r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12462
Expires: Mon, 28 Nov 2022 12:22:40 GMT
Date: Mon, 28 Nov 2022 08:54:58 GMT
Connection: keep-alive
rewardusacenter.com/
301 Moved Permanently 134 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Mon, 28 Nov 2022 08:54:58 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://rewardusacenter.com:443/
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3858
Cache-Control: max-age=96033
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:54:58 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:35:31 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11166
Expires: Mon, 28 Nov 2022 12:01:04 GMT
Date: Mon, 28 Nov 2022 08:54:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 08:17:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2232
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X8iA8pJhLs79A3oTq6Zeotpos/1pZ9aK8xrYl3OSmUe9dH9xsavhNmwaByKyctG+o3H8ijdNq8U=
x-amz-request-id: 26BSD9C4Z80CXE0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 08:41:59 GMT
age: 779
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 08:54:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 00c99511ab64c8d9d9ba8207f36ae65a
9d565993da23088667280f3e04e512d02a73012d
a63516a2184c7abcd06f878f83a8ba42e116f46f1608d3b5fa004b95524b946f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 08:54:58 GMT
Etag: "6382db74-1d7"
Last-Modified: Mon, 28 Nov 2022 08:12:18 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zyjb8M68TgFg3X9Pq_RE5zPFhpTbcrGKWPTvgZ6CwKbI2ioLoMWRxw==
Age: 2560
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 08:08:55 GMT
cache-control: public,max-age=3600
age: 2763
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
rewardusacenter.com/
302 Found 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: rewardusacenter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 08:54:58 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=rewardusacenter.com
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1371
Cache-Control: max-age=88485
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:54:58 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:29:43 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash b2a035e007490f768a2e2e2c83abb2be
ff0b45489087aee02f1f50ffc3d76a4b7051309f
a75b0b01ab5bf49e1fa914445316b7b5aa6cb21f3aa6b3688fe9ed9e0eed2018
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108716
Date: Mon, 28 Nov 2022 08:54:58 GMT
Etag: "63837d0e-1d7"
Expires: Tue, 29 Nov 2022 15:06:54 GMT
Last-Modified: Sun, 27 Nov 2022 15:06:54 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -ERKfQngSdokB3UV4T9vzvHDT8G4RPoZ-_2XNs7OEhL1jSI8J4u09g==
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: q5VrtnOIBeOIEOatr8QUpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: n0jzXDzXn31v0N4lagUYmw78XoA=
amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=rewardusacenter.com
302 Found 0 B URL HTTP/2 amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=rewardusacenter.com
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clk.php?c=7749&p=504&s1=lead_root&s2=rewardusacenter.com HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 08:54:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
200 OK 171 B URL HTTP/2 amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
IP
File type HTML document, ASCII text, with no line terminators
Hash c4b1cf251c0be3832a07e18516673372
faabecdd6a8c7ac6c1295c11f507f58bd3ad6795
d0c8a959f27128d0ae4e2d2367f0098ba7df9d164651e2f99f163d6d4a28c00e
GET /x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 08:54:59 GMT
content-type: text/html; charset=UTF-8
content-length: 171
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ci_session=c6h0rgrl6nr23kib2sqs0vf0vbk91j69; expires=Mon, 28-Nov-2022 10:54:59 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Mon, 28-Nov-2022 09:54:59 GMT; Max-Age=3600
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
302 Found 0 B URL HTTP/2 amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amclicks.com/x/7749/504/0/lead_root/rewardusacenter.com/0/0/0/0/
Cookie: ref=1; ci_session=c6h0rgrl6nr23kib2sqs0vf0vbk91j69
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 08:54:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 9e3ab15a8a2e9860ab579df31b7f22c2
444fc9686c7cccd8ec1b3dcb42f64f8d9172d17c
b6564f98823e685e538a64485a9f8f4ea51b9bc096254a1117e107385aacf86e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 28 Nov 2022 08:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 27 Nov 2022 21:28:51 GMT
Expires: Mon, 28 Nov 2022 21:28:51 GMT
ETag: "444fc9686c7cccd8ec1b3dcb42f64f8d9172d17c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
200 OK 3.3 kB URL HTTP/1.1 www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash ea21e80047ae31fadd771c3872affcf0
586a02df6dd4e10e8048b5b4f40424face594d8a
0f14935670e8da30b99e48445db406d3a4636760840c78a4ae543c2ebd1e763b
GET /mof?sid=1148&affid=123036&SubID=lead_root0 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amclicks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 3307
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 08:54:59 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2999
Cache-Control: max-age=130804
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:55:00 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:15:04 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
200 OK 5.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
IP
File type ASCII text, with very long lines (17117)
Hash c418dbc7ffcf6d7874db7ce864797577
7b2351ed37568cb0a9edf82c5fea0a4c1b9fe161
2c571556f8548fcea79358c058c978e076a37d2053ff7e5424f30a26ddd00b68
GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 08:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1083708
expires: Sat, 18 Nov 2023 08:55:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlGxzKQt%2Fb6pgrpsQ7Ei7Pn%2BNHRvI1brVDYn4YCl%2FonNQfGJamNnyrR4xyW2%2BEeTaNOkFDXHGwYHxBre4LCCH1jO8K5DtNOOECPLqcEX6%2BImjDtZ50qApDkm%2Bz1UsDQVqWA2eevr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7711e1d20edab4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.4.1.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.myopportunityfinder.com
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 08:55:00 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669625700.dop201.sk1.t,1669625700.cds258.sk1.hn,1669625700.cds201.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c621d4c62f1b73d7db42f083617dc8db
1a78ba537afba7aea6308288c5c41c90de74b3ba
d7b3c5b2e9ea4ad8e5c33649a912d471545651f643b62238beb7d33188146322
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2999
Cache-Control: max-age=130804
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:55:00 GMT
Etag: "6383c7a1-118"
Expires: Tue, 29 Nov 2022 21:15:04 GMT
Last-Modified: Sun, 27 Nov 2022 20:25:05 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
code.jquery.com/ui/1.12.0/jquery-ui.min.js
200 OK 68 kB URL HTTP/2 code.jquery.com/ui/1.12.0/jquery-ui.min.js
IP
File type ASCII text, with very long lines (32250)
Hash a257d0a44a0014ef5df8ddfb80e1697d
1ddbfaf50ca09db89086968547001195d44e1dd0
99d860f10b05d73c37c5ee28d7a02c6664a38cc2a77c99304bbfca73c28b09a7
GET /ui/1.12.0/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 08:55:00 GMT
content-encoding: gzip
content-length: 67684
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-3ddc9"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669625700.dop203.sk1.t,1669625700.cds205.sk1.hn,1669625700.cds256.sk1.c
X-Firefox-Spdy: h2
www.myopportunityfinder.com/Content/new_styles/base.css
200 OK 335 B URL HTTP/1.1 www.myopportunityfinder.com/Content/new_styles/base.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash eb562314cb3c00b7493623b4eb108d48
3f1feef223c72008b7cf3d3ca0995de50c471048
44c3ea237786ae420ef6badc7e3e6c4e5651682b8ede8a8d5fb0c58c9a1f9cde
GET /Content/new_styles/base.css HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 335
Content-Type: text/css
Date: Mon, 28 Nov 2022 08:54:59 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5559535e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/checkbox-popup.css?v=1
200 OK 787 B URL HTTP/1.1 www.myopportunityfinder.com/Content/checkbox-popup.css?v=1
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 4e7ff340d8e7bef19b56ce98b01f87da
d37574b6482f8c2668a05985f0fda3c681b7b038
4ee97ef945df6a99eb9814df688874fbf8eca7034bd1e3e8dac5866a4aa06072
GET /Content/checkbox-popup.css?v=1 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 787
Content-Type: text/css
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e419d88bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8937
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 08:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8937
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 08:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8937
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 08:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8937
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 08:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8937
Expires: Mon, 28 Nov 2022 11:23:57 GMT
Date: Mon, 28 Nov 2022 08:55:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 39485
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 39224
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e240caa3153ea25c34d07185b47f8a5
602e8ba5c6671ff947acfda757577ddc8ecec6ec
c2b37bf1ef003ceffaaf4612f2001b6f7998d5b95cd55b32c79fefcb24ccad7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff6b6f2-e6dd-4654-9894-50de6f502f83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11255
x-amzn-requestid: ce06e0cc-3874-4a3d-a6c5-5cc1cb342138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7w8EEOIAMF_6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99f-5ca652aa369ee1690b0d08cc;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0diXekmaxz0zbwy1wShePUxsvtC59YoEPcLJmS_ql6uKG0MtqbxbeQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:03:04 GMT
age: 39116
etag: "602e8ba5c6671ff947acfda757577ddc8ecec6ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 39214
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P0Nx-FcvcV-f5cRPwZr5sEMb8pH3AoYFr185q_D0X2bE7z40nDn91w==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 39836
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:20:34 GMT
age: 38066
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js
200 OK 1.9 kB URL HTTP/1.1 www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with very long lines (2082), with CRLF line terminators
Hash dffe9061db61dcd898cf1dc412271657
96206d7492995f396af774bb215e0294cf6facc2
6d5adec8795ced34375c53a368a6e20f0679a226ed2c26e371717a249808b345
GET /Scripts/detectmobilebrowsers.com.js HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1909
Content-Type: application/x-javascript
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "848c835e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/nitro_darker.png
200 OK 7.6 kB URL HTTP/1.1 www.myopportunityfinder.com/Content/nitro_darker.png
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 226 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash f95ab421fc0ba6fc4222ebd80ec0ffaa
6ec24ed7c66e5e1e8dc87bd1410505bff4e77589
e500f21c08856d09d89aa3cf6d85afac7c4fad1baac5ad4f74f28de8dcbd6e25
GET /Content/nitro_darker.png HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 7554
Content-Type: image/png
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "6f83d97154d2d71:0"
Last-Modified: Fri, 05 Nov 2021 14:50:15 GMT
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/images/loading_black.gif
200 OK 56 kB URL HTTP/1.1 www.myopportunityfinder.com/Content/images/loading_black.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 200 x 200\012- data
Hash c2691bd5de228f7ca2d9cdbe27412e22
788900bba262a46dffa7cc57b8c2f4f883a71870
8e6286fbbc036d1a8c62a4445cb8521c3c9c0cf09b504152086ea9168e248222
GET /Content/images/loading_black.gif HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 56524
Content-Type: image/gif
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "86a2dc8bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
X-Powered-By: ASP.NET
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 08:41:08 GMT
expires: Mon, 28 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 832
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 08:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gonitrotrack.com/Api/Tracking/Track?emailAddress=0
201 Created 63 B URL HTTP/1.1 www.gonitrotrack.com/Api/Tracking/Track?emailAddress=0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash e284fc280b926168d8b59ebfd4242b6a
b4744a62e9467512c8c406dab656a14aec1d7250
229a4f757e3e222c06e7e1a5ead299fcd90d506896b7d9eb7eb3e1f51764d6de
GET /Api/Tracking/Track?emailAddress=0 HTTP/1.1
Host: www.gonitrotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.myopportunityfinder.com
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 201 Created
Content-Length: 63
Content-Type: text/plain; charset=utf-8
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.myopportunityfinder.com
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: TrackingCookie=Email=0&Unique=7cb5112a-f10f-46a4-a3d5-e229c6c209cf; expires=Tue, 28 Nov 2023 08:55:00 GMT; path=/;SameSite=None;; secure
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
200 OK 3.9 kB URL HTTP/1.1 www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (615), with CRLF, LF line terminators
Hash ecd220556ec64f97f397a12c28daa994
3966f7a88b4974bb8559a7701175646597f05253
14a55e071182d12fd44def55352050a62d322064f614f820e13fb21771465ef0
GET /mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 3855
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3; path=/; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Scripts/nitro.min.js?v=4
200 OK 1.2 kB URL HTTP/1.1 www.myopportunityfinder.com/Scripts/nitro.min.js?v=4
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (3247), with no line terminators
Hash 6e1e1caebb445afa4bc2e9ae7b4300a7
b1d422038c5fe33dd542092cb24a04aad3b57ade
bada81f6cc96db4783cd12c075ce377f8d8c2092f900af07ff2342abb1d8a174
GET /Scripts/nitro.min.js?v=4 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1; ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 1161
Content-Type: application/x-javascript
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "01bcc8bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/nitro.css
200 OK 2.1 kB URL HTTP/1.1 www.myopportunityfinder.com/Content/nitro.css
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 7b64a039d26c829593a2723c5994491e
47847a4dde34397304eceaed521bfa7276915f20
473ab087ab31864b45af35fe5eb056dba8293667bac7a167a757e98e21e172c3
GET /Content/nitro.css HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1; ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 2074
Content-Type: text/css
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80f175d12732d71:0"
Last-Modified: Thu, 15 Apr 2021 18:47:43 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/new_images/nitro/mof_logo.jpg
200 OK 19 kB URL HTTP/1.1 www.myopportunityfinder.com/Content/new_images/nitro/mof_logo.jpg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 415x102, components 3\012- data
Hash d3b6a1879c883fed57c24d1cb2570fc5
9902bf5aeafa1fe150cd46668bd2fdeb89c38cae
6e252ef3c5f995ffa51982fdb48be6caa549ef0c9bddb503269eaad37caa1aee
GET /Content/new_images/nitro/mof_logo.jpg HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1; ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 19297
Content-Type: image/jpeg
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "9f8bdb34e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET
www.myopportunityfinder.com/favicon.ico
206 Partial Content 2.2 kB URL HTTP/1.1 www.myopportunityfinder.com/favicon.ico
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 7f629a8e760c7da86f5ff19851635ccf
e2e6a034f9679930a7e99466d8d40a7818831062
bef7afd5eaef627c7ebf1903fc126685dd9ba8d87bf04887c7a12a0e0075b5de
GET /favicon.ico HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1; ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Range: bytes=29875-
If-Range: "2f5f1f35e4e8d51:0"
HTTP/1.1 206 Partial Content
Content-Length: 2163
Content-Type: image/x-icon
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Range: bytes 29875-32037/32038
ETag: "2f5f1f35e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET
www.myopportunityfinder.com/Content/new_images/nitro/mof_bg.jpg
200 OK 497 kB URL HTTP/1.1 www.myopportunityfinder.com/Content/new_images/nitro/mof_bg.jpg
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1922x976, components 3\012- data
Size 497 kB (497107 bytes)
Hash d83d2c05865006a46b8ef3d5a5cb1f27
59b6ab519798f3f7e88dac939172f58d7287d1a2
8bae1cb1d064101714e977fe5b607671e12b152d056f4476b2ff5040eef7bd6e
GET /Content/new_images/nitro/mof_bg.jpg HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=7cb5112a-f10f-46a4-a3d5-e229c6c209cf
Cookie: _ga=GA1.2.901890519.1669625700; _gid=GA1.2.1766178270.1669625700; _gat=1; ASP.NET_SessionId=rt54yhr2t2lys2scewphxnw3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 497107
Content-Type: image/jpeg
Date: Mon, 28 Nov 2022 08:55:01 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "bdc8da34e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f20d5c4b208740dd4c737b9d95c0e1d0
c843c5422499736a83a80c2b07475a8dbbb8860f
f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12555
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MHPWIAMFQMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KcI_BV4rZkM-2CmcFI5qkJLT-OOwYQnRNEPXrQJvlNA9A3Da0EzgEA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 39843
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.myopportunityfinder.com/favicon.ico
200 OK 0 B URL HTTP/1.1 www.myopportunityfinder.com/favicon.ico
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /favicon.ico HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Length: 32038
Content-Type: image/x-icon
Date: Mon, 28 Nov 2022 08:55:00 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "2f5f1f35e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET
54.161.16.68
23.36.77.32
93.184.220.29
104.17.24.14