r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4589
Expires: Sun, 27 Nov 2022 05:35:48 GMT
Date: Sun, 27 Nov 2022 04:19:19 GMT
Connection: keep-alive
rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
80.66.65.134301 Moved Permanently 169 B URL HTTP/1.1 rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9527755784f5014d2c94dcabdf6ae892
941126eba6b0b049b4a09fb846ebd943e894e068
5b111ef9f2dbaf8e8870567dc8e2302efe2b0feb9d4ba62ce74c1039ab663523
GET /?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rbfccu.top:443/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:19 GMT
Last-Modified: Sun, 27 Nov 2022 02:35:53 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4224
Expires: Sun, 27 Nov 2022 05:29:43 GMT
Date: Sun, 27 Nov 2022 04:19:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 04:17:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 104
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8DYADUdJh0ZS7DIBXr/CfIUe1DVVt5cShJ4swzQS3IVs5y4DQXl1a7uDk3w1iHW/SsOVyPVl5Zo=
x-amz-request-id: BPEQYCAHY2D1RDZ1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 03:44:29 GMT
age: 2090
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 04:19:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 29010995bc98b8f8cf9992bf96f0b245
e648cd59baa5a974a0b778acc9788e8409a3ff0d
c01bc0e8848181215502e4ce098b413f974bd9a1a23465cd3febb6820bc58ef7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C01BC0E8848181215502E4CE098B413F974BD9A1A23465CD3FEBB6820BC58EF7"
Last-Modified: Fri, 25 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7795
Expires: Sun, 27 Nov 2022 06:29:14 GMT
Date: Sun, 27 Nov 2022 04:19:19 GMT
Connection: keep-alive
rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
80.66.65.134200 OK 15 kB URL HTTP/1.1 rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (741), with CRLF line terminators
Hash 3c179bd6fcb62de461fde885ad6dbb37
178787241d0e25a8d8bb4ae878010df2b120ac28
3f25d0fdbcb02548940df9faec01bf468baee010455fcfeab590481f0bdb83db
GET /?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.min.css?package=Rbfcu
80.66.65.134200 OK 655 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.min.css?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (1697)
Hash 483c2dc0c5aa59425eca7703a34be959
4270aea588e68ca11b6da0623a365fd2959d1526
fc1720d2fd3bea207ef2b083aa03190462eb01ae92a0800ef798d9af15969fe1
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.min.css?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-705"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/css/jquery.mmenu.css?package=Rbfcu
80.66.65.134200 OK 1.7 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/css/jquery.mmenu.css?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (6431)
Hash 2dd1c618e05354e4758aaefe9c2a4825
9f38e2b1a3a3534d9c7048bd4b2cf9ddcb355bd3
6720db6b1496f1aa7740d7b5a39707b450dffe37017f1170da5f3d18e0194354
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/css/jquery.mmenu.css?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-1ebd"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2086
Cache-Control: max-age=146433
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 20:59:53 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/themes/jquery.mmenu.themes.css?package=Rbfcu
80.66.65.134200 OK 915 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/themes/jquery.mmenu.themes.css?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (6898), with no line terminators
Hash a47bafa90814288bf800825de806a787
3dff01f1f6489f36c06a6acc6afc080238935976
a0df43a3983b6315c8aa6b53a0187a764fdfe29214f925523aea8440042fdf8a
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/themes/jquery.mmenu.themes.css?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-1af2"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3gli2JibkeGJSmQ-4DHAPDIA4Dv27pbCohNg0Um3AE4xO9stfXPmQsnj3HV4MfUj1rqPgk8L4hGDf9kVXjVxgv1ke4cMb1TqdqBEg18_NFGRNhJPxQIrSn7uh7nR31XbqV46TN3Xgw2tYVUXqPNUKlq0HVfRhXLZaCHy7HWRZidu0&t=a366992
80.66.65.134200 OK 31 kB URL HTTP/1.1 rbfccu.top/ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3gli2JibkeGJSmQ-4DHAPDIA4Dv27pbCohNg0Um3AE4xO9stfXPmQsnj3HV4MfUj1rqPgk8L4hGDf9kVXjVxgv1ke4cMb1TqdqBEg18_NFGRNhJPxQIrSn7uh7nR31XbqV46TN3Xgw2tYVUXqPNUKlq0HVfRhXLZaCHy7HWRZidu0&t=a366992
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (65451)
Hash afc5d07cd09f82e0b39ed2d05f6f16f5
41f2b25919d6493209e8ec1cd79ee006d1e1baa2
75fa5b5e9a01bb1488649ba9f0751bcdee5815038557bd17716ca8af5f24c030
GET /ScriptResource.axd?d=okuX3IVIBwfJlfEQK32K3gli2JibkeGJSmQ-4DHAPDIA4Dv27pbCohNg0Um3AE4xO9stfXPmQsnj3HV4MfUj1rqPgk8L4hGDf9kVXjVxgv1ke4cMb1TqdqBEg18_NFGRNhJPxQIrSn7uh7nR31XbqV46TN3Xgw2tYVUXqPNUKlq0HVfRhXLZaCHy7HWRZidu0&t=a366992 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
ETag: W/"15d84-5ecb14cf45200"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.6.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65447)
Hash 265d03943a645462854e9444dabeb800
a44ef995093ddc5f334a63999d71c65a1d2b6643
0d4102a2c52171ae32d1b2157118ceef7e18220bc02fbac9ce327a6a99a171df
GET /ajax/libs/jquery/3.6.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 27990
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "63091225-6d56"
last-modified: Fri, 26 Aug 2022 18:34:13 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 356480
expires: Fri, 17 Nov 2023 04:19:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hf%2BsASjW6KLBmKSh9sR%2FkuiNO85mjmUZT73rrKlOo39BwHsnDQ6OKXzyOd%2BVUaXcUI%2FL9CeLm96guiAsIWXqjtdOBJu3H3uhPQXwwxOhn2q5d8bahOftNdPGm5WFgcYG%2FiALL46f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 770810a35efdb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 04:11:12 GMT
cache-control: public,max-age=3600
age: 488
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/pagedim/jquery.mmenu.pagedim.css?package=Rbfcu
80.66.65.134200 OK 167 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/pagedim/jquery.mmenu.pagedim.css?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (465), with no line terminators
Hash dc0a13b7e3e6adb969411cc04b17a3da
c363aca2acf5f1df66be4c5937fbd082d1fef384
335925830f9fed1ce33e105b4900689fed46d6ba290a73ec391330c765e4b627
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/jquery.mmenu/extensions/pagedim/jquery.mmenu.pagedim.css?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-1d1"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash ebed87c2caeb00f3daca76b91f1d5856
0b524def376f7bf90143e8c002fbbdc776d4b457
9d50a898f0edaf6c38ef9827dcfc72de00b8afd71fde693644c3e7424f6efaa4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2086
Cache-Control: max-age=146433
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Etag: "63827623-118"
Expires: Mon, 28 Nov 2022 20:59:53 GMT
Last-Modified: Sat, 26 Nov 2022 20:25:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.base.min.css?ver=0.974&package=Rbfcu
80.66.65.134200 OK 9.8 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.base.min.css?ver=0.974&package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (44145)
Hash bd7b99af94b1feb991cdc1679aaafabc
3664edb3fa42597496a741b9fa68f8adf0509379
ba3e7bd89b554c88c98dcaea1e43ccdefee7b18618e659d7b7eb9bbd6302d7d1
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.base.min.css?ver=0.974&package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-ac72"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.min.css?ver=0.982&package=Rbfcu
80.66.65.134200 OK 16 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.min.css?ver=0.982&package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (65536), with no line terminators
Hash 212f8e86028f5ea9767c4f8f101bac38
01fcab6b0fc6e32c2b3ae58dada1f0259a442351
635903e993301190fcec52c02503d1056874f991a292b8504667398c84db6651
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/fuse.min.css?ver=0.982&package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-189a4"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/global-print.min.css?ver=0.977&package=Rbfcu
80.66.65.134200 OK 999 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/global-print.min.css?ver=0.977&package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (3773)
Hash 7874b6aa68ea16281ffae815f6890069
cfc1719dc715eac198ff71b4a3696b3d2e83b501
f4438fb465eaa74b9bccffc1055cf9fd7accbd6ab8456033ec479c457d8c0664
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/css/global-print.min.css?ver=0.977&package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-ebe"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 14fbd68f4f0f99942ecffe53db2baf07
4ef6e91e445aabcc2bb958a78bc3061e2c903a5e
9fe33cfdeb6fdd0a4228d4a1c82590a124d457ff139296cc2af0c13de8a2ff4b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 04:19:20 GMT
Server: ECS (dcb/7F16)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f-dFnv-eT1bHUVr7zFnwxYIHUwDNdWEXNNBOclrk0CoFePKDmdu-SQ==
cdn.segmint.net/segmint.min.js
54.230.111.68200 OK 16 kB URL HTTP/1.1 cdn.segmint.net/segmint.min.js
IP 54.230.111.68:0
File type ASCII text, with very long lines (16133), with no line terminators
Hash d82805b8a81d650b05604a319f83d8e0
6f691d9879b0f6edbf0bfcb805f40aceede45d12
42b6d29b82354983efe7f3c9cdee6d5209b3fe9cafb42564910e8b038df37691
GET /segmint.min.js HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 16133
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 12:51:09 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 26 Nov 2022 11:19:47 GMT
Cache-Control: max-age:900
ETag: "d82805b8a81d650b05604a319f83d8e0"
X-Cache: Hit from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qzaVJ5ojUV3EQpJCgmYFU_NZIx2ptvMgPEWsIkBsiJrm3Z2rbJCljQ==
Age: 61174
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.pkgd.min.js?package=Rbfcu&v=MjEyNjEyNjEwOA%3d%3d
80.66.65.134200 OK 14 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.pkgd.min.js?package=Rbfcu&v=MjEyNjEyNjEwOA%3d%3d
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (53821)
Hash 17d39c37f2d3d578eb84030477909c3d
dd562f02284fcf51ddc1423bc4b10db61eb86fe4
b035c9d0b64f38c78da59848785f4e91088e3db3d7abe43a8b872b8b4648f852
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity/flickity.pkgd.min.js?package=Rbfcu&v=MjEyNjEyNjEwOA%3d%3d HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-d32f"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESMmNbxGB2ekkTqvgz-RovLAW8eaJapUAAzVI8Z0-Legbflcpgk9LKENXAtWKDLR-8gcAjTbQk1FKu6LKBUlJGfo0RHwZKRhatkvOneXb3Dk2Lc2M9zfH2HOz_BswsrJ8J2icJv-dhJK7Lk4FpuqIPq4hQT-5zENhujT36xwisn_T0&t=a366992
80.66.65.134200 OK 31 kB URL HTTP/1.1 rbfccu.top/ScriptResource.axd?d=EydukmxBmDstn7gSYzQESMmNbxGB2ekkTqvgz-RovLAW8eaJapUAAzVI8Z0-Legbflcpgk9LKENXAtWKDLR-8gcAjTbQk1FKu6LKBUlJGfo0RHwZKRhatkvOneXb3Dk2Lc2M9zfH2HOz_BswsrJ8J2icJv-dhJK7Lk4FpuqIPq4hQT-5zENhujT36xwisn_T0&t=a366992
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (65451)
Hash afc5d07cd09f82e0b39ed2d05f6f16f5
41f2b25919d6493209e8ec1cd79ee006d1e1baa2
75fa5b5e9a01bb1488649ba9f0751bcdee5815038557bd17716ca8af5f24c030
GET /ScriptResource.axd?d=EydukmxBmDstn7gSYzQESMmNbxGB2ekkTqvgz-RovLAW8eaJapUAAzVI8Z0-Legbflcpgk9LKENXAtWKDLR-8gcAjTbQk1FKu6LKBUlJGfo0RHwZKRhatkvOneXb3Dk2Lc2M9zfH2HOz_BswsrJ8J2icJv-dhJK7Lk4FpuqIPq4hQT-5zENhujT36xwisn_T0&t=a366992 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
ETag: W/"15d84-5ecb14cf45200"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Last-Modified: Sun, 27 Nov 2022 02:41:54 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity-bg-lazyload/bg-lazyload.js?package=Rbfcu&v=MjEzNjYwNDAyMw%3d%3d
80.66.65.134200 OK 1.1 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity-bg-lazyload/bg-lazyload.js?package=Rbfcu&v=MjEzNjYwNDAyMw%3d%3d
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
Hash c281f3197ac38cf7cabc0bf2f3e9aea6
b102f6643b6547694b81a7e0553c2e36f08d6388
4e73e8c6a74ab6ca14b492c527d289a060dfd8ae805516b88d03f3318f39cbdd
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/components/flickity-bg-lazyload/bg-lazyload.js?package=Rbfcu&v=MjEzNjYwNDAyMw%3d%3d HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-ba5"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 290712
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:40:23 GMT
expires: Thu, 23 Nov 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 290337
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 293131
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/spin.min.js?package=Rbfcu&v=NTgzODE4OTQ1
80.66.65.134200 OK 2.0 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/spin.min.js?package=Rbfcu&v=NTgzODE4OTQ1
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (4226), with no line terminators
Hash d03d3927d149084e56b8951cb828b270
cb772d438d4331cfe954b918e1c665eb4c9de914
4cf9f32412b8102a40df30df13f096ce9d772519c705afb59e1c0874e18c0010
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/spin.min.js?package=Rbfcu&v=NTgzODE4OTQ1 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-1082"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 290699
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/rates.min.js?ver=0.1008&package=Rbfcu&v=NTgzODE4OTQ1
80.66.65.134200 OK 4.3 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/rates.min.js?ver=0.1008&package=Rbfcu&v=NTgzODE4OTQ1
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type HTML document, ASCII text, with very long lines (11786), with no line terminators
Hash ee9b753be9c1ee3a00b8269cc9e6ca1d
b78d7c46aac6c36e8ac98a2c78924cee0a16ed2e
36b320e9abd9304f72dfb7ffa2976cf877067961c5a15729c1788e7a827a2530
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/rates.min.js?ver=0.1008&package=Rbfcu&v=NTgzODE4OTQ1 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-2e0a"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/common.min.js?ver=0.1006&package=Rbfcu&v=NTgzODI1MzU1
80.66.65.134200 OK 3.3 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/common.min.js?ver=0.1006&package=Rbfcu&v=NTgzODI1MzU1
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (9287), with no line terminators
Hash fc9667f349948b2ed3a60fe6c1f6d063
da10ada6d710387ad43983a37a6524febd716cbd
f98712abb7b0b4d37f2e17a6913f2a1729335f7aa6a6c06fc941429a612b31b7
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/common.min.js?ver=0.1006&package=Rbfcu&v=NTgzODI1MzU1 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-2447"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/dropdown.min.js?ver=0.1001&package=Rbfcu&v=NTgzODI1MzU1
80.66.65.134200 OK 802 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/dropdown.min.js?ver=0.1001&package=Rbfcu&v=NTgzODI1MzU1
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (2180), with no line terminators
Hash 67c4188486d905d21d4707a80872de9d
c511beceef123a85e1fdc2a8294c4cf1cc9cda12
9fcf99019cc48c8b36497181874ec52911f48d4c92512d5b6a604c16df15c20c
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/dropdown.min.js?ver=0.1001&package=Rbfcu&v=NTgzODI1MzU1 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-884"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/maintenance-banner.min.js?ver=20221105074359&package=Rbfcu&v=NTgzODI1MzU1
80.66.65.134200 OK 210 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/maintenance-banner.min.js?ver=20221105074359&package=Rbfcu&v=NTgzODI1MzU1
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with very long lines (316), with no line terminators
Hash bb4c50ce38c546dfdc8bda5c80d09a46
a94ceaba332f5ef1274ed08fb5991f985335715b
5a662bb6c46a98cbc98d05c884f4699bbd6c84236e92da3891832c872fcd8eef
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/dist/js/maintenance-banner.min.js?ver=20221105074359&package=Rbfcu&v=NTgzODI1MzU1 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365e108-13c"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/send.js
80.66.65.134200 OK 349 B IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type ASCII text, with CRLF line terminators
Hash e132e322679ef3d82e5b19d7400f3493
b34206783fbf2216b7f94fdb11f433c29beaf135
99e33266c6ce923e10536d26adbae00547faab8d95a6f44308d7bdbec6abf3be
Analyzer Verdict Alert fortinet Phishing
GET /send.js HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 06:05:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6365fd12-343"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
rbfccu.top/images/default-source/icons/rbfcu19-graphic-icons-blue-2019_get-paid-early-(1).svg?sfvrsn=295a0a8_4
80.66.65.134200 OK 9.1 kB URL HTTP/1.1 rbfccu.top/images/default-source/icons/rbfcu19-graphic-icons-blue-2019_get-paid-early-(1).svg?sfvrsn=295a0a8_4
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2e445cb442240a043d8d7bc8862b8604
33bdfef18c1e43dea174e541b4af21258fcc5b6c
2e6e79c9c5eb00ca294efea2a76eb5974e13d53dc95cb735f6b2b7ab1e7fe428
Analyzer Verdict Alert fortinet Phishing
GET /images/default-source/icons/rbfcu19-graphic-icons-blue-2019_get-paid-early-(1).svg?sfvrsn=295a0a8_4 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 9121
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-23a1"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8psf92aRarGvDaZbF6E6iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MqdY+PAXyXxjYEHi0AKofgzVGBY=
rbfccu.top/images/default-source/icons/homepage-icons_auto.svg?sfvrsn=9628aaa8_4
80.66.65.134200 OK 3.0 kB URL HTTP/1.1 rbfccu.top/images/default-source/icons/homepage-icons_auto.svg?sfvrsn=9628aaa8_4
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ff0c189baa303d7f222ae00dfabe28cb
4f48bb813d96da846666654e4e593a7d96443c45
ff77734f7e7408725d2f1ad6cad198329e7447273dbb9ecbb4f17302e879fdee
GET /images/default-source/icons/homepage-icons_auto.svg?sfvrsn=9628aaa8_4 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 3012
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-bc4"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/images/default-source/icons/mastercard.svg?sfvrsn=b22aaa8_4
80.66.65.134200 OK 2.3 kB URL HTTP/1.1 rbfccu.top/images/default-source/icons/mastercard.svg?sfvrsn=b22aaa8_4
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6a735e21432c868b70d6d03d02f02365
ed6977bec0940db3f0759cddcd9924ab69b9e492
f9886775d0ff32c2f2f9f409202ca31525acf54e68922bd618fa8c2d72e3d8b3
GET /images/default-source/icons/mastercard.svg?sfvrsn=b22aaa8_4 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 2335
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-91f"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/images/default-source/icons/fha-va.svg?sfvrsn=a22aaa8_8
80.66.65.134200 OK 1.0 kB URL HTTP/1.1 rbfccu.top/images/default-source/icons/fha-va.svg?sfvrsn=a22aaa8_8
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 21b458448109c942c3dab4066eac3492
e3e10913609d8b110840c06843ae0ce02e18695e
946f137440056e21aa7187ca7cb1cc93e9d6501dbc0bddd57ae0fceb6abde085
Analyzer Verdict Alert fortinet Phishing
GET /images/default-source/icons/fha-va.svg?sfvrsn=a22aaa8_8 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 1046
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-416"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/rbfcu-logo.svg?package=Rbfcu
80.66.65.134200 OK 5.4 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/rbfcu-logo.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5383), with no line terminators
Hash 2d436455d162d3e00f0ca92055cef754
5b64a30fd987d469bd818fc8ed6a4ed89b873d02
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/rbfcu-logo.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 5383
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-1507"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/search-icon.svg?package=Rbfcu
80.66.65.134200 OK 1.2 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/search-icon.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1232), with no line terminators
Hash 4baa1b63a6f66f27c0bedb610d2038af
b9f9d31d230f33192a3ecc5f0c6c8d2f82ccb2d3
99c2b81d9134dec4bb8ac167fa5f79d29e022add00f018e38fe2b025c862c0e7
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/search-icon.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 1232
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-4d0"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
cdn.segmint.net/94eff061-4bff-4bfd-a84b-212c13bf2872.json
54.230.111.68200 OK 0 B URL HTTP/1.1 cdn.segmint.net/94eff061-4bff-4bfd-a84b-212c13bf2872.json
IP 54.230.111.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /94eff061-4bff-4bfd-a84b-212c13bf2872.json HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rbfccu.top/
Origin: https://rbfccu.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Date: Sun, 27 Nov 2022 04:19:21 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Allow-Headers: content-type
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZDDimJY9wwzyb9gviC5NVt5Ln5325ckfdxqNQ2nvo7OhjWv1bmZwfg==
rbfccu.top/images/default-source/icons/grad-cap-and-book-1.svg?sfvrsn=d004a2a8_6
80.66.65.134200 OK 2.0 kB URL HTTP/1.1 rbfccu.top/images/default-source/icons/grad-cap-and-book-1.svg?sfvrsn=d004a2a8_6
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with CRLF line terminators
Hash 4315a5ce7125ea6cb6cf8c7bf6ed8e8f
77486e5fd21a831f36474d4a3e8a22e29db0067e
329f42ac288faa0ff7618997935313d569415d120b42a9d4be3ebc43c67240fc
GET /images/default-source/icons/grad-cap-and-book-1.svg?sfvrsn=d004a2a8_6 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:20 GMT
Content-Type: image/svg+xml
Content-Length: 1981
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-7bd"
Expires: Mon, 28 Nov 2022 04:19:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash db6e0d3e826b5e702930cf39fbf804e1
de2e18ac2b0da7fd0d4a51ce0e0d7a592f46fd79
e6a8dfba7490716376cb4256d44f0a207b0c6042cd91865fa9473e5c92d195c5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5046
Cache-Control: max-age=167050
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:21 GMT
Etag: "6382bb1d-1d7"
Expires: Tue, 29 Nov 2022 02:43:31 GMT
Last-Modified: Sun, 27 Nov 2022 01:19:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 130b0f91273d30e10bbc96157409ded3
89cb19f5fa4313cd474551cb68baa1e56790c732
92722c94ce2cd91bfa72705344210a9913b86e6a1e31a8029fdb71275c14afea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127773
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:21 GMT
Etag: "63823566-1d7"
Expires: Mon, 28 Nov 2022 15:48:54 GMT
Last-Modified: Sat, 26 Nov 2022 15:48:54 GMT
Server: nginx
Content-Length: 471
rbfccu.top/images/default-source/cross-sell-ads/106-21-membersafe-500x115-prim-blue.jpg?sfvrsn=8c67a2a8_6
80.66.65.134200 OK 9.3 kB URL HTTP/1.1 rbfccu.top/images/default-source/cross-sell-ads/106-21-membersafe-500x115-prim-blue.jpg?sfvrsn=8c67a2a8_6
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 500x115, components 3\012- data
Hash 3daacd27a0395df8fcfeb4c6a4760fd3
51665566c3977031e5e3d98d60a561045499c7bf
6643ec0eedce5764552d37c144a09a44469ca1507be67cbb8ecccebad905948f
Analyzer Verdict Alert fortinet Phishing
GET /images/default-source/cross-sell-ads/106-21-membersafe-500x115-prim-blue.jpg?sfvrsn=8c67a2a8_6 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/jpeg
Content-Length: 9338
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-247a"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/images/default-source/cross-sell-ads/ret-prg-2022-backtoschool-cs-fin-(1).jpg?sfvrsn=83b6a7a8_0
80.66.65.134200 OK 32 kB URL HTTP/1.1 rbfccu.top/images/default-source/cross-sell-ads/ret-prg-2022-backtoschool-cs-fin-(1).jpg?sfvrsn=83b6a7a8_0
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x115, components 3\012- data
Hash 8b8da0bdd3557d3a6b8539407e1ac924
e732e95c69ae39f75d82bdbfe3ff5cb131d02589
1d87f1885a6ae4ba288dcffb2af640882382bb2387a5164f426ecd2e23b41767
Analyzer Verdict Alert fortinet Phishing
GET /images/default-source/cross-sell-ads/ret-prg-2022-backtoschool-cs-fin-(1).jpg?sfvrsn=83b6a7a8_0 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/jpeg
Content-Length: 31747
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-7c03"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/ehl.svg?package=Rbfcu
80.66.65.134200 OK 372 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/ehl.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (372), with no line terminators
Hash 4010dff22fb4a1c3f84a6cb2689cdb46
49238ec2889e0a9130898b2523a11b9a4122a04a
f53433449e2b3100e1bccac4981b465479615eabee1e45345c64fa1270ab7744
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/ehl.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 372
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-174"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/BluENGinsurlabel-RBFCU-Web-Blue.svg?package=Rbfcu
80.66.65.134200 OK 75 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/BluENGinsurlabel-RBFCU-Web-Blue.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c581c09a4b04f30ea42e5a1b913de48f
c00ac94bc6921dcb0f5fcca3e72c1a6d2b1cce36
dbf5aa16ec1d8d83ffb05d4524c1b6ae583b7c3f488a43e3168d9f57eec6eded
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/BluENGinsurlabel-RBFCU-Web-Blue.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 75035
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-1251b"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Facebook-Square.svg?package=Rbfcu
80.66.65.134200 OK 374 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Facebook-Square.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (374), with no line terminators
Hash 7d210e183c41b01a118a5bff8098e4b0
d51728b1aed9ad6cd2b19be0406867ef389ce471
f1f72cbfb1ccc01eda53795f1698b342ef5c6b4c8c77f78db9de93aaacb15830
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Facebook-Square.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 374
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-176"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Twitter-Square.svg?package=Rbfcu
80.66.65.134200 OK 613 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Twitter-Square.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (613), with no line terminators
Hash 1d1a0c0f0f534ee4b33abf8df3d04ab0
97e6a1c4c628265b4ea13db05e9656c0cdc4cdb0
ca4a3531049529998b53eec342ba1e1991a9524cec0b0a7227c171d5cdbbe411
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Twitter-Square.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 613
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-265"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Instagram-Square.svg?package=Rbfcu
80.66.65.134200 OK 568 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Instagram-Square.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (568), with no line terminators
Hash 980da26f6cd3c7e00b4422f93e205dbd
d94c4c0221253508f536ca43cfecd7083ec908c0
4023602e4f78ffa656deaf46e28aaaa42d8fad0ecc0af6dd66d1c5c4c0f1fb32
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/Instagram-Square.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 568
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-238"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/YouTube-Square.svg?package=Rbfcu
80.66.65.134200 OK 615 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/YouTube-Square.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (615), with no line terminators
Hash b478a683a509708937d511c5953f62c4
bc221ca379149f626b19fb6fe87483c52cfb4a85
8f8600b477459f4ff35ed0b8124476d5327bc0c28c3ef725fad774e2ccea82fe
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/YouTube-Square.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 615
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-267"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/LinkedIn-Square.svg?package=Rbfcu
80.66.65.134200 OK 609 B URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/LinkedIn-Square.svg?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (609), with no line terminators
Hash b7ff0351b57955533d63f64fd7001a78
bc43d1382a3eacb40347769b0426b6157e91bc9c
77fd1b391f16bb5c0c6ed98c746b8a6b5a6ca7c57dcc18fcb2a59ec8506c326e
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend/assets/images/_icons/LinkedIn-Square.svg?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/svg+xml
Content-Length: 609
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-261"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/app-store-badge.gif?package=Rbfcu
80.66.65.134200 OK 12 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/app-store-badge.gif?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type GIF image data, version 89a, 564 x 168\012- data
Hash 1b15a8c12aacad64cbc61172043d564f
d6896cb3c942d0a236af18e7ccc49f06654a220c
ba793b27cc193098d7c2ecafea44bc85edf7e5d4c496a5340d7177a514c93308
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/app-store-badge.gif?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 11545
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-2d19"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
cdn.segmint.net/94eff061-4bff-4bfd-a84b-212c13bf2872.json
54.230.111.68200 OK 313 B URL HTTP/1.1 cdn.segmint.net/94eff061-4bff-4bfd-a84b-212c13bf2872.json
IP 54.230.111.68:0
File type JSON data\012- , ASCII text, with very long lines (313), with no line terminators
Hash e9341da2a008ff5042fcc20411c0b8ea
8a1e1f5893d5b916b812b37dd8614a2dd1c0ca1e
613e256f21a37f0a76c644a7b9ab31b40d0ffb3994ab811c0455209cfe7570c1
GET /94eff061-4bff-4bfd-a84b-212c13bf2872.json HTTP/1.1
Host: cdn.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 313
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: PUT, POST, DELETE, GET
Access-Control-Max-Age: 3000
Last-Modified: Tue, 10 Dec 2019 20:12:20 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 27 Nov 2022 04:19:22 GMT
Cache-Control: max-age=900
ETag: "e9341da2a008ff5042fcc20411c0b8ea"
X-Cache: RefreshHit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: d7J1Ha1LMw7Bg1lleNY4E2_FShgUwPbPkiHTQDFo_ZUnqT09F2A9sg==
rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/google-play-badge.gif?package=Rbfcu
80.66.65.134200 OK 12 kB URL HTTP/1.1 rbfccu.top/Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/google-play-badge.gif?package=Rbfcu
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type GIF image data, version 89a, 564 x 168\012- data
Hash c653a4bc270ef7fc90f160a457ab8fda
5e1a1b991eb5cebfab00b2db193c67c3cf6d0b95
8e58577776c0b06f255775498eb2e749d616aa9bf2d2356de5beb24cf18c4fed
Analyzer Verdict Alert fortinet Phishing
GET /Frontend-Assembly/Telerik.Sitefinity.Frontend.Identity/assets/images/_icons/google-play-badge.gif?package=Rbfcu HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/gif
Content-Length: 11454
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-2cbe"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
www.rbfcu.org/rate/products/PREMCC/minAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/PREMCC/minAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/PREMCC/minAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:58114621-d012-4bf5-80d9-4636353154a2; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:58114621-d012-4bf5-80d9-4636353154a2|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
PersistanceCookie=!PgGk0uLrDLtttW8fAlrt/gAymWxGa1VUvnMb2P5FNykPqgVrbxcvu0cWlmT1ove69TR9uB6if4FFEzM=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:20 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit7011
rbfccu.top/images/default-source/hero/113-19-iwwd-smith-rotating-hero.jpg?sfvrsn=4ef2d6a8_6
80.66.65.134200 OK 304 kB URL HTTP/1.1 rbfccu.top/images/default-source/hero/113-19-iwwd-smith-rotating-hero.jpg?sfvrsn=4ef2d6a8_6
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=laflor], baseline, precision 8, 1500x900, components 3\012- data
Size 304 kB (303908 bytes)
Hash ea3c7d059d9e69f7a32fd3d81d068087
869cd59df9e58e2f3bd79e4832d0aba1c3305b5b
9f404c40adfccb18108d1d09adcd69e2f7252fc3b86a8fd3074e6595f773aa52
Analyzer Verdict Alert fortinet Phishing
GET /images/default-source/hero/113-19-iwwd-smith-rotating-hero.jpg?sfvrsn=4ef2d6a8_6 HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: image/jpeg
Content-Length: 303908
Last-Modified: Sat, 05 Nov 2022 04:05:28 GMT
Connection: keep-alive
ETag: "6365e108-4a324"
Expires: Mon, 28 Nov 2022 04:19:21 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
rbfccu.top/apple-touch-icon.png
80.66.65.134404 Not Found 189 B URL HTTP/1.1 rbfccu.top/apple-touch-icon.png
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a60804e8235942756aea094c2b9de7c4
e81db83478fb40e1685898f4e92980023842125c
310f8482609cbf6b93b3c350a68912748c7af326991f1345fb80efd6a76e2421
GET /apple-touch-icon.png HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
rbfccu.top/favicon-16x16.png
80.66.65.134404 Not Found 189 B URL HTTP/1.1 rbfccu.top/favicon-16x16.png
IP 80.66.65.134:0
ASN #20803 LLC Siberian Telecommunications Company
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1a7c01d46c619b06d4c6b5f8d4f6cc8a
8d56c74e1bc1e77213e8d65baf3f3200d9b1a0f8
abe2e988cac4defcbecde0705580b962750e7ff0e0af13bba2f3a8648b79ac5f
GET /favicon-16x16.png HTTP/1.1
Host: rbfccu.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/?gclid=EAIaIQobChMI2u-6jObL-wIVFVNyCh2zCAyyEAAYASAAEgKd3_D_BwE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sun, 27 Nov 2022 04:19:21 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 04:19:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 04:19:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 04:19:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 04:19:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4958
Expires: Sun, 27 Nov 2022 05:41:59 GMT
Date: Sun, 27 Nov 2022 04:19:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 23260
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 23264
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6328cb630204883d77babc9922075f1
e440f7b94b53b6e7880b26f9653b1b266aae0190
b15144c88277e24acde95b45e56fb2d237f5b1d34a9590aa5aa2741f7102a9fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8aa8094-2375-4409-9501-0fe4e50b766d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8584
x-amzn-requestid: ef9e42a9-be9d-4239-831d-4c4250b0cb8d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCKAsGTDIAMFa1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8a04-17e610e05ee024007d64c6ea;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 02:48:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yeEzjiU_qN75issum4uP2zFM3C-DlSfIm728WgTPLvfvUmT0fWf-lA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:02:07 GMT
age: 22634
etag: "e440f7b94b53b6e7880b26f9653b1b266aae0190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2212cf75f99dc67fd45db47f7101d754
4b4a8c8e8aeccfff25d2748720dcef8fed287126
7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6954
x-amzn-requestid: af6ab88e-884f-4c3f-a2ba-241d8bd04670
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8I_xG2SIAMF3xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b21fe-573bfad8002144b7637e80f0;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:00:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: icdx5uaiqsWXMMoKgOwAV4sOfVhAw7oLi79yfweIw5_1pTTzI_qm_w==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 08:41:17 GMT
age: 70684
etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 41860
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 37624
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.rbfcu.org/rate/products/CASHCC/minAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/CASHCC/minAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/CASHCC/minAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:54371758-bf22-4fa1-84ba-2765727ca9d1; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:54371758-bf22-4fa1-84ba-2765727ca9d1|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:51 GMT; Path=/; Secure
PersistanceCookie=!WaArLLPFrFIxQuZJ3apogWNvWjLRG7jAGDzcIDbSo8Eh5jp6eylyr+tTnQl7FQtwILzPdWSLZMRcj/s=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:21 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS2
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit6002
www.rbfcu.org/rate/products/PREMCC/maxAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/PREMCC/maxAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/PREMCC/maxAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:6321e957-bed1-4d08-bfe5-08b94e8d3fca; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:6321e957-bed1-4d08-bfe5-08b94e8d3fca|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
PersistanceCookie=!smRzfrz8UYFR/clAkMUA10oZ0F/2r7NT57315tBIysCMsAQ8izOOWcnjQYEoBsqet1JdsEvgztawW4M=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:22 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit4010
www.rbfcu.org/rate/products/CASHCC/maxAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/CASHCC/maxAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/CASHCC/maxAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:13f061b5-a607-4a5e-ac1f-3ddebba8fb8b; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:13f061b5-a607-4a5e-ac1f-3ddebba8fb8b|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:52 GMT; Path=/; Secure
PersistanceCookie=!vSqTEdl7KJD4LClAkMUA10oZ0F/2r+tHYyksKJaDEatrbak92aeXtl8ZT1+VO/kb/esjayAXt7GVJtc=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:21 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit4010
www.rbfcu.org/rate/products/BSMC/minAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/BSMC/minAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/BSMC/minAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:24bff2ff-1099-4410-aaf0-b81ba3b880b4; Expires=Sun, 27-Nov-22 04:19:53 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:24bff2ff-1099-4410-aaf0-b81ba3b880b4|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:53 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:53 GMT; Path=/; Secure
PersistanceCookie=!ocGVLLVM/PAoV74fAlrt/gAymWxGa/vjNeQBZzmrjXfMGLMSCw0SsQtRhlggGClpyDD6xPOFXWezr/Y=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:23 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA4
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit7011
www.rbfcu.org/rate/products/BSMC/maxAnnualRate?allDepositAccRequested=true
107.162.179.221403 Forbidden 0 B URL HTTP/1.1 www.rbfcu.org/rate/products/BSMC/maxAnnualRate?allDepositAccRequested=true
IP 107.162.179.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rate/products/BSMC/maxAnnualRate?allDepositAccRequested=true HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Content-Language: en-US
Content-Length: 0
Set-Cookie: ADRUM_BTa=R:19|g:44049b57-4291-4506-9190-206579aae5a3; Expires=Sun, 27-Nov-22 04:19:54 GMT; Path=/; Secure
ADRUM_BTa=R:19|g:44049b57-4291-4506-9190-206579aae5a3|n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634; Expires=Sun, 27-Nov-22 04:19:54 GMT; Path=/; Secure
SameSite=None; Expires=Sun, 27-Nov-22 04:19:54 GMT; Path=/; Secure
PersistanceCookie=!QEu9X56B5bvoSN/hrnwYohVdbB9C82o7XUDHN1lcD1Vh6pvN9R4+vn4V7g57S1757+4vtLtz4HFuO+A=; path=/; Httponly; Secure
Connection: Close
Date: Sun, 27 Nov 2022 04:19:23 GMT
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Via: 1.1 dca1-bit13027
connect.segmint.net/event
3.221.201.129204 No Content 0 B URL HTTP/1.1 connect.segmint.net/event
IP 3.221.201.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: connect.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rbfccu.top/
Origin: https://rbfccu.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Auth-Username, X-Auth-Password, X-Auth-New-Password, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin: https://rbfccu.top
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Sun, 27 Nov 2022 04:19:25 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Connection: keep-alive
connect.segmint.net/iframe/doughnut/en177X7n8q
3.221.201.129200 OK 307 B URL HTTP/1.1 connect.segmint.net/iframe/doughnut/en177X7n8q
IP 3.221.201.129:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 02ce68b22ad3e3b9ab80edd3f7f209e5
20dd9c9d8a9f23067154f513332560d00674b14c
5b6becaa46584413df86abc343905be57af433ac05353cf66898a3c1f6c953d2
GET /iframe/doughnut/en177X7n8q HTTP/1.1
Host: connect.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Language: en-US
Content-Type: text/html;charset=UTF-8
Date: Sun, 27 Nov 2022 04:22:42 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Set-Cookie: SegmintId=2654204eba2f4176bba7e5ccaede60f9;Path=/;SameSite=None;Secure;Domain=.segmint.net;Expires=Tue, 26-Nov-2024 04:19:25 GMT;HttpOnly
Vary: Accept-Encoding
X-Application-Context: offer-delivery:prod:7074
X-B3-Sampled: 1
X-B3-SpanId: 1cb0f316319f28f3
X-B3-TraceId: 1cb0f316319f28f3
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 307
Connection: keep-alive
connect.segmint.net/event
3.221.201.129200 OK 0 B URL HTTP/1.1 connect.segmint.net/event
IP 3.221.201.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event HTTP/1.1
Host: connect.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 115
Origin: https://rbfccu.top
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rbfccu.top
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/plain;charset=UTF-8
Date: Sun, 27 Nov 2022 04:19:25 GMT
Expires: 0
P3P: CP="This is not a P3P policy! See https://www.segmint.com/privacy.aspx for more info."
Pragma: no-cache
Server: openresty
Set-Cookie: SegmintId=dc999ab927fc45e395edb5fe209dfad4;Path=/;SameSite=None;Secure;Domain=.segmint.net;Expires=Fri, 26-Nov-2027 04:18:35 GMT;HttpOnly
X-Application-Context: site-event-receiver-service:prod:7084
Content-Length: 0
Connection: keep-alive
um.simpli.fi/segmint
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /segmint HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:25 GMT
content-type: text/html
content-length: 142
location: https://maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=46A61861ABC24FFFB8201BB2DBA5957B
set-cookie: suid=46A61861ABC24FFFB8201BB2DBA5957B; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:25 GMT; SameSite=none; Secure;
suid_legacy=46A61861ABC24FFFB8201BB2DBA5957B; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:25 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:25 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
169.50.137.176200 OK 3.1 kB URL HTTP/2 tag.simpli.fi/sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6
IP 169.50.137.176:0
File type ASCII text, with very long lines (3100)
Hash 3a865bd258edb6bd09f29f99c2cc75d9
61ff2543330d9280b58e4c56c45e1a420293dac4
173dd338673eb7e21df3c0ff3a86e0f1f752bf33468b01d1d89d09ac39e64132
GET /sifitag/ec0a3730-0bdd-0139-387d-06abc14c0bc6 HTTP/1.1
Host: tag.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:25 GMT
content-type: application/javascript; charset=utf-8
content-length: 3101
set-cookie: suid=5DCC6F07EEB84DF8AEC9174621603668; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:25 GMT; SameSite=none; Secure;
suid_legacy=5DCC6F07EEB84DF8AEC9174621603668; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:25 GMT; Secure;
x-request-id: FytWHBtq82Jzi-xpaInh
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
www.rbfcu.org/rate/products?id=PRI&id=VEHICLE&id=HOMEEQUITY&id=PREMCC&id=CER&callback=rateProductCallback
107.162.179.221200 OK 2.7 kB URL HTTP/1.1 www.rbfcu.org/rate/products?id=PRI&id=VEHICLE&id=HOMEEQUITY&id=PREMCC&id=CER&callback=rateProductCallback
IP 107.162.179.221:0
File type ASCII text, with very long lines (12986), with no line terminators
Hash 563be27cbe18271d484e6ae1c75e8fdf
43a5a976ff4f079be878af41ede3f6237c96d102
0260cbd916f712cdcf4fe934322452392cf783f37ee37c0a0f9dda45f7c4e9da
GET /rate/products?id=PRI&id=VEHICLE&id=HOMEEQUITY&id=PREMCC&id=CER&callback=rateProductCallback HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 474
Date: Sun, 27 Nov 2022 04:11:32 GMT
Content-Length: 2663
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit6002
ETag: "KXEJJEMFECTWNNTK"
ADRUM_0: g:1a233eb3-4c47-49ce-9d00-8e263ab1eb1f
ADRUM_1: n:rbfcu-pov_34981aaf-4970-4644-b5e1-273015dc6634
ADRUM_2: i:1453612
ADRUM_3: s:f
Content-Type: application/javascript
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!xnT0sSJ0rjILQCRJ3apogWNvWjLRGyYI05iZL4SO3vbeHGbZXG7iqZc5Fa+bt9B50nuczpGeC4VBBTk=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=46A61861ABC24FFFB8201BB2DBA5957B
3.221.201.129200 OK 43 B URL HTTP/1.1 maprtb.segmint.net/rtb/simpli-fi/cookie-mapper?simpli-fi-id=46A61861ABC24FFFB8201BB2DBA5957B
IP 3.221.201.129:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /rtb/simpli-fi/cookie-mapper?simpli-fi-id=46A61861ABC24FFFB8201BB2DBA5957B HTTP/1.1
Host: maprtb.segmint.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Cookie: SegmintId=dc999ab927fc45e395edb5fe209dfad4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif; charset=UTF-8
Date: Sun, 27 Nov 2022 04:19:25 GMT
Expires: 0
Pragma: no-cache
Server: openresty
X-Application-Context: cookie-mapper:prod:7077
X-B3-Sampled: 1
X-B3-SpanId: a556fed39e77d948
X-B3-TraceId: a556fed39e77d948
Content-Length: 43
Connection: keep-alive
um.simpli.fi/triplelift
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /triplelift HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://eb2.3lift.com/xuid?mid=7969&xuid=46DFB55F920F4962A92E87DF0443A080&dongle=yf3
set-cookie: suid=46DFB55F920F4962A92E87DF0443A080; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=46DFB55F920F4962A92E87DF0443A080; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/telaria_p
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /telaria_p HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://simplifi.partners.tremorhub.com/sync?UISF=F3EA64D12FC64CFDABF3D0AC19AF99DF
set-cookie: suid=F3EA64D12FC64CFDABF3D0AC19AF99DF; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=F3EA64D12FC64CFDABF3D0AC19AF99DF; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/tapad
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /tapad HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
set-cookie: suid=62BA3A01369C4D718B752CE7B26AEB7F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=62BA3A01369C4D718B752CE7B26AEB7F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ad_advisor
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ad_advisor HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=59AA76C70AE6474D9140EA5E2954B626
set-cookie: suid=59AA76C70AE6474D9140EA5E2954B626; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=59AA76C70AE6474D9140EA5E2954B626; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/intentiq
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /intentiq HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8B8831EBCD454C91AD3344A72881AF12
set-cookie: suid=8B8831EBCD454C91AD3344A72881AF12; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=8B8831EBCD454C91AD3344A72881AF12; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/pubmatic
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /pubmatic HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=D72617413CC640E3B4CE84436517E9DA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=D72617413CC640E3B4CE84436517E9DA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/freewheel
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /freewheel HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=09CDE7CD90E646CCA735BC8AEF2CC27E; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=09CDE7CD90E646CCA735BC8AEF2CC27E; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/dtnx
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /dtnx HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;
set-cookie: suid=21149297422B445C86451BE1AAAAE782; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=21149297422B445C86451BE1AAAAE782; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/exelatem
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /exelatem HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=798DF14766AE4CB59D1105C12FD83928&j=0
set-cookie: suid=798DF14766AE4CB59D1105C12FD83928; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=798DF14766AE4CB59D1105C12FD83928; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/yahoo
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /yahoo HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=3F426DEBBDEF4F2297EE90A56CE8F781; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=3F426DEBBDEF4F2297EE90A56CE8F781; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/beachfront
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /beachfront HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://sync.bfmio.com/sync?pid=141&uid=27065E1A9B154CFC94F669165E54BB5F
set-cookie: suid=27065E1A9B154CFC94F669165E54BB5F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=27065E1A9B154CFC94F669165E54BB5F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/bluekai
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /bluekai HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://stags.bluekai.com/site/29931?id=37DC6799C43A49B886785F3A15F53EAA
set-cookie: suid=37DC6799C43A49B886785F3A15F53EAA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=37DC6799C43A49B886785F3A15F53EAA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/crwdcntrl
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /crwdcntrl HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B14737E9622B4519B2E627556415861F
set-cookie: suid=B14737E9622B4519B2E627556415861F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=B14737E9622B4519B2E627556415861F; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/lj_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /lj_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://ce.lijit.com/merge?pid=2&3pid=82C60E07E4E248AA8D52D49B059126E5
set-cookie: suid=82C60E07E4E248AA8D52D49B059126E5; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=82C60E07E4E248AA8D52D49B059126E5; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/liveramp_match
35.204.74.118302 Found 142 B URL HTTP/2 um.simpli.fi/liveramp_match
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /liveramp_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://idsync.rlcdn.com/419566.gif?partner_uid=07FCE653E78A4B819C7AA60D33D284A2
set-cookie: suid=07FCE653E78A4B819C7AA60D33D284A2; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=07FCE653E78A4B819C7AA60D33D284A2; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/spotx_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /spotx_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D
set-cookie: suid=333EEB559B504AF5ACE4BC48886F696D; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=333EEB559B504AF5ACE4BC48886F696D; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7106558cabb7265be8f5d5e6c9320c8
122cb16bb0ad18bac3a89771e43e9d7e6d5842ac
43e46d3bbea748fd7ca4300afc1ab9b0956c44a33696464e880cf6c288ea0dad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/an
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /an HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://ib.adnxs.com/setuid?entity=66&code=2EC755F880E34AF2A2EC2389DA948CFA
set-cookie: suid=2EC755F880E34AF2A2EC2389DA948CFA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=2EC755F880E34AF2A2EC2389DA948CFA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/rb_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3ED3004A9FC459799AC04EFC6EF05FA&expires=365
set-cookie: suid=A3ED3004A9FC459799AC04EFC6EF05FA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=A3ED3004A9FC459799AC04EFC6EF05FA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
um.simpli.fi/ox_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /ox_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=11AC14904DA54429AA17931372BA6DFF
set-cookie: suid=11AC14904DA54429AA17931372BA6DFF; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=11AC14904DA54429AA17931372BA6DFF; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8B8831EBCD454C91AD3344A72881AF12
143.204.55.102403 Forbidden 986 B URL HTTP/2 sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8B8831EBCD454C91AD3344A72881AF12
IP 143.204.55.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f2e629e2eba93b9d8f534e4ae7e2c78e
2ea4b631ea85cd0f8e5d06268d91d37c487ea9b3
31a666742322adf1fa4c6da8038c3e4ab58efd7e493c98fe3e159a8ebc017b21
GET /profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8B8831EBCD454C91AD3344A72881AF12 HTTP/1.1
Host: sync.intentiq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: CloudFront
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 986
x-cache: Error from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xr3aOl8fNzOo98UxhTVZZQuRCzapP2YJvjrcCgMHd_CwxWfZb-fAEg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/1026675585/?random=1669522766023&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
142.250.74.2302 Found 42 B URL HTTP/2 www.googleadservices.com/pagead/conversion/1026675585/?random=1669522766023&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/conversion/1026675585/?random=1669522766023&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
location: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&sscte=1&crd=
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
142.250.74.98302 Found 296 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0103dd025950e32d5eb84f8e72ddb997
9ddb94b670f62f21ddee3157f2ad97d122bf8248
ad325fee7bf9ae842aa1ea62cadbd134bf6590eaa84413165b1b7c6f4e5afd0d
GET /pixel?google_nid=simplifi&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 296
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 04:34:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash e81e279270628107023948bed347d670
a5080a28d51bc22ed6a7d23650786a7971ca0182
1a815dfe6f083b5f3469ebe25ff22fb83c480deb4caf77ae851a0449bc6613cc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3697
Cache-Control: max-age=97982
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "6381b29b-2d7"
Expires: Mon, 28 Nov 2022 07:32:28 GMT
Last-Modified: Sat, 26 Nov 2022 06:30:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 727
cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
142.250.74.98302 Found 248 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 90f3317c598426fe1c249b0cc4845475
72856fffdc53e9e630c38bbd9b4fe04afb72015a
2d722b67473e8cf5282435d3608e9a9fe2092279aceaf9d88d4b89fecac69c8b
GET /pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://um.simpli.fi/g_match?id=&google_error=3
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 903f30ae0d572a3e826035822357c72a
f27df3b8fcabf5785b9d4ab85496250f0d12acf0
80632d2682fa6b99e7158d49d43bc081ba2223499a2db0a892bcc2404e79344a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4527
Cache-Control: max-age=90152
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "638190c7-1d7"
Expires: Mon, 28 Nov 2022 05:21:58 GMT
Last-Modified: Sat, 26 Nov 2022 04:06:31 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/g_match?id=&google_error=3
35.204.74.118204 No Content 0 B URL HTTP/2 um.simpli.fi/g_match?id=&google_error=3
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /g_match?id=&google_error=3 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 04:19:26 GMT
set-cookie: suid=2412A27E35AC407EB84481D06C4A5FDA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=2412A27E35AC407EB84481D06C4A5FDA; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
expires: Sat, 26 Nov 2022 04:19:26 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4df9aa0bf5190c09bfc15ad3b133a1c2
f2a0852de7dc7a207baa6db60425088de7802574
a780c658d4f4b2208ed52450bd301343b8997a9356f977a8e24d8ad796c84790
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 22:10:17 GMT
Expires: Sat, 03 Dec 2022 22:10:16 GMT
Etag: "f2a0852de7dc7a207baa6db60425088de7802574"
Cache-Control: max-age=602941,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 583
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770810c98e0c1c12-OSL
pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 04:19:26 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669522766318;Expires=Thu, 26 Jan 2023 04:19:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=e46d9611-b3de-4fb8-8e84-4fa931d91173;Expires=Thu, 26 Jan 2023 04:19:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash deea1bc5026bcd8bd4a914c965b2b2e5
60d442e7b2fed856774fb1b03f61dd976870591c
31248c34500452b10681ace5bbd87a4deb65c4b4431f061a031b1fad3f127f51
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Last-Modified: Sun, 27 Nov 2022 02:57:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash fb9d047c90df2a868dd38e174f835196
0f62dd56a92ea3c9a56f84dde30c8231e41ab3cb
cfd8adae88ae6853be558e5903e077f83f6d5c5dce1fe2574d4846f39e36c716
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119620
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "63820e22-1d7"
Expires: Mon, 28 Nov 2022 13:33:06 GMT
Last-Modified: Sat, 26 Nov 2022 13:01:22 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L_QYgWcv0cZCxltWgc0g6BqQGKQmDA4qOcQsWVKScyrvs97sfNkWGA==
Age: 1904
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f39102a6340bb2fd8c961680d4058687
ddb18aa541e869773f4b396894bcaa17a302c1b7
e7b8f4a2903c81045b0795ce1aea1298807b394ea85548f7f97e635e9cf65a2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2168
Cache-Control: max-age=163417
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "6382b82f-1d7"
Expires: Tue, 29 Nov 2022 01:43:03 GMT
Last-Modified: Sun, 27 Nov 2022 01:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=594808,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770810c98ce2b4f4-OSL
eb2.3lift.com/xuid?mid=7969&xuid=46DFB55F920F4962A92E87DF0443A080&dongle=yf3
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=7969&xuid=46DFB55F920F4962A92E87DF0443A080&dongle=yf3
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=7969&xuid=46DFB55F920F4962A92E87DF0443A080&dongle=yf3 HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
35.227.248.159200 OK 95 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F
IP 35.227.248.159:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /idsync/ex/receive/check?partner_id=2305&partner_device_id=62BA3A01369C4D718B752CE7B26AEB7F HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1669522766364;Expires=Thu, 26 Jan 2023 04:19:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=378f176a-77c9-4332-b1e9-f7c0931a7ad0;Expires=Thu, 26 Jan 2023 04:19:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_3WAY_SYNCS=;Expires=Thu, 26 Jan 2023 04:19:26 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
content-type: image/png
content-length: 95
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;
107.178.240.89302 Found 0 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;
IP 107.178.240.89:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img; HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-5.c.datonics-gcp-01.internal
set-cookie: anProfile="1+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rlzo0e)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
location: https://fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;sr
content-type: image/gif
content-length: 0
date: Sun, 27 Nov 2022 04:19:25 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
stags.bluekai.com/site/29931?id=37DC6799C43A49B886785F3A15F53EAA
23.38.201.22200 OK 62 B URL HTTP/2 stags.bluekai.com/site/29931?id=37DC6799C43A49B886785F3A15F53EAA
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/29931?id=37DC6799C43A49B886785F3A15F53EAA HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 27 Nov 2022 04:19:26 GMT
set-cookie: bku=blx99WfkQZ10jNzu; Path=/; Domain=.bluekai.com; Expires=Sat, 27 May 2023 04:19:26 GMT; Secure; SameSite=None
bkpa=KJy9nyexd02pSUHknp/8mE1hwtkAwE1lHW1tBpA8xpxpxEx8xMQTBMzTBDRpxEWNHMDpHDaO9y9GQ9rr; Path=/; Domain=.bluekai.com; Expires=Sat, 27 May 2023 04:19:26 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3ED3004A9FC459799AC04EFC6EF05FA&expires=365
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=A3ED3004A9FC459799AC04EFC6EF05FA&expires=365
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=A3ED3004A9FC459799AC04EFC6EF05FA&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us-u.openx.net/w/1.0/sd?id=537072966&val=11AC14904DA54429AA17931372BA6DFF
35.244.159.8200 OK 43 B URL HTTP/2 us-u.openx.net/w/1.0/sd?id=537072966&val=11AC14904DA54429AA17931372BA6DFF
IP 35.244.159.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /w/1.0/sd?id=537072966&val=11AC14904DA54429AA17931372BA6DFF HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 43
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1d5d1af46a4b6353b7788da51ca03fa0
e4481a65a88110abe2a99abfab2a7a8e16524b1b
882c37f62fd31e710a692402bb57c15ce430296f3f77fb4bf518ad20f720e8fa
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5648
Cache-Control: max-age=163663
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "6382ab8d-1d7"
Expires: Tue, 29 Nov 2022 01:47:09 GMT
Last-Modified: Sun, 27 Nov 2022 00:13:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/setuid?entity=66&code=2EC755F880E34AF2A2EC2389DA948CFA
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=66&code=2EC755F880E34AF2A2EC2389DA948CFA
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=66&code=2EC755F880E34AF2A2EC2389DA948CFA HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EC755F880E34AF2A2EC2389DA948CFA
AN-X-Request-Uuid: 97126286-9b50-4d30-aa9b-da2f349978be
Set-Cookie: uuid2=6130241815319644511; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 25-Feb-2023 04:19:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&sscte=1&crd=
142.250.74.66302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&sscte=1&crd=
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&sscte=1&crd= HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 27-Nov-2022 04:34:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
idsync.rlcdn.com/419566.gif?partner_uid=07FCE653E78A4B819C7AA60D33D284A2
35.244.174.68451 Unavailable For Legal Reasons 0 B URL HTTP/2 idsync.rlcdn.com/419566.gif?partner_uid=07FCE653E78A4B819C7AA60D33D284A2
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /419566.gif?partner_uid=07FCE653E78A4B819C7AA60D33D284A2 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
date: Sun, 27 Nov 2022 04:19:26 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 4b082616106f6db654d1ff627fca5fc9
07fa925b5174c26e3099a217df26a6c2012dd45c
2fd963b26e766cdd270a978ee1bc20739f2b5ce86b40f602798c3cd984ab3a86
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 21:46:29 GMT
Expires: Sun, 27 Nov 2022 21:46:29 GMT
ETag: "07fa925b5174c26e3099a217df26a6c2012dd45c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 903f30ae0d572a3e826035822357c72a
f27df3b8fcabf5785b9d4ab85496250f0d12acf0
80632d2682fa6b99e7158d49d43bc081ba2223499a2db0a892bcc2404e79344a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4527
Cache-Control: max-age=90152
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "638190c7-1d7"
Expires: Mon, 28 Nov 2022 05:21:58 GMT
Last-Modified: Sat, 26 Nov 2022 04:06:31 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D
185.94.180.125302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=addf5909-6e0a-11ed-bc85-14f0ef8b0206; expires=Sun, 25-Dec-2022 04:19:26 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D&__user_check__=1&sync_id=addf5942-6e0a-11ed-bc85-14f0ef8b0206
X-fe: 101
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;sr
107.178.240.89200 OK 43 B URL HTTP/2 fei.pro-market.net/engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;sr
IP 107.178.240.89:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 968c3ad2c1183fee0bf0dd479f7904b7
1d770800ecb05eb9133f9b51620c9e4349656859
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
GET /engine?du=24;csync=21149297422B445C86451BE1AAAAE782;mimetype=img;sr HTTP/1.1
Host: fei.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s2=(rlzo0e)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: image/gif
content-length: 43
date: Sun, 27 Nov 2022 04:19:26 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0479fd745c231fc5540d290e4af08485
68f46c568af79fa579245f7552da81dcd424ea74
d497de69c2538dc809ea91dbe01f5ea92cd9e8b87d7d05e7e20e28f75b6c5e4b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4774
Cache-Control: max-age=129308
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "638228c5-1d7"
Expires: Mon, 28 Nov 2022 16:14:34 GMT
Last-Modified: Sat, 26 Nov 2022 14:55:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B14737E9622B4519B2E627556415861F
3.248.87.83404 Not Found 49 B URL HTTP/2 bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B14737E9622B4519B2E627556415861F
IP 3.248.87.83:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /map/c=7625/tp=SIMP/tpid=B14737E9622B4519B2E627556415861F HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 49
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.3.204
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D&__user_check__=1&sync_id=addf5942-6e0a-11ed-bc85-14f0ef8b0206
185.94.180.125200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D&__user_check__=1&sync_id=addf5942-6e0a-11ed-bc85-14f0ef8b0206
IP 185.94.180.125:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7797&uid=333EEB559B504AF5ACE4BC48886F696D&__user_check__=1&sync_id=addf5942-6e0a-11ed-bc85-14f0ef8b0206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=ade640fe-6e0a-11ed-9195-1ab0ad8d0306; expires=Sun, 25-Dec-2022 04:19:26 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 105
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
loadm.exelator.com/load/?p=204&g=2191&simid=798DF14766AE4CB59D1105C12FD83928&j=0
34.254.143.3204 No Content 0 B URL HTTP/2 loadm.exelator.com/load/?p=204&g=2191&simid=798DF14766AE4CB59D1105C12FD83928&j=0
IP 34.254.143.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load/?p=204&g=2191&simid=798DF14766AE4CB59D1105C12FD83928&j=0 HTTP/1.1
Host: loadm.exelator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 27 Nov 2022 04:19:26 GMT
cache-control: no-cache
x-powered-by: Undertow/1
access-control-allow-credentials: true
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a82da2ec7ca139bc36aba8e1f233e79b
cecb2512d9a619e480f763fea2e07226480f840b
7b05db9f8880920fa7e48131b8b5db8afb1eff6db80b84673533909e35653212
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 27 Nov 2022 04:19:26 GMT
Last-Modified: Sun, 27 Nov 2022 02:48:58 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZMv3IbdZblE9m01VOuo2CQ0i6oCxf1UoTQbBE3mBLgInnnO9RFOqeQ==
Age: 5428
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash deea1bc5026bcd8bd4a914c965b2b2e5
60d442e7b2fed856774fb1b03f61dd976870591c
31248c34500452b10681ace5bbd87a4deb65c4b4431f061a031b1fad3f127f51
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Last-Modified: Sun, 27 Nov 2022 02:57:02 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EC755F880E34AF2A2EC2389DA948CFA
185.89.210.141200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EC755F880E34AF2A2EC2389DA948CFA
IP 185.89.210.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D66%26code%3D2EC755F880E34AF2A2EC2389DA948CFA HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 58e6adcc-a1a8-470e-8a3d-710574d8abf5
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2C$MqP_+_!]tbPl1N!7On*M$=BWc#l#g-/h/1C8jd'lkh/cNJCyA*cq2LEoDhCa=0zjXVuHh)yP(hw9P-HC_#ttA@)ADkC; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 25-Feb-2023 04:19:26 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 3003bce498e3cd4a1b38da7480ca41c1
124415f3b9a1c1aa39988f467a6f139e21770c77
91856397f6eafd29ef9c20207c8cae625ff0a8b86f26d2a84c1f21044e3b38b8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 26 Nov 2022 20:47:49 GMT
Expires: Sun, 27 Nov 2022 20:47:49 GMT
ETag: "124415f3b9a1c1aa39988f467a6f139e21770c77"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 30f833b25d6e5af2229d9584c6f6cf97
ee79c3fa994d53c1d0687ca61353d63cce459e25
1bc091991c4663dbc86ae735e47ddc3e887a24661050ad9f24b8d458bfd11a6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d.agkn.com/pixel/10751/?che=1669522766365&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219793204348000224094
54.170.16.174302 Found 0 B URL HTTP/1.1 d.agkn.com/pixel/10751/?che=1669522766365&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219793204348000224094
IP 54.170.16.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/10751/?che=1669522766365&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219793204348000224094 HTTP/1.1
Host: d.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache, must-revalidate
Date: Sun, 27 Nov 2022 04:19:25 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://um.simpli.fi/aa_px?sk=219793204348000224094
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3A9r1vubyWU8ApiMWYt18bwKseRKCI7Co%2B;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
u=C|0AAArFaHOKxWhzgAAAAAA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length: 0
Connection: keep-alive
ce.lijit.com/merge?pid=2&3pid=82C60E07E4E248AA8D52D49B059126E5
216.52.2.30204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=2&3pid=82C60E07E4E248AA8D52D49B059126E5
IP 216.52.2.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=2&3pid=82C60E07E4E248AA8D52D49B059126E5 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 27 Nov 2022 04:19:26 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap6ams1
www.google.com/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885&ipr=y&prhg=0
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
um.simpli.fi/aa_px?sk=219793204348000224094
35.204.74.118302 Found 142 B URL HTTP/2 um.simpli.fi/aa_px?sk=219793204348000224094
IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /aa_px?sk=219793204348000224094 HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: text/html
content-length: 142
set-cookie: suid=1534D8177DAD41A797AE86A127507616; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=1534D8177DAD41A797AE86A127507616; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
location: /empty.gif
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8d6c73fe9dc6ce645627e0a8c76546ba
d187cc3372c285b5fe51d30e65cacd6b0629375b
e01124b1c9fbe36d0e7f054bba266caea6494b8b66e8997f7438a6811ed9639d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=136950
Date: Sun, 27 Nov 2022 04:19:26 GMT
Etag: "63824a7d-1d7"
Expires: Mon, 28 Nov 2022 18:21:56 GMT
Last-Modified: Sat, 26 Nov 2022 17:18:53 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vV1bqnXctAGjzwr3ww0KCRtNyfNIROTlj8DlA9TQMEenEwj12wYfCw==
Age: 3783
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e922b25acaba2d7f8921ebe973a4b261
5dd4c237c84a652cbcf3db163529f3788ceafc46
a7856c7777aa01b671ddae097494f2b031cbbddc7b244fe8714a8c02b85d8589
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
um.simpli.fi/empty.gif
35.204.74.118200 OK 43 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /empty.gif HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
set-cookie: suid=CC509694CCC043A7A553C16F4CB03D19; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=CC509694CCC043A7A553C16F4CB03D19; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885&ipr=y&prhg=0
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885&ipr=y&prhg=0
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-conversion/1026675585/?random=414482336&cv=7&fst=1669522766023&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=TuWCY6eQCoSp7gSAgo7QCA&random=3990533885&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 04:19:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.bfmio.com/sync?pid=141&uid=27065E1A9B154CFC94F669165E54BB5F
54.205.71.136204 0 B URL HTTP/1.1 sync.bfmio.com/sync?pid=141&uid=27065E1A9B154CFC94F669165E54BB5F
IP 54.205.71.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=141&uid=27065E1A9B154CFC94F669165E54BB5F HTTP/1.1
Host: sync.bfmio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Date: Sun, 27 Nov 2022 04:19:25 GMT
Set-Cookie: __141_cid=27065E1A9B154CFC94F669165E54BB5F; Domain=.bfmio.com; Expires=Mon, 27-Nov-2023 04:19:26 GMT; Path=/
__io_cid=8c6854f0367a67324bb657ac88f915a46e62b7da; Domain=.bfmio.com; Expires=Mon, 27-Nov-2023 04:19:26 GMT; Path=/
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 04:19:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash ca2206b6f7cbdb64d7f538591385ed32
597c7ea3483bd3a6e65716106fde158e03d55970
43c26ba30720e9537cc189beefe7dc98f9c847fc4007372bbd45a7083127d207
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 04:19:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 01:42:56 GMT
Expires: Sun, 04 Dec 2022 01:42:55 GMT
Etag: "597c7ea3483bd3a6e65716106fde158e03d55970"
Cache-Control: max-age=594808,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770810cabd65b4f4-OSL
fonts.googleapis.com/css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
IP 142.250.74.10:0
GET /css?family=Lato|Open+Sans|Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rbfccu.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 04:19:20 GMT
date: Sun, 27 Nov 2022 04:19:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
169.50.137.176200 OK 0 B URL HTTP/2 i.simpli.fi/p?cid=283320&cb=sifi_att_27612299117._hp
IP 169.50.137.176:0
GET /p?cid=283320&cb=sifi_att_27612299117._hp HTTP/1.1
Host: i.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://connect.segmint.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: application/javascript; charset=UTF-8
set-cookie: suid=EA36D03E36AC4B5CAB6C691A2288C3F5; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; SameSite=none; Secure;
suid_legacy=EA36D03E36AC4B5CAB6C691A2288C3F5; Path=/; domain=simpli.fi; Expires=Tue, 28-Nov-23 04:19:26 GMT; Secure;
uid_syncd=true; path=/; expires=Sun, 04 Dec 2022 04:19:26 GMT; domain=.simpli.fi; secure
uid_syncd_secure=true; path=/; expires=Sun, 04 Dec 2022 04:19:26 GMT; domain=.simpli.fi; samesite=none; secure
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache, no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=59AA76C70AE6474D9140EA5E2954B626
54.76.86.77302 Found 0 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=59AA76C70AE6474D9140EA5E2954B626
IP 54.76.86.77:0
GET /adscores/g.pixel?sid=9201915418&sifi_uid=59AA76C70AE6474D9140EA5E2954B626 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 04:19:26 GMT
location: https://d.agkn.com/pixel/10751/?che=1669522766365&ip=91.90.42.154&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219793204348000224094
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
set-cookie: ab=0001%3AyxRuuyGSKt%2FK33nzPGqduI52%2F59O5L9H; Path=/; Domain=.agkn.com; Expires=Mon, 27-Nov-2023 04:19:26 GMT; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
simplifi.partners.tremorhub.com/sync?UISF=F3EA64D12FC64CFDABF3D0AC19AF99DF
18.207.5.163200 OK 0 B URL HTTP/2 simplifi.partners.tremorhub.com/sync?UISF=F3EA64D12FC64CFDABF3D0AC19AF99DF
IP 18.207.5.163:0
GET /sync?UISF=F3EA64D12FC64CFDABF3D0AC19AF99DF HTTP/1.1
Host: simplifi.partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://connect.segmint.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 04:19:26 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2