, 10-Feb-2023 01:30:59 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=Sp%2FVFm8hFqXhp6NC5o6xOymcksF1l34jRmZrCcGLslnivVvXljI05cIv1ucntlCj0DPweZbg5J1otucaRMiYQ4k6TtFIorkJmYqXbTzYCNX29KkfppIom8jzWGvS%2Fk9srf1yjUZIWnp3tDm2zsfbQQ%3D%3D; Max-Age=31536000; Expires=Fri, 09-Feb-2024 01:30:59 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4891
Expires: Thu, 09 Feb 2023 02:52:30 GMT
Date: Thu, 09 Feb 2023 01:30:59 GMT
Connection: keep-alive
a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wjq10vvvn9gme9gm2gnbsje4&affsource=95&source=75077_95
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wjq10vvvn9gme9gm2gnbsje4&affsource=95&source=75077_95
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=95%3B55609_95&affiliateID=170910&source=1026796ed072d84cfde1dbfa134e3f&subID2=75077&target=emails&Site=&Bnr=ALGO&cid=wjq10vvvn9gme9gm2gnbsje4&affsource=95&source=75077_95 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 09 Feb 2023 01:30:59 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wghv4mj4ppu5l9gm20h2bd5m&aff_click_id=1026796ed072d84cfde1dbfa134e3f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&aff_sub4=ALGO_bucket&source=75077_95
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=SoRPjYEcckUyKDp7W_TflsWBWtOeeKIyP5SO7MdCa9o; Max-Age=86400; Expires=Fri, 10-Feb-2023 01:30:59 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=tci9jteeAYcCVX2CLlraulKYRemuegQDuLXXeFMQ8AetsZnVZTRP1rIeM52woAFPiWDNKlDjgg8%2F9NrFC1ZUP%2FUhKuTwa8zegiPlWfpiEsJqTX791f5v36fFYxqUyrx3d%2Fxb4gAX%2FFr5bBIiyCAZnw%3D%3D; Max-Age=31536000; Expires=Fri, 09-Feb-2024 01:30:59 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wghv4mj4ppu5l9gm20h2bd5m&aff_click_id=1026796ed072d84cfde1dbfa134e3f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&aff_sub4=ALGO_bucket&source=75077_95
52.1.220.62303 See Other 376 B URL HTTP/2 s.sloffer1.com/170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wghv4mj4ppu5l9gm20h2bd5m&aff_click_id=1026796ed072d84cfde1dbfa134e3f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&aff_sub4=ALGO_bucket&source=75077_95
IP 52.1.220.62:0
File type HTML document, ASCII text, with very long lines (376), with no line terminators
Hash c3122d261b452a0c58b1bd7f83e66204
50e5d6489dea9877b612ffae872ef15f1cebfb6c
098aa3226d0d97563bcd911c7e4a5895ecd59b4bec9bef31a012767c104c67f3
GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=95%3B55609_95&aff_sub2=75077&aff_sub3=wghv4mj4ppu5l9gm20h2bd5m&aff_click_id=1026796ed072d84cfde1dbfa134e3f&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_95&aff_sub4=ALGO_bucket&source=75077_95 HTTP/1.1
Host: s.sloffer1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: aff_ran_url_3785=26412; enc_aff_session_3785=ENC035570ee97a3051ece8e6ef912fc4a1d7bd7f77176b2f1d48b091797a5877c4127b6e9ec2bcf8d3727a7602fe4e949704aa0f57b020b6c63d7b93d1474c66d726e3f20ccf58c6462acee30cf3adb88d8127f5c21b184e2ec8bd1012ffdf0273f5dfc5fedda4c2f9090f4abbf34d4fa80364523cdc8d1c0b76f4cc6e8d4a0c77eb4abe5dcb94fd47f25bbe6913d23baf856c53615737c1458d9b3bf6050d734dac01b4804445382b2d1dd5b205f3e7d6b3c2e60a60f9986f11d8f7d42f117804051162b904a; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 303 See Other
server: nginx/1.19.0
date: Thu, 09 Feb 2023 01:30:59 GMT
content-type: text/html; charset=utf-8
content-length: 376
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10282361bf290f0b1be88f8058ad61&bo=2753%2C2754%2C2755%2C2756
set-cookie: enc_aff_session_8373=ENC03dad5c140d23cd0302003e39b9db8f375e6776ab455adcbe95ec8347496d186dbe222f3c82599cc4b920bc2fb85fdcba8d7aac33fd4b653273ea111d32db56bfc31ce3ea6900590937c6705a46dd3355fbda604cd45901c7d5823e7e7e4b1802fc2decfb6731145aab4d9019b9fdab7e3b41e35d3b983635e2cd7a951cb9598d61555aae76ae2faa05de0e16e3e487df7c47a9093f650b8ab62b0890bf407bd285d953786ef87e4730ad12c7e202550b497d69d4a7c376a0c116e219289f6a0903083148e; Path=/; Expires=Sat, 08 Feb 2025 01:30:59 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sat, 03 Jan 2026 12:10:59 GMT; Secure
tracking_id: 10282361bf290f0b1be88f8058ad61
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hTbP+dyutHESGUdncKVC1g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WTA5NmBN3k5GThelaD0o/Zyv9Vk=
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP 142.250.74.131:0
Hash c88838e7855c1469f8f00406d08d210c
f82d0fad84c64454f0c95ed7298f747dc9de848f
c31b2d8bdb9ef56d7d6ee972dff3cf94d02105891e1200aca7b7eb838bd55b80
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 01:30:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10282361bf290f0b1be88f8058ad61&bo=2753%2C2754%2C2755%2C2756
104.21.19.241302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10282361bf290f0b1be88f8058ad61&bo=2753%2C2754%2C2755%2C2756
IP 104.21.19.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=781&offer_id=1085&sub1=170910&sub2=75077_95&sub3=10282361bf290f0b1be88f8058ad61&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 09 Feb 2023 01:30:59 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e44cd3f356c500018cf2f0
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63e44cd3f356c500018cf2f0; expires=Fri, 09 Feb 2024 01:30:59 GMT; secure; SameSite=None
afoffers={"1085":1675906259}; expires=Fri, 09 Feb 2024 01:30:59 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUjl%2FfCamWAQAqb2EZopikgK7ceBjf39bbVxbBXwjURUZfIXQ6Ndisaw67Ejrj%2BpwDF15S%2BHtmEn7c6PQEs%2BoTg2BlJR1VKnT6sTihmEgE9oUx%2BumyDMl8L14hz2zrmRx13E%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7968d7cc5fc9b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP 142.250.74.131:0
Hash c88838e7855c1469f8f00406d08d210c
f82d0fad84c64454f0c95ed7298f747dc9de848f
c31b2d8bdb9ef56d7d6ee972dff3cf94d02105891e1200aca7b7eb838bd55b80
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 01:30:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e44cd3f356c500018cf2f0
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e44cd3f356c500018cf2f0
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=75077_95&campaign=&sum=&clickid=63e44cd3f356c500018cf2f0 HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 09 Feb 2023 01:31:00 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wv8rtdqjordqa9gm2678751c&aff_sub3=170910
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=jK3FN8XqaZM0MY9Gq_oR8IliPPpgrzX0an97CPjiL9I; Max-Age=86400; Expires=Fri, 10-Feb-2023 01:31:00 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=d39uMqkHd3MGvtt0PToqM3KZ%2Bd4ltOLG5WKTueTZzLWHorgIochReYeXmhLl1BTmVYoOQ4ML8kkCcB%2BxwdSSOeIJ5jVJwUoOLVEbo2uVXD5ITOLh%2BOWyXSdv2G%2FN0uboB5ebl9pUgd2rrIOvUts5Aw%3D%3D; Max-Age=31536000; Expires=Fri, 09-Feb-2024 01:31:00 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6cb44960611bc187097442f5d6ab1d1c
bf8460de4e326ac11b0c495785eb5b3d550adf9a
beb4a0a40b354b1c59e778aaac84fe4426748af10e1566e5b1c0693ebbc6e606
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 01:31:00 GMT
Etag: "63e1e62c-1d7"
Server: ECS (dcb/7EA7)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PUYRbkp-LRI7R9iA95x_SX2Y8UWdoI5fwHutIy-NnIZJQAEY7-a4ng==
www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wv8rtdqjordqa9gm2678751c&aff_sub3=170910
3.248.18.157302 Found 403 B URL HTTP/1.1 www.ntr4x.com/aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wv8rtdqjordqa9gm2678751c&aff_sub3=170910
IP 3.248.18.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 8b4c2871e5aa295f1a08809f4787bdae
5a12a2be13e57a5d27a27907ca87510430d6159f
89b21543bd76ea7e0d2da8770361767d709b59450fb183ced0917df4de7e73d1
GET /aff_c?offer_id=1672&aff_id=1262&aff_sub2=381f1b1b-7ced-4eef-857b-418b4c176094-781&aff_sub1=wv8rtdqjordqa9gm2678751c&aff_sub3=170910 HTTP/1.1
Host: www.ntr4x.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 09 Feb 2023 01:31:00 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 403
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://www.våtedrømmer.com/campaign?utm_campaign=6535&utm_term=102019773afae88cc045f104a5a591&utm_source=170910&utm_content=wv8rtdqjordqa9gm2678751c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
P3p: CP="NOI CUR OUR NOR INT"
Pragma: no-cache
Set-Cookie: enc_aff_session_1672=ENC0356b2b1f7f5dcc472078c56aca7bc5f45d3b7057ce162155089ca9a63036fd4e8864073421e0700cad6232d7b96db33ef6ddc6f7c88fb3c12e9c706a10d8cc79bd9eaa419534f2ea0846837acc4ef1062ba9dba4193a48591477cbaed483a14191ee8fb7d23cda53af56a878e90b85a3bae4f0ff5d6c3f3f811f6533d2e5b045bf2e6babb2d0a69eb5fa29e01d1043ed1a87a34e039f60219a2d67c359c296600dbc272b96e77502387f04b9763f9960a295026cc7ac5b81d402a70fc407df20f19932534; expires=Fri, 10 Feb 2023 01:31:00 GMT; path=/; SameSite=None; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 03 Jan 2026 12:11:00 GMT; path=/; SameSite=None; Secure
Tracking_id: 102019773afae88cc045f104a5a591
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Origin: *
X-Request-Id: d8b1c292a8163ede10cd11b86c63d843
Access-Control-Allow-Headers: Tune-SDK-Version
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 3029287e65f11647a7774d09349834f7
a35e1c386e882792a27e99d7e777ce381f220bdb
8c376cfe20a6e19715cf3d84cfb6e4bab82ba9d31c58e8228dc1a78c8df76375
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 01:31:00 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rPrBhNi3gCKgriZ1LwrtncmAFEee9K_QpD95zrsQxt-Z5iECWxynQw==
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Thu, 09 Feb 2023 01:31:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Thu, 09 Feb 2023 01:31:01 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6280
Expires: Thu, 09 Feb 2023 03:15:41 GMT
Date: Thu, 09 Feb 2023 01:31:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea55fd1053c19123cb789a7d14479ccc
45fb06a6feeceff6a06c8c3f37e259ddf6e09820
393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AhvgnN4mrezDRzaqcb-O0ZGyjW83OcyZd76sLZByQhZDzZgr8Mg-ZA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:14:12 GMT
age: 73009
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 46173
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0c5e12696e3ee13041d043084828210
c48927fb23f59e0949d388086c197699c8f19d1b
47838e958555ff6799d4d1d3994913943726daba5294cd89afe9036628ef6fdb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb92005b3-7a69-411c-9afb-60b86ab8c5da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: fa797448-32c3-4438-a192-5291c48b1d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKFq9oAMFgog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-46ff32923a2763b45a5194f4;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2olwTLHKbCas7GcQiRz22bk_I646VcTxN3Yv_ObBVgeGC0l73GNh8A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "c48927fb23f59e0949d388086c197699c8f19d1b"
content-type: image/jpeg
age: 14184
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 14177
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82ed633b05ccadc8b87e83413641f1ef
aafed39990cf6a3391d53355085d816167a500fa
c9202e36b231d0a9a9cba1ff8f570e5b0fbba215eb6b28e3989fd442ee7f5835
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F844d5320-b850-4dd9-87c4-2b4f17eb895e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8717
x-amzn-requestid: dbb8b5a2-d3f6-42e2-8778-da19de081cb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f2c0LHaiIAMF5cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63df41b4-309b6b1f651f68453dd52f55;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 05:42:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hBfl0rPzn_iOD9xRlc236_IEvyGlK5WteH1y4cd0aYxlFzd3RVfgkQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:46 GMT
age: 14175
etag: "aafed39990cf6a3391d53355085d816167a500fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11f9f70f5e8af4de6d9fc5b9f50ccbe
753cb08c3f8c7c0750d113253790a08db01986bc
d4b77ba995ea274fd169fc9bc66919b23e72a8edb88d6184bf3d7f3ab398c645
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11036
x-amzn-requestid: 4bd4976c-9500-4d6d-a447-dd2873987d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswexHCYIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-61d430202cbbf52823f38c49;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1mDt4mKlkZG2_zBPhwB_lbzJ0Im0FlnjmJMa7gcopuv14gwqtwlA2w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
age: 14184
etag: "753cb08c3f8c7c0750d113253790a08db01986bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102019773afae88cc045f104a5a591&utm_source=170910&utm_content=wv8rtdqjordqa9gm2678751c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
54.230.111.127302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/campaign?utm_campaign=6535&utm_term=102019773afae88cc045f104a5a591&utm_source=170910&utm_content=wv8rtdqjordqa9gm2678751c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781
IP 54.230.111.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign?utm_campaign=6535&utm_term=102019773afae88cc045f104a5a591&utm_source=170910&utm_content=wv8rtdqjordqa9gm2678751c&utm_medium=381f1b1b-7ced-4eef-857b-418b4c176094-781 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate, no-cache="set-cookie"
date: Thu, 09 Feb 2023 01:31:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /landingpage
pragma: no-cache
server: nginx/1.22.0
set-cookie: PHPSESSID=jq5br0qbd3r5rmsofkmnk2kiu9; path=/
AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32526F2954E46377FA76FC3C65B93CEC3FAF941526A518EB8BDF607BCDCEA6DA03DF1708BB933D9E88C09FD81497215D106A;PATH=/
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sN7pFFRG0ov6X2UDFlvShfJL-hzr63jh5DQTcfc9E5zZnJPzwMWVlQ==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/landingpage
54.230.111.127302 Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/landingpage
IP 54.230.111.127:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /landingpage HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=jq5br0qbd3r5rmsofkmnk2kiu9; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32526F2954E46377FA76FC3C65B93CEC3FAF941526A518EB8BDF607BCDCEA6DA03DF1708BB933D9E88C09FD81497215D106A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
content-length: 0
cache-control: no-store, no-cache, must-revalidate
date: Thu, 09 Feb 2023 01:31:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /lp/lp20
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PiaF68iRCikh2ELpPKSS4WbinQ3GW1YNtNz9szSEAf4ZWlK_OJUUlg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 01:31:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
172.217.21.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-NVWF78EY0E
IP 172.217.21.168:0
File type ASCII text, with very long lines (19467)
Hash c416d9ec1c1fed2b73d2afe1a682ab15
a4010f18ae4af084b588416f04a812fb0b602b09
7cbf56aeee63b779cabeb493711c39d49de631565637638324e32a89feefb0cf
GET /gtag/js?id=G-NVWF78EY0E HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 09 Feb 2023 01:31:01 GMT
expires: Thu, 09 Feb 2023 01:31:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c99599d6628f41d54430edaa40f5c533
4bbd35fd1097784ae5e1e046ba35595eb49ac57f
3cb4e5c0f89f5e97bd7b4a11c25b6bae84bb5a1d55982c44719b76b3f852035e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 01:31:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8f47dcc2080968659d9e73f9ec6ad905
16917a3965d67fee70a879bab13accba01fa4623
baea4cc29c5178e3b74b33c340287a7fa4cea88caf7c9f3a00f9813e39a37991
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130150
Date: Thu, 09 Feb 2023 01:31:01 GMT
Etag: "63e38eda-1d7"
Expires: Fri, 10 Feb 2023 13:40:11 GMT
Last-Modified: Wed, 08 Feb 2023 12:00:26 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NPyEQ0LBJWxpYLAQ2gjHSRM6ypolMVuLrgPtjoJMVDz06R6pWYy6_w==
Age: 5985
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8f47dcc2080968659d9e73f9ec6ad905
16917a3965d67fee70a879bab13accba01fa4623
baea4cc29c5178e3b74b33c340287a7fa4cea88caf7c9f3a00f9813e39a37991
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 01:31:01 GMT
Etag: "63e0ebd7-1d7"
Last-Modified: Wed, 08 Feb 2023 23:51:17 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _3u58t5CGMtdvh2bcy-66pziiWG04iZaj9M87SSOjWKw0Q-SQoSdNg==
Age: 5985
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 8f47dcc2080968659d9e73f9ec6ad905
16917a3965d67fee70a879bab13accba01fa4623
baea4cc29c5178e3b74b33c340287a7fa4cea88caf7c9f3a00f9813e39a37991
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 01:31:01 GMT
Etag: "63e0ebd7-1d7"
Last-Modified: Wed, 08 Feb 2023 23:50:55 GMT
Server: ECS (dcb/7FA6)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q0sRbe7L5soWSekcXqVXpsJZYgUBRu1Zb5Lpy-go4_ogpB1NmY6-pA==
Age: 6006
media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
54.230.111.113200 OK 10 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/logo_dark.png?config=7826
IP 54.230.111.113:0
File type PNG image data, 320 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash dea19df8bf5758e2af9921e166e1420d
4f4610c28f3bad69e8b72d7f6379dcf61f50bd39
2cac0168f0a0c24154662208ee88cfe4213a26fe64c18211fcfcea31f6338b78
GET /project/489/logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10042
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Fri, 13 Nov 2020 10:55:08 GMT
etag: "dea19df8bf5758e2af9921e166e1420d"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ya542E1vJZUAXFsbRh8dYrPUeuED3ghlIeG5YCXV7HySKUjdgdFNvw==
age: 666543
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
54.230.111.113200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/landingpage/script.js?version=7826
IP 54.230.111.113:0
File type Unicode text, UTF-8 text, with very long lines (65426)
Hash ce3ccb44a305193a7ab00bfdb69b4e23
c33ded560d8928ee37892bcab8398fac77e2ed07
7f2f658ecf4bd097d730ab77a8513fb1b8b6ca6032b919d6abb0e3be6be210c9
GET /js/landingpage/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 83821
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 15 Aug 2022 09:38:18 GMT
etag: "ce3ccb44a305193a7ab00bfdb69b4e23"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h3zP3JGfqDOwXP6sbSQLCCFrtMckOrHCoxXdoOhjAqnpqEoOTYl0GQ==
age: 666543
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
54.230.111.113200 OK 84 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/landingpage/matchm/style.css?version=7826
IP 54.230.111.113:0
File type ASCII text, with very long lines (50442)
Hash 88fc9f004fb667d33f56de0d9e011e49
fbcbbf3c4437b699b26a27ee7059db7fec6cb8bb
2e091e8c984974a9ec9deee6081500857519d245f60d16faa4b15504e6701cb8
GET /css/landingpage/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/css
content-length: 83844
date: Wed, 01 Feb 2023 08:21:59 GMT
last-modified: Mon, 21 Nov 2022 10:58:28 GMT
etag: "88fc9f004fb667d33f56de0d9e011e49"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LRM2fFoYwLHYO-mMr5OG92w7a0jh_sejUU_cQ1QofFdq63o5GIroRA==
age: 666543
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg
54.230.111.113200 OK 105 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/images/landingpage/lp20/dating.jpg
IP 54.230.111.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 790x882, components 3\012- data
Size 105 kB (105401 bytes)
Hash e3e9897556a5683d4955c17b2976c76d
65bdfdc61f841a98406f99ae6a8e1bd6a88bfaff
2c908556342f9d4b976a4d1afdcbc101b9c732ebb01d789e4aebadf17ec1094b
GET /images/landingpage/lp20/dating.jpg HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 105401
date: Wed, 04 Jan 2023 10:14:02 GMT
last-modified: Fri, 01 Feb 2019 09:29:01 GMT
etag: "e3e9897556a5683d4955c17b2976c76d"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mgU54vzvlhfQovpPoOmc5ysIaxSr5T4D-uTrxukDyM3B0q7j3_ZOSA==
age: 3079021
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
54.230.111.113200 OK 4.3 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project/489/favicon.ico?config=7826
IP 54.230.111.113:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 56283d52626ba639ee4fc7c0a6c84324
b150126aede65c06da7573ac4488ff0043da0431
9b5bd7e7398519bf0f9dd7e52e05194f2f2d64fc549265400484d98e4b6f4281
GET /project/489/favicon.ico?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
content-length: 4286
date: Wed, 01 Feb 2023 08:23:50 GMT
last-modified: Fri, 13 Nov 2020 10:55:42 GMT
etag: "56283d52626ba639ee4fc7c0a6c84324"
cache-control: max-age=3153600
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NFA9MgULDtwqRb8f_xgqFkNhS8RGsZ9UzQpQNJkpaPrSq78fErVO9A==
age: 666433
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
54.230.111.113200 OK 757 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/manifest/script.js?version=7826
IP 54.230.111.113:0
File type ASCII text, with very long lines (1532), with no line terminators
Hash 69b7363b2a1c3b6ca1d79b403e0c6c1c
d369fce98ab7c8750527c5c2f64130dda8729dbf
e6e40f36330091e93b7e5a1661e132f5624d5622ddd56c8941f4027101c36067
GET /js/manifest/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 757
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Thu, 08 Oct 2020 13:26:42 GMT
etag: "69b7363b2a1c3b6ca1d79b403e0c6c1c"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mYtamCQCYCnCxIxgK1fOARWw7NA0bPeX8DeCtQPQKg8BeyjPRSmOcg==
age: 666435
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
54.230.111.113200 OK 98 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/css/project/matchm/style.css?version=7826
IP 54.230.111.113:0
File type ASCII text, with very long lines (53333)
Hash 064699c25e405c0e166d7662c3561761
27fb9b6c67c5a1c09276a71047ab2fbab7ce69d7
1eaa6a6a7e75e343e5fe9f779b7f6502b3b72e5f799bcb01c26f5c5c19a1b52a
GET /css/project/matchm/style.css?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 97544
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 21 Nov 2022 10:58:32 GMT
etag: "064699c25e405c0e166d7662c3561761"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J1CYHeOyhkijnmyY3NRnjZ5x-ZrJtNCgohnMJipV-xhbD8nD3p-LxQ==
age: 666435
vary: Origin
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
54.230.111.113200 OK 37 kB URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/main/script.js?version=7826
IP 54.230.111.113:0
File type ASCII text, with very long lines (65435)
Hash f1e681a0bb4eb99a76e4fc67ca697e89
c0be4bbc6827461c7b7b4cbf059b160e914fd65a
67e1168eb449f8e436786e6234a78121c4cd500e8b7e445bff775d731a16eeb9
GET /js/main/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 36974
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:12 GMT
etag: "f1e681a0bb4eb99a76e4fc67ca697e89"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6pYEnz752oitZpCtyOdvRIvzsUOtGCav3iTf87wYNcECRfrWQ6ti4A==
age: 666435
vary: Origin
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3280&_p=639278699&cid=315042135.1675906319&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675906319&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-NVWF78EY0E>m=45je3280&_p=639278699&cid=315042135.1675906319&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675906319&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-NVWF78EY0E>m=45je3280&_p=639278699&cid=315042135.1675906319&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675906319&sct=1&seg=0&dl=https%3A%2F%2Fwww.xn--vtedrmmer-52a7s.com%2Flp%2Flp20&dt=Hotte%20sexdates%20i%20ditt%20omr%C3%A5de%20-%20v%C3%A5tedr%C3%B8mmer.com&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.xn--vtedrmmer-52a7s.com
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.xn--vtedrmmer-52a7s.com
date: Thu, 09 Feb 2023 01:31:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
54.230.111.113403 Forbidden 243 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
IP 54.230.111.113:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash b5ef5f0058e0488bd36a462790935078
cbaa4b6749605cc012ecb40c41b73ce3f84bde66
8a883b14311e35968f531d32ad6233574e146a871b2f6256e390c3da5dae178f
GET /project//logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Cookie: _ga_NVWF78EY0E=GS1.1.1675906319.1.1.1675906319.0.0.0; _ga=GA1.1.315042135.1675906319
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Thu, 09 Feb 2023 01:31:03 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k8eDNBwAB3CBr5jbQsXBycK3Q3qBdaIk_4aUYDRLifd14xCyREZl1Q==
vary: Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d7814305f961caded310b6f2089219b
efcb6a067bb023865823625e67d9de60d44685e0
3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BNBH60bI_wBqaKAFD_FeZHbzfIeJh9-x-JiMsF0Uh9pxKHFPdAH6Vw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:02:08 GMT
age: 12539
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
54.230.111.127404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html?HistoryLoad
IP 54.230.111.127:0
GET /lp/blank.html?HistoryLoad HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20
Cookie: PHPSESSID=jq5br0qbd3r5rmsofkmnk2kiu9; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32526F2954E46377FA76FC3C65B93CEC3FAF941526A518EB8BDF607BCDCEA6DA03DF1708BB933D9E88C09FD81497215D106A; cookies_marketing=1; cookies_analytic=1; _ga_NVWF78EY0E=GS1.1.1675906319.1.1.1675906319.0.0.0; _ga=GA1.1.315042135.1675906319
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Thu, 09 Feb 2023 01:31:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EeaTxvu1ORP3f5c6uze4FqDSRDQEwHBe6B65QeGHoYY9Ns2YvX3sjA==
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
54.230.111.113200 OK 0 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/js/vendor/script.js?version=7826
IP 54.230.111.113:0
GET /js/vendor/script.js?version=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 236255
date: Wed, 01 Feb 2023 08:23:48 GMT
last-modified: Mon, 15 Aug 2022 09:38:09 GMT
etag: "f5ef8833e788ec24ffaac4864a1a9fb6"
cache-control: max-age=3153600
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EyVsclPvDVqCZ-c8YHtZksgM-p8MAykq0r2uqKuU4R2Nws2z_mR7yg==
age: 666435
vary: Origin
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/lp20
54.230.111.127200 OK 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/lp20
IP 54.230.111.127:0
GET /lp/lp20 HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=jq5br0qbd3r5rmsofkmnk2kiu9; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32526F2954E46377FA76FC3C65B93CEC3FAF941526A518EB8BDF607BCDCEA6DA03DF1708BB933D9E88C09FD81497215D106A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Thu, 09 Feb 2023 01:31:01 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wOm6Zjuqe_AtPQiPDkvfwByRy8xL3DWvxVXCdTvjwb9sJtIHlfYTww==
X-Firefox-Spdy: h2
www.xn--vtedrmmer-52a7s.com/lp/blank.html
54.230.111.127404 Not Found 0 B URL HTTP/2 www.xn--vtedrmmer-52a7s.com/lp/blank.html
IP 54.230.111.127:0
GET /lp/blank.html HTTP/1.1
Host: www.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/lp/lp20
Cookie: PHPSESSID=jq5br0qbd3r5rmsofkmnk2kiu9; AWSELB=9585594B06F2E7045FD8B793A1BFD2C40F279A32526F2954E46377FA76FC3C65B93CEC3FAF941526A518EB8BDF607BCDCEA6DA03DF1708BB933D9E88C09FD81497215D106A
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
date: Thu, 09 Feb 2023 01:31:02 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.22.0
x-cache: Error from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e35rziuAnKc_ur7EcMDrs8hpq-TlDUcXwB-JcQVjwdi848X5JDpC7w==
X-Firefox-Spdy: h2
media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
54.230.111.113403 Forbidden 0 B URL HTTP/2 media.xn--vtedrmmer-52a7s.com/project//logo_dark.png?config=7826
IP 54.230.111.113:0
GET /project//logo_dark.png?config=7826 HTTP/1.1
Host: media.xn--vtedrmmer-52a7s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.xn--vtedrmmer-52a7s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 403 Forbidden
content-type: application/xml
date: Thu, 09 Feb 2023 01:31:02 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HKTILPIu_VqbKSniZtaWdWBN0my4gVYn6TplYpk61V6cbnwqpcSYmg==
vary: Origin
X-Firefox-Spdy: h2