Report - tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445

Report Overview

Submitted URL
tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445
IP
162.246.19.222
ASN
#19318 IS-AS-1
Submitted
2023-03-24 21:58:52
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
cdn.trustedform.com	24659	2020-08-27T01:38:48Z	2023-03-29T14:55:05Z	853 B	39 kB	54.230.111.91
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T09:11:41Z	350 B	968 B	54.230.80.227
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-29T07:56:22Z	415 B	26 kB	104.18.11.207
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	55 kB	34.120.237.76
create.leadid.com	14598	2014-01-22T14:55:11Z	2023-03-29T14:10:24Z	2.9 kB	4.0 kB	34.233.231.247
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-29T09:11:13Z	1.8 kB	4.8 kB	54.230.80.227
script.anura.io	43801	2017-05-19T21:00:19Z	2023-03-28T23:18:49Z	1.4 kB	21 kB	35.177.99.174
deviceid.trueleadid.com	2097	2018-07-10T07:19:41Z	2023-03-29T06:45:33Z	670 B	332 B	35.169.79.47
tellrail42.com	unknown	2021-12-10T02:34:13Z	2023-02-11T12:22:55Z	1.7 kB	10 kB	162.246.19.222
24hrsafetyshower.com	unknown	2022-01-14T19:19:46Z	2023-03-12T09:06:05Z	11 kB	437 kB	172.98.77.79
b-js.ringba.com	332452	2020-11-10T18:03:35Z	2023-03-24T22:58:43Z	390 B	14 kB	54.230.111.50
api.trustedform.com	23021	2012-10-29T06:30:13Z	2023-03-29T06:45:32Z	1.9 kB	1.7 kB	54.209.198.209
create.lidstatic.com	24133	2015-09-23T21:42:02Z	2023-03-29T06:45:32Z	427 B	576 B	104.22.39.182
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.0 kB	5.3 kB	23.36.76.226
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	390 B	45 kB	142.250.74.40
maps.gstatic.com	unknown	2016-01-11T17:55:17Z	2023-03-29T13:01:06Z	853 B	6.6 kB	142.250.74.3
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	3.1 kB	6.3 kB	216.58.211.3
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	2.5 kB	43 kB	216.58.207.227
display.ringba.com	234901	2016-03-31T19:00:32Z	2023-03-24T22:58:43Z	904 B	1.1 kB	23.21.37.26
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-29T05:11:35Z	722 B	3.8 kB	104.18.20.226
maps.googleapis.com	33876	2019-10-17T17:56:16Z	2023-03-29T13:01:47Z	458 B	58 kB	142.250.74.170
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-29T13:32:47Z	424 B	8.4 kB	104.18.10.207
brandedleadgeneration.com	unknown	2015-04-21T11:16:23Z	2023-03-24T22:58:43Z	436 B	1.5 kB	143.198.158.164
d2m2wsoho8qq12.cloudfront.net	unknown	2013-05-25T05:15:49Z	2023-03-29T06:45:40Z	667 B	2.0 kB	54.230.245.201

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-24 21:58:55	high	Client IP	18.158.229.59	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard Low Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	create.lidstatic.com/campaign/4794145a-6dbd-5239-4869-1debd00fe1aa.js?snippet_version=2	123 kB	2023-03-12	2023-12-30
Pretty URL create.lidstatic.com/campaign/4794145a-6dbd-5239-4869-1debd00fe1aa.js?snippet_version=2 IP 104.22.39.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:07:54 Last Seen2023-12-30 03:30:57 Times Seen30 Hash 014fb701978aa9feacf547605e1bb371 63df6c3f8844f4e8a9d0447917f11e1d186db0e3 a58bf3aed825a6d15f5b15d47c38c68041b027933ce5e079b6acbb078ee33d9a Loading...

	maps.googleapis.com/maps-api-v3/api/js/52/6/controls.js	92 kB	2023-03-26	2023-04-05
Pretty URL maps.googleapis.com/maps-api-v3/api/js/52/6/controls.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:31:37 Last Seen2023-04-05 19:28:43 Times Seen140 Hash ceac70c122ee872d7c43c0ca6599063e 6b6a918f90c84fbad01ba4e367c71b04aa02678c f8c57c5ac46bbd1e676aa4f363378865702aefdcd2553e41b4bcc515382ae10e Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	274 B	2023-03-12	2024-07-03
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:36:36 Last Seen2024-07-03 01:49:36 Times Seen28 Hash a0b53ac12379058546258a1a9a915f9d 90a6fe7d1a9ec32f8fc490d1c782bc35962ab402 5c0b55e4baf92f1116e4e133fb36ea231e3fd99660cd6bddd17b9e307dc0e9d2 Loading...

	www.googletagmanager.com/gtag/js?id=UA-216912180-1	115 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=UA-216912180-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen1 Hash 7226dfc0a13e3db154b4fd853bb232ca 3f166e66ee4851a2e2be8a6b26560942e274b6d1 2b06da8a2cbe27ab78cf638b7b4ef805a6749eb4c0fbe312afa03c4dd5df147c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-07-13
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-07-13 05:56:05 Times Seen35105 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	3.2 kB	2023-03-12	2024-07-03
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:36:37 Last Seen2024-07-03 01:49:36 Times Seen38 Hash 63fc8c9d7085899e7c7bebb6370bd032 8e348852cc3d9cd9a21e3184e7b2d79f3417d667 eff9078e90d3cb3c3292d90ef1eddc7cf2e3dd8b751870092fdfa73a117fb251 Loading...

	tellrail42.com/d.js	7.7 kB	2023-03-12	2024-07-07
Pretty URL tellrail42.com/d.js IP 162.246.19.222 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:25:27 Last Seen2024-07-07 23:36:56 Times Seen205 Hash 562aae9348426470228b1ecad67dad13 6a7bb1790c9388ae2592b502bab0acec8edf29be 7f21c8273e165c0152de21d0d41d8410dbdde5351a569965897477607b958152 Loading...

	24hrsafetyshower.com/assets/js/bootstrap.min.js	58 kB	2023-03-07	2024-07-27
Pretty URL 24hrsafetyshower.com/assets/js/bootstrap.min.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-07-27 00:22:12 Times Seen22684 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	24hrsafetyshower.com/assets/js/moment.min.js	59 kB	2023-03-07	2024-07-27
Pretty URL 24hrsafetyshower.com/assets/js/moment.min.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:47 Last Seen2024-07-27 01:01:51 Times Seen1257 Hash 5c158b940513c7dc2ebd901455e9b63d f992a08c86f88b10abd35fae20d468ec52c824e6 73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7 Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	394 B	2023-03-12	2024-02-07
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:07:54 Last Seen2024-02-07 12:04:11 Times Seen23 Hash 5ab7a6bbd9363381aa4ffcb6ba339d60 0357a7b5780992344fa4aac137b4bab8129d5ff7 878893617c57ddede36af7b579fa8a25a265263273766e8bd0bfbf7b3d85523e Loading...

	script.anura.io/request.js?instance=3661425590&source=5356&campaign=992&exid=60763637&variable=anura&167425343633	56 kB	2023-03-29	2023-03-29
Pretty URL script.anura.io/request.js?instance=3661425590&source=5356&campaign=992&exid=60763637&variable=anura&167425343633 IP 35.177.99.174 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen1 Hash 4912524619ab5874a13a6c2cedaeac15 f92bfe4c5340c5027a339726c5f3aa065b2b0334 2c1e3c10ea4277b02bf26644f6513541f7dca47a76653b1fe9ce8ccf5fcabf49 Loading...

	create.leadid.com/2.11.9/SaveDeviceId.js?lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&methods=48&token=28D02B76-6562-33EF-2336-58E53D96B2B9&uuid=c65396a553464fed9985f7bf5b4c9a34	0 B	2023-03-07	2024-07-27
Pretty URL create.leadid.com/2.11.9/SaveDeviceId.js?lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&methods=48&token=28D02B76-6562-33EF-2336-58E53D96B2B9&uuid=c65396a553464fed9985f7bf5b4c9a34 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:44:05 Times Seen41184184 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	24hrsafetyshower.com/assets/js/jquery-2.2.4.min.js	86 kB	2023-03-07	2024-07-27
Pretty URL 24hrsafetyshower.com/assets/js/jquery-2.2.4.min.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-07-27 03:15:42 Times Seen427129 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	24hrsafetyshower.com/assets/js/main.js	9.2 kB	2023-03-29	2023-03-29
Pretty URL 24hrsafetyshower.com/assets/js/main.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen2 Hash 070cbdfe37cbca911ae25ef2de2398be aba49c9106a4f3fa5a17ea7e4dc11e0d852e32b9 ebb3eb7babc75f1f22f862176859c07e7e852d494e0b8e1a09539cebfe4310b5 Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	525 B	2023-03-12	2024-02-07
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 23:07:54 Last Seen2024-02-07 12:04:11 Times Seen23 Hash 250ad9d8bd3939df79f6ba3aa2cf39cb 70b8bd98a2e3c7c8c8ce25d261ad92f22f001ca5 3ae1b67ea33dc90d315dedf4084b7d8038674125ebaaf01f031bef1a05ed5b4f Loading...

	tellrail42.com/js.ashx?o=1155&_=1679695135063	699 B	2023-03-29	2023-12-30
Pretty URL tellrail42.com/js.ashx?o=1155&_=1679695135063 IP 162.246.19.222 ASN #19318 IS-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-12-30 03:30:58 Times Seen11 Hash a5f05b958145cf283782c1a0ed2d4a2a f0ef54268270f4ec5e0f8af765620b5eec7a0502 84bad220d2d8f2522f1ff799f804f3a0e54f19994f8e954e5220b50d919d4a42 Loading...

	24hrsafetyshower.com/assets/js/jquery.mask.js	7.2 kB	2023-03-12	2024-07-07
Pretty URL 24hrsafetyshower.com/assets/js/jquery.mask.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 08:25:27 Last Seen2024-07-07 23:36:56 Times Seen205 Hash c5f6513027f4d0359fcd7bd1e7e8c26b f5ab68300bbe2a6978272f9e09626f170b5a3b97 d664612936b14c5caa8092f018ce547cad1397415bc1d61c1ecc480acc6f116a Loading...

	cdn.trustedform.com/trustedform-1.8.38.js	104 kB	2023-03-14	2023-05-12
Pretty URL cdn.trustedform.com/trustedform-1.8.38.js IP 54.230.111.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:56 Times Seen1009 Hash a71c6d4fa015e7b61cc1fc54ff9b242e a4564cb80c9d7b516360f361cbddbe66b7abb8aa d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	789 B	2023-03-29	2023-03-29
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen1 Hash d17771fabe78fa3901924cd3b9102249 89480da5b1fc0227e257b59bf702171747edc7f8 011020565f568147f268799d106474f599920639c66727e2696465d8ee922f11 Loading...

	b-js.ringba.com/CA795ad362b00841c5932a8af0dbe8835f	13 kB	2023-03-29	2023-03-29
Pretty URL b-js.ringba.com/CA795ad362b00841c5932a8af0dbe8835f IP 54.230.111.50 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen2 Hash c77ea8de29aab4bdc5199207eca66c16 2f6cfc2fef5aba1e22012d92422cf102175b96e2 24217a95b23b90922161e9b7a5836d8da1b54ac2478ba5ad1f03ebad6ba6192b Loading...

	brandedleadgeneration.com/disclaimers/tcpa.php?v=tub&url=24hrsafetyshower.com&p=(888)%20402-3449	1.3 kB	2023-03-29	2023-03-29
Pretty URL brandedleadgeneration.com/disclaimers/tcpa.php?v=tub&url=24hrsafetyshower.com&p=(888)%20402-3449 IP 143.198.158.164 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen2 Hash b961cb4ff4650ec56c4dbb6a74de0a70 dd49cb169993ce395eac57a9a0b0177b5610f366 84f992a6fc05e10f4ddee979ebfb803df2998d4979c542aa207a16668863502b Loading...

	maps.googleapis.com/maps-api-v3/api/js/52/6/util.js	165 kB	2023-03-26	2024-01-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/52/6/util.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:27:24 Last Seen2024-01-20 22:45:59 Times Seen829 Hash db59a2b62c461b092e39a4a7bd83920b 5e1111bcc399eaa3ca075b4c77d3a77cf85e522f cda881db98d107ebd3b91eb46c5d6f3fcd18d9230250b5bdb1d2f0b6abe50673 Loading...

	maps.googleapis.com/maps/api/js?key=AIzaSyBFMwX1RnpjgmfJCySUVurxU93BMHrWiv4&libraries=places&callback=initAutocomplete	175 kB	2023-03-29	2023-03-29
Pretty URL maps.googleapis.com/maps/api/js?key=AIzaSyBFMwX1RnpjgmfJCySUVurxU93BMHrWiv4&libraries=places&callback=initAutocomplete IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen2 Hash 7070f04a2a01e4c797caf230b9acea84 8f83dadc9f8d5ca14ced7debfd242ab7ad206145 ef98c18fcce33b4062d2e1bb9bba9f0ae8a994a5df0fe67c04d69e8050d724fb Loading...

	maps.googleapis.com/maps-api-v3/api/js/52/6/common.js	277 kB	2023-03-26	2024-01-20
Pretty URL maps.googleapis.com/maps-api-v3/api/js/52/6/common.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:27:30 Last Seen2024-01-20 22:45:59 Times Seen757 Hash 9787396af8d79c5b0a7ee0e5ab5c88aa 7cd2ea6b5d8014836c032d04eb074049a7390271 f92269e7d728cc563446b301cad9ee4d35e5681db79dfd6a45f8674aa9232b73 Loading...

	maps.googleapis.com/maps-api-v3/api/js/52/6/places_impl.js	48 kB	2023-03-26	2023-04-05
Pretty URL maps.googleapis.com/maps-api-v3/api/js/52/6/places_impl.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:37:17 Last Seen2023-04-05 13:50:30 Times Seen26 Hash 5a4856ac2e23ca515a358b5b47448aab 5a0a6f32ea19f9b70c6c090cf96857497cbb09d4 bd64bc51889c234d8f5756167c31c0e452ebe4179435aaa944e9258153bb1525 Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 IP 54.230.245.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	155 B	2023-03-29	2023-03-29
Pretty URL 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:51:12 Last Seen2023-03-29 21:51:12 Times Seen2 Hash 0af0c473262f8877dea45d88163d507b 7b180d81b5e2233481c2d7983e0f70bd9299f7ac 08cec6991d95e6ded3ec4ac6ab04013ec19caf133151b3e4dd304e235e2a381b Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354	7.5 kB	2023-03-14	2023-05-12
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 IP 54.209.198.209 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:55 Times Seen658 Hash 1b4d8abad5e0668a237e388577c6a93c cb8199d9e56f094c63ba8b451239035205422f0f 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c Loading...

	deviceid.trueleadid.com/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 IP 35.169.79.47 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	24hrsafetyshower.com/assets/js/popper.min.js	21 kB	2023-03-07	2024-07-26
Pretty URL 24hrsafetyshower.com/assets/js/popper.min.js IP 172.98.77.79 ASN #46562 PERFORMIVE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:27 Last Seen2024-07-26 19:31:49 Times Seen18952 Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-07-26
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-07-26 09:21:34 Times Seen2734 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

HTTP Transactions (94)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7824 Expires: Sat, 25 Mar 2023 00:09:05 GMT Date: Fri, 24 Mar 2023 21:58:41 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 13f90146df1d559743af6df15c29b77b 6dd24f60629c39f857e3c996084f4d515cf3f8d0 ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C" Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=20644 Expires: Sat, 25 Mar 2023 03:42:45 GMT Date: Fri, 24 Mar 2023 21:58:41 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 24 Mar 2023 21:27:40 GMT content-type: application/json age: 1861 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash dc2752d83fbed82852248898a132467a b27a6b4af2e07663a58cafb641513f7224c7a7c3 ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5" Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15027 Expires: Sat, 25 Mar 2023 02:09:08 GMT Date: Fri, 24 Mar 2023 21:58:41 GMT Connection: keep-alive`

	tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445	162.246.19.222	302 Found	238 B
URL HTTP/1.1 tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445 IP 162.246.19.222:0 ASN #19318 IS-AS-1 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 238 B (238 bytes) Hash 490b98d2e5561cb51431232e407ba341 e75d530531a804cc87a2793c16c0e0182d663414 8a4f311bd2e6dd611b5e6613f7dee8b66f1ca4cc5f62b0265dac11c867c80b73 HTTP Headers `GET /?a=5356&c=3294&s1=822599&s2=720240445 HTTP/1.1 Host: tellrail42.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1` `HTTP/1.1 302 Found date: Fri, 24 Mar 2023 21:58:41 GMT content-type: text/html; charset=utf-8 content-length: 238 cache-control: private location: https://tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445&ckmguid=4e048b0a-7cfd-4a88-9628-836be3565397`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: 33ivEfmJcpZdvJEyxfVecdY6jxn31hidwO/W5C/jLpQqLn0O8TXBFUedpAJlVBPZiJ0pK4B+2+g= x-amz-request-id: CA8JYCQSKAMH1D85 x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 24 Mar 2023 21:00:31 GMT age: 3490 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Fri, 24 Mar 2023 21:58:41 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 87240d30a67f0737530bc26979e7d69d e5c6d183c4c72377a896a6c6870a22ba59ff110e 47fecdf69d4c7f69f2c63be831c5bc2425b983987925278e44bfa8e62830c9c2 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "47FECDF69D4C7F69F2C63BE831C5BC2425B983987925278E44BFA8E62830C9C2" Last-Modified: Fri, 24 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2255 Expires: Fri, 24 Mar 2023 22:36:16 GMT Date: Fri, 24 Mar 2023 21:58:41 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 24 Mar 2023 21:14:33 GMT age: 2648 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	ocsp.globalsign.com/alphasslcasha256g4	104.18.20.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1437 bytes) Hash 9cece6d844fc56e65719b3614efb5cb1 1b84c1087ef99049318efbeece91116b9bc7d62b 0aaecdeb770ae77597582ed264959fe3b7b529340ac3ef2e2fa873a80c437f79 HTTP Headers `POST /alphasslcasha256g4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 24 Mar 2023 21:58:41 GMT Content-Type: application/ocsp-response Content-Length: 1437 Connection: keep-alive Expires: Tue, 28 Mar 2023 21:58:40 GMT ETag: "1b84c1087ef99049318efbeece91116b9bc7d62b" Last-Modified: Fri, 24 Mar 2023 21:58:41 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: MISS Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ad22d4eb9770b06-OSL`

	push.services.mozilla.com/	34.117.65.55	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 34.117.65.55:0 ASN #15169 GOOGLE File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: HGg+6s+RKmH9RphyZB7TJg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: L7VxGyTueZSMLdi9ZpTmMi4iIhg= Date: Fri, 24 Mar 2023 21:58:41 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445&ckmguid=4e048b0a-7cfd-4a88-9628-836be3565397	162.246.19.222	302 Found	223 B
URL HTTP/1.1 tellrail42.com/?a=5356&c=3294&s1=822599&s2=720240445&ckmguid=4e048b0a-7cfd-4a88-9628-836be3565397 IP 162.246.19.222:0 ASN #19318 IS-AS-1 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 223 B (223 bytes) Hash 46e70641258d850f20ae3521401e2078 3389a40ff9185ce6e0120fdecfc86d2b0cdec7ff 61f81ec22460b3c9ee9a22c0ff4ec9daf8dae85125a3bfd96416eaa2bb3d1878 HTTP Headers GET /?a=5356&c=3294&s1=822599&s2=720240445&ckmguid=4e048b0a-7cfd-4a88-9628-836be3565397 HTTP/1.1 Host: tellrail42.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 302 Found date: Fri, 24 Mar 2023 21:58:42 GMT content-type: text/html; charset=utf-8 content-length: 223 cache-control: private location: https://24hrsafetyshower.com?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" set-cookie: sl=DP8ohJ12sFqAWal6iGvj3hZCAWWR9IaQDnG3VLFXZykGMnZ4QxTUAA==; domain=.tellrail42.com; path=/; HttpOnly tfl=WA2VZpHSRtiAWal6iGvj3hZCAWWR9IaQDnG3VLFXZykGMnZ4QxTUAA==; domain=.tellrail42.com; expires=Mon, 24-Mar-2025 21:58:42 GMT; path=/; HttpOnly c1155=DP8ohJ12sFp4WD6alTZ0M2lE8zv5NA1y0coX9gs3Fkn1+XXx+e2QIA==; domain=.tellrail42.com; expires=Sun, 23-Apr-2023 21:58:42 GMT; path=/; HttpOnly

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash c15eec6189fd8f84ace0feffd626cec7 a1d129592fa827eb546f2e6aed1ea28a83754e77 35c463e7497a5a0fd0ca32c4765e8cbaf6c442fcb172b25db80a00d878abe7f8 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "35C463E7497A5A0FD0CA32C4765E8CBAF6C442FCB172B25DB80A00D878ABE7F8" Last-Modified: Wed, 22 Mar 2023 13:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21590 Expires: Sat, 25 Mar 2023 03:58:32 GMT Date: Fri, 24 Mar 2023 21:58:42 GMT Connection: keep-alive`

	24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445	172.98.77.79	200 OK	6.2 kB
URL HTTP/1.1 24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (498) Size 6.2 kB (6153 bytes) Hash 4bd5f8b8af331f542b023b442ab803a8 22289c0b59066326de5823158b5b26de9b949a6d 53eb2084888470fad4ddc7cb6eff5211c61dc0e614478232e8100b3fb45197dc HTTP Headers `GET /?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:42 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive X-Powered-By: PHP/5.5.9-1ubuntu4.29 Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4355291ec58b85ddde02c2446ecb2bb4 4ad43e10f82193f83e862e8a78f3e46de9490ac4 e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 3a85d9c2de0b1015b62c81a1ab7fe625 389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238 717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtag/js?id=UA-216912180-1	142.250.74.40	200 OK	45 kB
URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-216912180-1 IP 142.250.74.40:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2206) Size 45 kB (44763 bytes) Hash 166f08ddb2691a4a8b252f74808e71f6 e9a424fa1e7afb57d99de06b33e01147fdfe82c7 fb56f3825502236b67634d753ec2cc29023ddcb7968228486c97898be5309e5b HTTP Headers `GET /gtag/js?id=UA-216912180-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Fri, 24 Mar 2023 21:58:43 GMT expires: Fri, 24 Mar 2023 21:58:43 GMT cache-control: private, max-age=900 last-modified: Fri, 24 Mar 2023 21:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 44763 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	maps.googleapis.com/maps/api/js?key=AIzaSyBFMwX1RnpjgmfJCySUVurxU93BMHrWiv4&libraries=places&callback=initAutocomplete	142.250.74.170	200 OK	57 kB
URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBFMwX1RnpjgmfJCySUVurxU93BMHrWiv4&libraries=places&callback=initAutocomplete IP 142.250.74.170:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2476) Size 57 kB (56967 bytes) Hash 700922ce2601d4a249c753216d65d146 d8dcc7ad42a19605967354fca5699a131516b553 6808f17ac113665d8bd5e649bea5e95b55ea8b453ab46534be04999c38084b9a HTTP Headers `GET /maps/api/js?key=AIzaSyBFMwX1RnpjgmfJCySUVurxU93BMHrWiv4&libraries=places&callback=initAutocomplete HTTP/1.1 Host: maps.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 date: Fri, 24 Mar 2023 21:58:43 GMT expires: Fri, 24 Mar 2023 22:28:43 GMT cache-control: public, max-age=1800 vary: Accept-Language cross-origin-resource-policy: cross-origin timing-allow-origin: * content-encoding: gzip server: mafe content-length: 56967 x-xss-protection: 0 x-frame-options: SAMEORIGIN server-timing: gfet4t7; dur=39 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	472 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash 4355291ec58b85ddde02c2446ecb2bb4 4ad43e10f82193f83e862e8a78f3e46de9490ac4 e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 3a85d9c2de0b1015b62c81a1ab7fe625 389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238 717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.globalsign.com/alphasslcasha256g4	104.18.20.226	200 OK	1.4 kB
URL HTTP/1.1 ocsp.globalsign.com/alphasslcasha256g4 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1437 bytes) Hash 9cece6d844fc56e65719b3614efb5cb1 1b84c1087ef99049318efbeece91116b9bc7d62b 0aaecdeb770ae77597582ed264959fe3b7b529340ac3ef2e2fa873a80c437f79 HTTP Headers `POST /alphasslcasha256g4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/ocsp-response Content-Length: 1437 Connection: keep-alive Expires: Tue, 28 Mar 2023 21:58:40 GMT ETag: "1b84c1087ef99049318efbeece91116b9bc7d62b" Last-Modified: Fri, 24 Mar 2023 21:58:41 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 2 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 7ad22d58fe400b06-OSL`

	ocsp.r2m01.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash f6096fb7bc237fc48421dd0ba2e369e2 dad4a319f3ef5552532d7069b525347968543af6 af03ea7293534162534ec33dbc4b6eebaba83e43ff1d18e63a9acdd4c3ee5ce4 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 24 Mar 2023 21:58:43 GMT Etag: "641d4ee1-1d7" Last-Modified: Fri, 24 Mar 2023 21:02:41 GMT Server: ECAcc (dcb/7EF0) X-Cache: Miss from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: fwWdX-aoYdeZABR9wP3kHQ_K6X3AQyTpQd5znxA--9Kc2sLxfV8NCA== Age: 3363`

	24hrsafetyshower.com/assets/css/style.min.css	172.98.77.79	200 OK	5.8 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/css/style.min.css IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text, with very long lines (5697) Size 5.8 kB (5808 bytes) Hash 1bf604ffc8f953d04263cc25f6916d51 c308d741049921e7c2060b42db770546bef34ed0 b45ecbf8bdb14001472b4ff2d723caf3026f734e6bddb3953ef93f58cf250c31 HTTP Headers `GET /assets/css/style.min.css HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: text/css Content-Length: 5808 Last-Modified: Fri, 14 Jan 2022 19:25:36 GMT Connection: keep-alive ETag: "61e1ce30-16b0" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/js/jquery-2.2.4.min.js	172.98.77.79	200 OK	86 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/jquery-2.2.4.min.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text, with very long lines (32065) Size 86 kB (85578 bytes) Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e HTTP Headers `GET /assets/js/jquery-2.2.4.min.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 85578 Last-Modified: Fri, 14 Jan 2022 19:17:46 GMT Connection: keep-alive ETag: "61e1cc5a-14e4a" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/js/jquery.mask.js	172.98.77.79	200 OK	7.2 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/jquery.mask.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type exported SGML document, ASCII text Size 7.2 kB (7223 bytes) Hash c5f6513027f4d0359fcd7bd1e7e8c26b f5ab68300bbe2a6978272f9e09626f170b5a3b97 d664612936b14c5caa8092f018ce547cad1397415bc1d61c1ecc480acc6f116a HTTP Headers `GET /assets/js/jquery.mask.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 7223 Last-Modified: Fri, 14 Jan 2022 19:17:45 GMT Connection: keep-alive ETag: "61e1cc59-1c37" Accept-Ranges: bytes`

	tellrail42.com/d.js	162.246.19.222	200 OK	7.7 kB
URL HTTP/1.1 tellrail42.com/d.js IP 162.246.19.222:0 ASN #19318 IS-AS-1 File type Algol 68 source text\012- Pascal source, ASCII text Size 7.7 kB (7695 bytes) Hash 562aae9348426470228b1ecad67dad13 6a7bb1790c9388ae2592b502bab0acec8edf29be 7f21c8273e165c0152de21d0d41d8410dbdde5351a569965897477607b958152 HTTP Headers `GET /d.js HTTP/1.1 Host: tellrail42.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK date: Fri, 24 Mar 2023 21:58:43 GMT content-type: application/javascript content-length: 7695 last-modified: Wed, 22 Feb 2023 16:23:24 GMT accept-ranges: bytes etag: "0e65dfcd946d91:0"`

	maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css	104.18.11.207	200 OK	25 kB
URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css IP 104.18.11.207:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (65324) Size 25 kB (24926 bytes) Hash 1d3d33b32efa8cd3180f342adcb746d3 58e6975de13f772ad8f7a69db038300e3b2b7bc6 25093583824403cdd0023888b7b951c7d8a78b21299fef0e2286668247d26c3c HTTP Headers `GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:43 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:08 GMT cdn-cachedat: 08/11/2021 05:41:31 cdn-edgestorageid: 756 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-proxyver: 1.0 cdn-requestid: 313ad02a214f6bc0a71a4ade9593c82e cdn-cache: HIT cf-cache-status: HIT age: 22738577 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ad22d57bcf0b503-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css	104.18.10.207	200 OK	7.5 kB
URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP 104.18.10.207:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (30837) Size 7.5 kB (7480 bytes) Hash 28cc886a7b050c575cc9de64628eac43 aafe3c1655e5837d847faaceabafbaf84997b8ca d310358a42510731078db79847489f44eb26aa458fbde45d983082b3d07a8da8 HTTP Headers `GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:43 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:55 GMT cdn-cachedat: 11/15/2021 21:49:00 cdn-proxyver: 1.0 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 723 cdn-status: 200 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58 cdn-cache: HIT cf-cache-status: HIT age: 25141877 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 7ad22d57aa29b50b-OSL content-encoding: br alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg	34.120.237.76	200 OK	8.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.4 kB (8385 bytes) Hash 3d6ed667dad0c17b3f1697f6ad5f1dd2 9eff2b1900bc9788dfbff11fce69cc7c944b1fc1 ec0f7b928c7efd46d2679477acd9f3bf0b335f31b9739c4e925b23bd5cd16a05 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8f2a5e3-1443-4c66-9b07-bbc789ebd9ab.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8385 x-amzn-requestid: 70d658a2-706c-428d-b232-d4a343556e55 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8IUHv7IAMF8BQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73ce-4288c6f05be90c543a5adb5a;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:58 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: 00pLSzTvmnnvhdLG4rOtVPVM_F2rfQXus98AyXsY129ejW-1Y-UblQ== via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Mar 2023 01:36:32 GMT age: 73331 etag: "9eff2b1900bc9788dfbff11fce69cc7c944b1fc1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg	34.120.237.76	200 OK	4.0 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.0 kB (4000 bytes) Hash 85351059b67b0a42eda7e69a31b3b4b4 b798268806dc2f79f033e5872676019faf0e0cc1 86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4000 x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJpraEqyoAMFgNQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: vOBDFA2LzOIp_0dMXApotrithfiToWtpM2xMRyx1pWAE86olKT6EpQ== via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Mar 2023 02:36:43 GMT age: 69720 etag: "b798268806dc2f79f033e5872676019faf0e0cc1" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	24hrsafetyshower.com/assets/js/main.js	172.98.77.79	200 OK	9.2 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/main.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text Size 9.2 kB (9210 bytes) Hash 070cbdfe37cbca911ae25ef2de2398be aba49c9106a4f3fa5a17ea7e4dc11e0d852e32b9 ebb3eb7babc75f1f22f862176859c07e7e852d494e0b8e1a09539cebfe4310b5 HTTP Headers `GET /assets/js/main.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 9210 Last-Modified: Fri, 14 Jan 2022 19:22:24 GMT Connection: keep-alive ETag: "61e1cd70-23fa" Accept-Ranges: bytes`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7405 bytes) Hash 9bb55b1044454d0db2324a4af956cd51 5aa34545aa2274453b301c74a083034273177cbd fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7405 x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CQPt7E46oAMF1Fg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0 x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: P7-VLhTNV8ha__Qb_unjyRpnt3eBa3wLV7pWv605A_td6gX2xr3RVQ== via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Mar 2023 21:43:19 GMT age: 924 etag: "5aa34545aa2274453b301c74a083034273177cbd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10480 bytes) Hash 6f0b9e85381489dcf646c251722b21d4 5f7ea91288a2170bcabdca6be296718c4191eacd 911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10480 x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CJptHG7JoAMFSwA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0 x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT x-amz-cf-pop: SEA19-C1, SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: V_1L8vYf9-uS_-cGgsCstGC__IYpLZjEa0gOlsYgYOWwNJxxXJo83g== via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 22:00:02 GMT age: 86321 etag: "5f7ea91288a2170bcabdca6be296718c4191eacd" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg	34.120.237.76	200 OK	11 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 11 kB (10649 bytes) Hash 725b558c5b217b40ec923c072a764dc9 f3a16cf007c5793b3abc4978fe023f60d375315b 543d159b2fe8680fcaebd19ed567ea7725030f8c564784be0c542deed456144d HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63daf6ae-a4e7-49b4-8e18-aea9506a9ae6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10649 x-amzn-requestid: e8bfb59a-ccad-4150-9dfa-a9ae7966500b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM7CIHrFoAMFTXg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b720d-0ef87c8a6a55d9c77f2faa03;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:24:29 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: MZAWLd0V6aOwfS3stOcabNJMrPjvrfMHg8lLXDrdEL6y-8XPZTgydQ== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Mar 2023 17:04:28 GMT age: 17655 etag: "f3a16cf007c5793b3abc4978fe023f60d375315b" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg	34.120.237.76	200 OK	7.5 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.5 kB (7482 bytes) Hash 04db6085e8ec938c1385fb33b32ae036 0f173b8971723ec380a9610b3dda8f64890f6f37 873d5942c34057339f7a9c53a9d4cdc3a0b82f01223f851898da0ebbe0a628bc HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd11f3110-26b3-4e61-a4be-71f97e3d6614.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7482 x-amzn-requestid: 843e4bba-1550-44c4-be10-dd333148f83d x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CQPHxFuuIAMFvmA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641cc564-03f5d2675850409e70748490;Sampled=0 x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: -vjrmAFEFlCpClEnzffZY5N0F26cZzxS2U6qwvFGLLYbRuJ2BxkkDw== via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Fri, 24 Mar 2023 21:56:09 GMT age: 154 etag: "0f173b8971723ec380a9610b3dda8f64890f6f37" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	24hrsafetyshower.com/assets/js/popper.min.js	172.98.77.79	200 OK	21 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/popper.min.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text, with very long lines (20831) Size 21 kB (21004 bytes) Hash 56456db9d72a4b380ed3cb63095e6022 6dbce88aee15b42f29083df7a07513cf3b486ba0 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 HTTP Headers `GET /assets/js/popper.min.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 21004 Last-Modified: Fri, 14 Jan 2022 19:17:47 GMT Connection: keep-alive ETag: "61e1cc5b-520c" Accept-Ranges: bytes`

	b-js.ringba.com/CA795ad362b00841c5932a8af0dbe8835f	54.230.111.50	200 OK	13 kB
URL HTTP/2 b-js.ringba.com/CA795ad362b00841c5932a8af0dbe8835f IP 54.230.111.50:0 ASN #16509 AMAZON-02 File type Unicode text, UTF-8 text, with very long lines (13204), with no line terminators Size 13 kB (13212 bytes) Hash c77ea8de29aab4bdc5199207eca66c16 2f6cfc2fef5aba1e22012d92422cf102175b96e2 24217a95b23b90922161e9b7a5836d8da1b54ac2478ba5ad1f03ebad6ba6192b HTTP Headers `GET /CA795ad362b00841c5932a8af0dbe8835f HTTP/1.1 Host: b-js.ringba.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK content-type: text/html; charset=utf-8 content-length: 13212 access-control-allow-origin: * access-control-max-age: 300 cache-control: public date: Fri, 24 Mar 2023 21:58:42 GMT expires: Fri, 24 Mar 2023 22:01:47 GMT server: Microsoft-IIS/10.0 x-aspnet-version: 4.0.30319 x-powered-by: ASP.NET x-runtime: 0.0000 x-cache: Miss from cloudfront via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 6Xcn9VuF6SPBACQSbJsZxgsQ5V9gybnTkMTPrZIwpACmHJyMrh9MZg== X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	24hrsafetyshower.com/assets/images/credit-fair.png	172.98.77.79	200 OK	6.4 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-fair.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 6.4 kB (6417 bytes) Hash d47332723eb90e70009e0837c7d12310 3f789a7f45be64e8121d067fa3df62d179740120 c4b13ba4e9ae55427a83944d4b23a020ba0ab169f420d38c7116be5ec781b500 HTTP Headers `GET /assets/images/credit-fair.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 6417 Last-Modified: Fri, 14 Jan 2022 19:17:43 GMT Connection: keep-alive ETag: "61e1cc57-1911" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-good-hover.png	172.98.77.79	200 OK	5.6 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-good-hover.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 5.6 kB (5590 bytes) Hash 8900ed5502fa8251a36a73a918c8274b 5fcbf743f676ab8c4d9bd01a48d3a5149d0857a3 c7b9f04e30d920ae0b548e138e265d4774c8b7de5b07b23b1c821680a70c3177 HTTP Headers `GET /assets/images/credit-good-hover.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 5590 Last-Modified: Fri, 14 Jan 2022 19:17:43 GMT Connection: keep-alive ETag: "61e1cc57-15d6" Accept-Ranges: bytes`

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2	216.58.207.227	200 OK	7.8 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7824, version 1.0\012- data Size 7.8 kB (7824 bytes) Hash af4d371a10271dafeb343f1eace762bc 6d11d743bc3cfb169d70bc86450f18351dc1a905 60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7824 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:28:14 GMT expires: Sat, 23 Mar 2024 10:28:14 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:52:02 GMT content-type: font/woff2 age: 41429 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2	216.58.207.227	200 OK	8.0 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data Size 8.0 kB (8000 bytes) Hash 72993dddf88a63e8f226656f7de88e57 179f97ec0275f09603a8db94d4380eb584d81cd5 f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 8000 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:53 GMT expires: Sat, 23 Mar 2024 10:26:53 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:59:07 GMT content-type: font/woff2 age: 41510 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2	216.58.207.227	200 OK	7.8 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data Size 7.8 kB (7816 bytes) Hash 25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7816 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:51 GMT expires: Sat, 23 Mar 2024 10:26:51 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:11:40 GMT content-type: font/woff2 age: 41512 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2	216.58.207.227	200 OK	7.9 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data Size 7.9 kB (7884 bytes) Hash 9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f HTTP Headers `GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7884 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:49 GMT expires: Sat, 23 Mar 2024 10:26:49 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 17:03:52 GMT content-type: font/woff2 age: 41514 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	24hrsafetyshower.com/assets/images/blue-arrow.png	172.98.77.79	200 OK	1.4 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/blue-arrow.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 69 x 42, 8-bit/color RGBA, non-interlaced\012- data Size 1.4 kB (1447 bytes) Hash cb0b0acde9034c1579083a22f18809fd 7044cc7cf7e83dc635c194b417bd1f4535373a5a 1b217d1ceb730a70a887c081fc211963d431f81bba1509505fcb5f988af882d6 HTTP Headers `GET /assets/images/blue-arrow.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/assets/css/style.min.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 1447 Last-Modified: Fri, 14 Jan 2022 19:17:40 GMT Connection: keep-alive ETag: "61e1cc54-5a7" Accept-Ranges: bytes`

	ocsp.pki.goog/gts1c3	216.58.211.3	200 OK	471 B
URL HTTP/1.1 ocsp.pki.goog/gts1c3 IP 216.58.211.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ce6948c57f579a85042a4388c45514d6 4b3002c036034ef0cb8d9eb73b7bf7f561862b99 85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Fri, 24 Mar 2023 21:58:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2	216.58.207.227	200 OK	7.7 kB
URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data Size 7.7 kB (7748 bytes) Hash a09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 HTTP Headers `GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://fonts.googleapis.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 7748 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 10:26:55 GMT expires: Sat, 23 Mar 2024 10:26:55 GMT cache-control: public, max-age=31536000 last-modified: Wed, 27 Apr 2022 16:21:30 GMT content-type: font/woff2 age: 41508 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	24hrsafetyshower.com/assets/js/bootstrap.min.js	172.98.77.79	200 OK	58 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/bootstrap.min.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text, with very long lines (57791) Size 58 kB (58072 bytes) Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b HTTP Headers `GET /assets/js/bootstrap.min.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 58072 Last-Modified: Fri, 14 Jan 2022 19:17:46 GMT Connection: keep-alive ETag: "61e1cc5a-e2d8" Accept-Ranges: bytes`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 3567db932a88f3c08ca52dd15ac71b10 736021e431c8778d1e6db90ea6fb158c601ddcf8 e66cc8fb3a51c7ac2c8bc83ec8c13f222d0027e148e29e86c3f0f0bb15390e80 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 24 Mar 2023 21:58:43 GMT Last-Modified: Fri, 24 Mar 2023 20:27:27 GMT Server: ECAcc (nya/7946) X-Cache: Miss from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: clmdzGciLTpw0JR1cSOqz8I3TovsCeTc7vjt5_shvRq7U6dqx26o7A== Age: 5476`

	24hrsafetyshower.com/assets/js/moment.min.js	172.98.77.79	200 OK	59 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/js/moment.min.js IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type ASCII text, with very long lines (58823) Size 59 kB (58862 bytes) Hash 5c158b940513c7dc2ebd901455e9b63d f992a08c86f88b10abd35fae20d468ec52c824e6 73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7 HTTP Headers `GET /assets/js/moment.min.js HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: application/x-javascript Content-Length: 58862 Last-Modified: Fri, 14 Jan 2022 19:17:47 GMT Connection: keep-alive ETag: "61e1cc5b-e5ee" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/google-maps-icon.png	172.98.77.79	200 OK	3.2 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/google-maps-icon.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 41 x 43, 8-bit colormap, non-interlaced\012- data Size 3.2 kB (3243 bytes) Hash 6cf4fd62c913b49b6b695e7a45d6f7b1 57693c97bc355800d30f9758bd518e7e3804fecb 3d62fc464d51e31fb49b653c7dac87e54ecd60cc23bc6da37aee226eb1b863df HTTP Headers `GET /assets/images/google-maps-icon.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 3243 Last-Modified: Fri, 14 Jan 2022 19:17:42 GMT Connection: keep-alive ETag: "61e1cc56-cab" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/logo.png	172.98.77.79	200 OK	1.6 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/logo.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 219 x 44, 8-bit colormap, non-interlaced\012- data Size 1.6 kB (1633 bytes) Hash 42a837aa55d280de79d3f9b66100ccc7 58502ffe58fcb1ea073b93dc1ff2ecfc3c2a056a 8e2e920081f7bab0e1215853e1f90e07593cf9d9f8d1076d3456413ae5929980 HTTP Headers `GET /assets/images/logo.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 1633 Last-Modified: Fri, 14 Jan 2022 19:17:43 GMT Connection: keep-alive ETag: "61e1cc57-661" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-good.png	172.98.77.79	200 OK	6.5 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-good.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 6.5 kB (6542 bytes) Hash 35a473b5ae80dc9923e50f3acf929350 3e078f6b2d5573d83c47bcda418d27e0a9fae7af cb2d4aa2bdd13acfe51b87fc1315356408e0a0c1affc19f1f32528492420bd85 HTTP Headers `GET /assets/images/credit-good.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 6542 Last-Modified: Fri, 14 Jan 2022 19:17:43 GMT Connection: keep-alive ETag: "61e1cc57-198e" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-fair-hover.png	172.98.77.79	200 OK	5.8 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-fair-hover.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 5.8 kB (5765 bytes) Hash f405c9c937148fc8bc51d28fea7567da 4f521993d1f2633d258a26100168a350f071135a b91bd9e7639c836291c59d4a4a15c9987dc0e0906d5e24670e83cc7096604b9f HTTP Headers `GET /assets/images/credit-fair-hover.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 5765 Last-Modified: Fri, 14 Jan 2022 19:17:40 GMT Connection: keep-alive ETag: "61e1cc54-1685" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-poor.png	172.98.77.79	200 OK	6.4 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-poor.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 158, 8-bit colormap, non-interlaced\012- data Size 6.4 kB (6410 bytes) Hash ce31f46c9fdbc30d063b04f8cc14f845 3e7b6bcb67eb6a0cc1febe068d759404d6154ddf 1d70188a25b1a8a9191af29d1a49d4a96c97f794b26481c586b72a01b6bdfd3f HTTP Headers `GET /assets/images/credit-poor.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 6410 Last-Modified: Fri, 14 Jan 2022 19:17:41 GMT Connection: keep-alive ETag: "61e1cc55-190a" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-poor-hover.png	172.98.77.79	200 OK	6.4 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-poor-hover.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 158, 8-bit colormap, non-interlaced\012- data Size 6.4 kB (6389 bytes) Hash 6f76f4d85c7e5c6e384ac349eb884861 7a0210f687e33265cfec031ee0ed1c6d968f40f3 5204bb968394afe90c10f51e62463bee02a8488acbe29a156e4c1659861c1020 HTTP Headers `GET /assets/images/credit-poor-hover.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 6389 Last-Modified: Fri, 14 Jan 2022 19:17:42 GMT Connection: keep-alive ETag: "61e1cc56-18f5" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/check-yes.png	172.98.77.79	200 OK	691 B
URL HTTP/1.1 24hrsafetyshower.com/assets/images/check-yes.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 25 x 28, 8-bit/color RGBA, non-interlaced\012- data Size 691 B (691 bytes) Hash 4bf25e796b71de9f1937e4b21bf8b18e 9e2a430a6a7d2f1a63814359e51a4c01f9a1e23d 4f80ded12d463c236bde5628b026281bdca0764796f6575c0891a027acf45a1f HTTP Headers `GET /assets/images/check-yes.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 691 Last-Modified: Fri, 14 Jan 2022 19:17:41 GMT Connection: keep-alive ETag: "61e1cc55-2b3" Accept-Ranges: bytes`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 5acf930d6817ac0d26ec308e8eec514a 99bfa8daa2157134f3bb8255e7a01879011650e7 7639ba86605bbd2cf85c1a7a94249e2b00aa85a612a0dff836d12db939ecefd7 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "7639BA86605BBD2CF85C1A7A94249E2B00AA85A612A0DFF836D12DB939ECEFD7" Last-Modified: Wed, 22 Mar 2023 07:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7000 Expires: Fri, 24 Mar 2023 23:55:24 GMT Date: Fri, 24 Mar 2023 21:58:44 GMT Connection: keep-alive`

	24hrsafetyshower.com/assets/images/check-no.png	172.98.77.79	200 OK	819 B
URL HTTP/1.1 24hrsafetyshower.com/assets/images/check-no.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 25 x 26, 8-bit/color RGBA, non-interlaced\012- data Size 819 B (819 bytes) Hash 07afead9a84a2fb2ba1caa6b8793be2a 9f3eeb7172c45779f031dffb4c583f93d2aae396 a7e2690d555b9143340994238fc786350b7ae8a82c4312905624a44f10c72057 HTTP Headers `GET /assets/images/check-no.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:44 GMT Content-Type: image/png Content-Length: 819 Last-Modified: Fri, 14 Jan 2022 19:17:41 GMT Connection: keep-alive ETag: "61e1cc55-333" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/back.png	172.98.77.79	200 OK	455 B
URL HTTP/1.1 24hrsafetyshower.com/assets/images/back.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 80 x 36, 8-bit colormap, non-interlaced\012- data Size 455 B (455 bytes) Hash 87481cc13dc2c8933d07e48afc86b193 d5fd8764f4b7b72e932bb16e1285cad9f9b973cf 0446af2f3d50df9276468c693dbefbdd7d739676e158b427d7d8a438481d4c8f HTTP Headers `GET /assets/images/back.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:44 GMT Content-Type: image/png Content-Length: 455 Last-Modified: Fri, 14 Jan 2022 19:17:44 GMT Connection: keep-alive ETag: "61e1cc58-1c7" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/credit-excellent.png	172.98.77.79	200 OK	6.7 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-excellent.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 6.7 kB (6715 bytes) Hash 08793d498bec4bff355d42bdd77d215c 5a269330959926d95a20f4259d31ec95ed639ea2 465d0211681e86caa4c48f5188b6dd30f52e7c5b3fa85f4723646f215a326fd1 HTTP Headers `GET /assets/images/credit-excellent.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:44 GMT Content-Type: image/png Content-Length: 6715 Last-Modified: Fri, 14 Jan 2022 19:17:42 GMT Connection: keep-alive ETag: "61e1cc56-1a3b" Accept-Ranges: bytes`

	24hrsafetyshower.com/assets/images/before-after.png	172.98.77.79	200 OK	120 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/before-after.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 485 x 405, 8-bit colormap, non-interlaced\012- data Size 120 kB (120403 bytes) Hash 32ebfb7ca26c2c2af7d880bdeaee4bb4 6e71702dec16a81d4c95bb955b1d86c365ef5845 c394fcd8bee08d7d5531c5c7a186dd9ce05aeb7ddd233a8fcb4537aa278d5e25 HTTP Headers `GET /assets/images/before-after.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:43 GMT Content-Type: image/png Content-Length: 120403 Last-Modified: Fri, 14 Jan 2022 19:17:44 GMT Connection: keep-alive ETag: "61e1cc58-1d653" Accept-Ranges: bytes`

	display.ringba.com/v2/nis/gnbulk	23.21.37.26	200 OK	381 B
URL HTTP/1.1 display.ringba.com/v2/nis/gnbulk IP 23.21.37.26:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (381), with no line terminators Size 381 B (381 bytes) Hash 046c4ae28b34660d33c67b107bc13566 c624fc891d6400b408633d91dcbe0b4d79070c6b 167f4158a70d903b47d5019870a30a1fc75773521bcdc068f0f6579a99bc281c HTTP Headers `POST /v2/nis/gnbulk HTTP/1.1 Host: display.ringba.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: text/plain Content-Length: 819 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Access-Control-Allow-Origin: https://24hrsafetyshower.com Access-Control-Max-Age: 300 Cache-Control: no-cache Content-Type: application/json; charset=utf-8 Date: Fri, 24 Mar 2023 21:58:43 GMT Expires: -1 Pragma: no-cache Server: Microsoft-IIS/10.0 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET X-Runtime: 0.0030 Content-Length: 381 Connection: keep-alive`

	24hrsafetyshower.com/assets/images/credit-excellent-hover.png	172.98.77.79	200 OK	6.3 kB
URL HTTP/1.1 24hrsafetyshower.com/assets/images/credit-excellent-hover.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type PNG image data, 176 x 157, 8-bit colormap, non-interlaced\012- data Size 6.3 kB (6290 bytes) Hash f463d84bf700b0385e7a0e31bf162e28 9f04215dca5d2bee4353bbae375095a9c9916f85 20ed67a7382e527c75a69a1181ea60485bf05b8dd5f6e8b47868aefa3b267ccc HTTP Headers `GET /assets/images/credit-excellent-hover.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 200 OK Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:44 GMT Content-Type: image/png Content-Length: 6290 Last-Modified: Fri, 14 Jan 2022 19:17:41 GMT Connection: keep-alive ETag: "61e1cc55-1892" Accept-Ranges: bytes`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ba9cdc3f85fa7966f7edabb8a469144e 0f11764f3bb9036b52f6218a378ec3188af87b6e 0dcc420ed6a8a6d335c409581815d3fa5bc4816b61c211e8149718dcbdce8242 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 24 Mar 2023 21:58:44 GMT Last-Modified: Fri, 24 Mar 2023 20:19:01 GMT Server: ECAcc (nya/1C3C) X-Cache: Miss from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 2xQp23ZrYWdHunDi88YGxRgnTi7YprUrmom_yC9OgoSXV0lk_Pi6FA== Age: 5984`

	brandedleadgeneration.com/disclaimers/tcpa.php?v=tub&url=24hrsafetyshower.com&p=(888)%20402-3449	143.198.158.164	200 OK	1.3 kB
URL HTTP/1.1 brandedleadgeneration.com/disclaimers/tcpa.php?v=tub&url=24hrsafetyshower.com&p=(888)%20402-3449 IP 143.198.158.164:0 ASN #14061 DIGITALOCEAN-ASN File type HTML document, ASCII text, with very long lines (1121) Size 1.3 kB (1280 bytes) Hash b961cb4ff4650ec56c4dbb6a74de0a70 dd49cb169993ce395eac57a9a0b0177b5610f366 84f992a6fc05e10f4ddee979ebfb803df2998d4979c542aa207a16668863502b HTTP Headers `GET /disclaimers/tcpa.php?v=tub&url=24hrsafetyshower.com&p=(888)%20402-3449 HTTP/1.1 Host: brandedleadgeneration.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:44 GMT Content-Type: application/javascript Transfer-Encoding: chunked Connection: keep-alive`

	api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354	54.209.198.209	301 Moved Permanently	134 B
URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 IP 54.209.198.209:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 134 B (134 bytes) Hash 4aa7a432bb447f094408f1bd6229c605 1965c4952cc8c082a6307ed67061a57aab6632fa 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a HTTP Headers `GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 301 Moved Permanently server: awselb/2.0 date: Fri, 24 Mar 2023 21:58:44 GMT content-type: text/html content-length: 134 location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 X-Firefox-Spdy: h2`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash fef8efb3314ffe0c967e2410586f74fc 727ec442888e6510aa6165026aee57f48edb652f f891ca217e84da196375fa45c1d22c566be0ed8fab2deb2734228fc6f6305bd9 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 24 Mar 2023 21:58:44 GMT Last-Modified: Fri, 24 Mar 2023 20:46:28 GMT Server: ECAcc (bsa/EAE4) X-Cache: Miss from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: ooGCrBv9dNwP9bwWS_4fnHWkIG63pXWa3Tij4Qs8ofgXikWd_ojzNA== Age: 4336`

	tellrail42.com/js.ashx?o=1155&_=1679695135063	162.246.19.222	200 OK	699 B
URL HTTP/1.1 tellrail42.com/js.ashx?o=1155&_=1679695135063 IP 162.246.19.222:0 ASN #19318 IS-AS-1 File type CSV text\012- , ASCII text, with CRLF line terminators Size 699 B (699 bytes) Hash a5f05b958145cf283782c1a0ed2d4a2a f0ef54268270f4ec5e0f8af765620b5eec7a0502 84bad220d2d8f2522f1ff799f804f3a0e54f19994f8e954e5220b50d919d4a42 HTTP Headers `GET /js.ashx?o=1155&_=1679695135063 HTTP/1.1 Host: tellrail42.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK date: Fri, 24 Mar 2023 21:58:44 GMT content-type: text/javascript; charset=utf-8 content-length: 699 cache-control: private set-cookie: sid=DP8ohJ12sFqAWal6iGvj3hZCAWWR9IaQyi7P082/cswo9HzOHP5KOg==; domain=.tellrail42.com; path=/; HttpOnly trk=WA2VZpHSRtiAWal6iGvj3hZCAWWR9IaQyi7P082/cswo9HzOHP5KOg==; domain=.tellrail42.com; expires=Mon, 24-Mar-2025 21:58:44 GMT; path=/; HttpOnly`

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash de999cbbf3063e2ba012cab27e8c738e 14395d10b0f8c845ad581b6ca2ff8acf04824fc8 80616033051fbdb8f80c23e32cb0908ecbb71e5aa38fdeff9e8cb5f59e687771 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Fri, 24 Mar 2023 21:58:44 GMT Last-Modified: Fri, 24 Mar 2023 21:28:27 GMT Server: ECAcc (nya/7919) X-Cache: Miss from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 4VkVmEot3lmSuf78V_icmhLre2Y1_1GbWMTZhetMfAezTTpjFIz0Gw== Age: 1817`

	script.anura.io/result.json	35.177.99.174	200 OK	20 kB
URL HTTP/2 script.anura.io/result.json IP 35.177.99.174:0 ASN #16509 AMAZON-02 File type JSON data\012- , ASCII text, with very long lines (1490) Size 20 kB (20132 bytes) Hash 0eb6e409ee171e64365dd68cb43c5565 658712c5935b81adcf951fb45bfcacadaae13471 fce16e6b691383ab5c0ba57bbf3ec7cd84a67c5c92fcd6451295ab800337fc1c HTTP Headers `POST /result.json HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 33 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:44 GMT content-type: application/json; charset=utf-8 server: nginx vary: Accept-Encoding access-control-allow-origin: * access-control-allow-methods: GET, POST expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png	142.250.74.3	200 OK	3.4 kB
URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png IP 142.250.74.3:0 ASN #15169 GOOGLE File type PNG image data, 34 x 280, 8-bit/color RGBA, non-interlaced\012- data Size 3.4 kB (3351 bytes) Hash 9e9dd969ceb057a228067a1c539127f9 fb2da26959858054157960bb7f8e6c145648eaac db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb HTTP Headers `GET /mapfiles/api-3/images/autocomplete-icons.png HTTP/1.1 Host: maps.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: image/png access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile" report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]} content-length: 3351 date: Fri, 24 Mar 2023 21:58:45 GMT expires: Fri, 24 Mar 2023 21:58:45 GMT cache-control: private, max-age=31536000 last-modified: Tue, 18 May 2021 19:15:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png	142.250.74.3	200 OK	1.6 kB
URL HTTP/2 maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png IP 142.250.74.3:0 ASN #15169 GOOGLE File type PNG image data, 120 x 14, 8-bit/color RGBA, non-interlaced\012- data Size 1.6 kB (1616 bytes) Hash f28a13545ca7be5cd9ea31bdd9ea7f8e f4f45a59720b9d637b1e7e0ed5783ee84887287f cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4 HTTP Headers `GET /mapfiles/api-3/images/powered-by-google-on-white3.png HTTP/1.1 Host: maps.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK accept-ranges: bytes content-type: image/png access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile" report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]} content-length: 1616 date: Fri, 24 Mar 2023 21:58:45 GMT expires: Fri, 24 Mar 2023 21:58:45 GMT cache-control: private, max-age=31536000 last-modified: Tue, 18 May 2021 19:15:00 GMT x-content-type-options: nosniff server: sffe x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	24hrsafetyshower.com/assets/images/favicon.png	172.98.77.79	500 Internal Server Error	201 B
URL HTTP/1.1 24hrsafetyshower.com/assets/images/favicon.png IP 172.98.77.79:0 ASN #46562 PERFORMIVE File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size 201 B (201 bytes) Hash 97a9fd7e9ab2dc957086558040da524d 6d077680d3a55e1b49e595944f280b252ded37e6 71da4c5becb150d34bb337a227427295858a4097e6226af2dd77d0695f533a37 HTTP Headers `GET /assets/images/favicon.png HTTP/1.1 Host: 24hrsafetyshower.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/?aid2=5356&cid2=60763637&reqid=60763637&s1=822599&s2=720240445 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin` `HTTP/1.1 500 Internal Server Error Server: nginx/1.4.6 (Ubuntu) Date: Fri, 24 Mar 2023 21:58:45 GMT Content-Type: text/html Content-Length: 201 Connection: close`

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50	54.230.245.201	200 OK	1.4 kB
URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 IP 54.230.245.201:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 1.4 kB (1449 bytes) Hash ef825b8a88a51cd76a51d08dfc1d4f99 5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b 2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1 HTTP Headers GET /iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 HTTP/1.1 Host: d2m2wsoho8qq12.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site HTTP/1.1 200 OK Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive Server: nginx Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Content-Encoding: gzip Date: Fri, 24 Mar 2023 02:07:06 GMT ETag: W/"641b3057-dbb" X-Cache: Hit from cloudfront Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: RVTuBRiXscnjWzJW7ybbNWHGk79EARDhMCrUnkMZkUO7JS9oodbPgg== Age: 71561

	create.leadid.com/2.11.9/SaveDom?msn=2&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688906	34.233.231.247	200 OK	21 B
URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688906 IP 34.233.231.247:0 ASN #14618 AMAZON-AES File type data Size 21 B (21 bytes) Hash 7eb22cb333d4955db9707321011c19b1 5db98288598f62a696088b5411c3e13e07438907 366a16b5d201e93dfa1ffedbb1be460d635941b34de09edceea792288fea3270 HTTP Headers POST /2.11.9/SaveDom?msn=2&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688906 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 512 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:45 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rguserid=0a7fe47c-22f2-4796-9229-a5708631ae31; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	ocsp.r2m02.amazontrust.com/	54.230.80.227	200 OK	471 B
URL HTTP/1.1 ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ee8f8d12aa3b15ce8401aff6808373c9 4a86dbaaf0a1ae33f63833dad394a550213a981c 9179edcf9c03bc70cdc895ebfc94df1e52656a9ec6f049610012afdf96f1ea59 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=156179 Date: Fri, 24 Mar 2023 21:58:45 GMT Etag: "641dcee4-1d7" Expires: Sun, 26 Mar 2023 17:21:44 GMT Last-Modified: Fri, 24 Mar 2023 16:25:08 GMT Server: ECAcc (nya/79EB) X-Cache: Miss from cloudfront Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: _sLxRG7aHBqUvK-GNN0Ymc0OwMVPIyfVG-DOsXma8ryJOBuaPhDX6Q== Age: 3396

	api.trustedform.com/certs	54.209.198.209	201 Created	475 B
URL HTTP/2 api.trustedform.com/certs IP 54.209.198.209:0 ASN #14618 AMAZON-AES File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators Size 475 B (475 bytes) Hash 68cb5a4d4f058b185bf38bd93da5c0ed ce639f31d3263666f774045da53f3691726f53fa c2aec1a0d9a931121d39445c3b0b00d25e0319b9b48fdc26429b710a0de8fccc HTTP Headers `POST /certs HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 651 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 201 Created date: Fri, 24 Mar 2023 21:58:46 GMT content-type: application/json; charset=utf-8 content-length: 475 access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate server: Cowboy X-Firefox-Spdy: h2`

	cdn.trustedform.com/trustedform-1.8.38.js	54.230.111.91	200 OK	38 kB
URL HTTP/2 cdn.trustedform.com/trustedform-1.8.38.js IP 54.230.111.91:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (65536), with no line terminators Size 38 kB (37700 bytes) Hash d41d35238546383a5a3b7e5c4853732c 074d6881019e9f638dd8cb56b7ba305d970a638f ea79ea36a47372fce514fc92cb53592a0266f74ca01a0d9edb1daec85580791b HTTP Headers `GET /trustedform-1.8.38.js HTTP/1.1 Host: cdn.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK content-type: application/javascript last-modified: Fri, 24 Feb 2023 16:04:14 GMT x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp server: AmazonS3 content-encoding: gzip date: Fri, 24 Mar 2023 21:58:46 GMT etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: WYNJNMydGU1Pd47Dp7Lc9yntjognEKb_3A5CZvIm4xcX75eZPsf4Yg== age: 1 X-Firefox-Spdy: h2

	api.trustedform.com/certs/5680f021b614ccd18f2ba898601b895c7360afe0/events	54.209.198.209	204 No Content	0 B
URL HTTP/2 api.trustedform.com/certs/5680f021b614ccd18f2ba898601b895c7360afe0/events IP 54.209.198.209:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /certs/5680f021b614ccd18f2ba898601b895c7360afe0/events HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain;charset=UTF-8 Content-Length: 762 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers `HTTP/2 204 No Content date: Fri, 24 Mar 2023 21:58:46 GMT access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate server: Cowboy X-Firefox-Spdy: h2`

	api.trustedform.com/certs/5680f021b614ccd18f2ba898601b895c7360afe0/fingerprints	54.209.198.209	204 No Content	0 B
URL HTTP/2 api.trustedform.com/certs/5680f021b614ccd18f2ba898601b895c7360afe0/fingerprints IP 54.209.198.209:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /certs/5680f021b614ccd18f2ba898601b895c7360afe0/fingerprints HTTP/1.1 Host: api.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 348 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers` `HTTP/2 204 No Content date: Fri, 24 Mar 2023 21:58:46 GMT access-control-allow-credentials: true access-control-allow-origin: * access-control-expose-headers: cache-control: max-age=0, private, must-revalidate server: Cowboy X-Firefox-Spdy: h2`

	display.ringba.com/v1/nis/hb	23.21.37.26	200 OK	0 B
URL HTTP/1.1 display.ringba.com/v1/nis/hb IP 23.21.37.26:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `POST /v1/nis/hb HTTP/1.1 Host: display.ringba.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: text/plain Content-Length: 707 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/1.1 200 OK Access-Control-Allow-Origin: https://24hrsafetyshower.com Access-Control-Max-Age: 300 Cache-Control: no-cache Date: Fri, 24 Mar 2023 21:58:48 GMT Expires: -1 Pragma: no-cache Server: Microsoft-IIS/10.0 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET X-Runtime: 0.0020 Content-Length: 0 Connection: keep-alive`

	create.lidstatic.com/campaign/4794145a-6dbd-5239-4869-1debd00fe1aa.js?snippet_version=2	104.22.39.182	200 OK	0 B
URL HTTP/2 create.lidstatic.com/campaign/4794145a-6dbd-5239-4869-1debd00fe1aa.js?snippet_version=2 IP 104.22.39.182:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers `GET /campaign/4794145a-6dbd-5239-4869-1debd00fe1aa.js?snippet_version=2 HTTP/1.1 Host: create.lidstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:44 GMT content-type: text/javascript x-amz-id-2: p5TcWrLW6kCwKuFKAz4l84/pCyfo3J5DSO9eDXLqmhOzXrkq6npgp3Ngh9km9L/pDVSGsRQ/uVuFeAykW++s1w== x-amz-request-id: 6TDSBQPMFDQ80BHT x-amz-replication-status: COMPLETED last-modified: Fri, 12 Nov 2021 00:50:10 GMT etag: W/"014fb701978aa9feacf547605e1bb371" cache-control: max-age=1800 x-amz-version-id: nmd61VcECFzopWE1EVs.IEMqSKfGZ3GE cf-cache-status: REVALIDATED vary: Accept-Encoding server: cloudflare cf-ray: 7ad22d5cac942e0f-ARN content-encoding: gzip X-Firefox-Spdy: h2

	deviceid.trueleadid.com/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50	35.169.79.47	200 OK	0 B
URL HTTP/2 deviceid.trueleadid.com/iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 IP 35.169.79.47:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers GET /iframe.html?token=28D02B76-6562-33EF-2336-58E53D96B2B9&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=4794145A-6DBD-5239-4869-1DEBD00FE1AA&lac=1E846BB8-6D8D-9BC0-13F9-1E665C1D4A50 HTTP/1.1 Host: deviceid.trueleadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://d2m2wsoho8qq12.cloudfront.net/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site `HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:45 GMT content-type: text/html server: nginx last-modified: Wed, 08 Mar 2023 19:45:51 GMT etag: W/"6408e5ef-1049" expires: Sat, 25 Mar 2023 21:58:45 GMT p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS" cache-control: max-age=86400, public content-encoding: gzip X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&_=134688905	34.233.231.247	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&_=134688905 IP 34.233.231.247:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/GenerateToken?msn=1&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&_=134688905 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 250 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:44 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 23-Apr-2023 21:58:44 GMT; Max-Age=2592000; path=/ rguserid=14b45e20-5fbc-4c02-b7c5-5b3fcd3f048e; expires=Sun, 23-Apr-2023 21:58:44 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 23-Apr-2023 21:58:44 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 23-Apr-2023 21:58:44 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	script.anura.io/request.js?instance=3661425590&source=5356&campaign=992&exid=60763637&variable=anura&167425343633	35.177.99.174	200 OK	0 B
URL HTTP/2 script.anura.io/request.js?instance=3661425590&source=5356&campaign=992&exid=60763637&variable=anura&167425343633 IP 35.177.99.174:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /request.js?instance=3661425590&source=5356&campaign=992&exid=60763637&variable=anura&167425343633 HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:43 GMT content-type: application/javascript; charset=utf-8 server: nginx vary: Accept-Encoding expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354	54.230.111.91	200 OK	0 B
URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 IP 54.230.111.91:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16796951353440.005294078072248354 HTTP/1.1 Host: cdn.trustedform.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://24hrsafetyshower.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK content-type: application/javascript date: Fri, 24 Mar 2023 21:58:45 GMT last-modified: Fri, 24 Feb 2023 16:04:14 GMT x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV etag: W/"1b4d8abad5e0668a237e388577c6a93c" server: AmazonS3 content-encoding: gzip vary: Accept-Encoding x-cache: Miss from cloudfront via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: HTelDJwhjLBtvyQ_Vtm3Xa_yiUuiEUc0-S3WbHRViYpnkDgIy6NyOQ== X-Firefox-Spdy: h2`

	script.anura.io/response.json	35.177.99.174	200 OK	0 B
URL HTTP/2 script.anura.io/response.json IP 35.177.99.174:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash HTTP Headers `POST /response.json HTTP/1.1 Host: script.anura.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 3242 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:44 GMT content-type: application/json; charset=utf-8 server: nginx vary: Accept-Encoding access-control-allow-origin: * access-control-allow-methods: POST expires: Sun, 28 Dec 1980 18:57:00 EST cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0 pragma: no-cache x-content-type-options: nosniff content-encoding: gzip X-Firefox-Spdy: h2`

	create.leadid.com/2.11.9/InitFormData?msn=3&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688907	34.233.231.247	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688907 IP 34.233.231.247:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/InitFormData?msn=3&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688907 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 14181 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:45 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rguserid=b5aa3547-3f90-4184-bf66-e454a060de6a; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 23-Apr-2023 21:58:45 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	create.leadid.com/2.11.9/Snap?msn=4&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688908	34.233.231.247	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=4&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688908 IP 34.233.231.247:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/Snap?msn=4&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688908 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 136053 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:46 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rguserid=c3377fd9-30b5-47de-a504-feb3a18afbae; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

	create.leadid.com/2.11.9/InitFormData?msn=5&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688909	34.233.231.247	200 OK	0 B
URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688909 IP 34.233.231.247:0 ASN #14618 AMAZON-AES File type Size 0 B (0 bytes) Hash HTTP Headers POST /2.11.9/InitFormData?msn=5&pid=c17a9b46-1d78-4ac4-bbd9-851e46cbd946&token=28D02B76-6562-33EF-2336-58E53D96B2B9&_=134688909 HTTP/1.1 Host: create.leadid.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/x-www-form-urlencoded Content-Length: 1080 Origin: https://24hrsafetyshower.com Connection: keep-alive Referer: https://24hrsafetyshower.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers HTTP/2 200 OK date: Fri, 24 Mar 2023 21:58:46 GMT content-type: text/plain;charset=UTF-8 server: nginx set-cookie: rgisanonymous=false; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rguserid=d82e8b64-e034-4c48-9aff-d457202dae5c; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rguuid=true; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ rgisanonymous=true; expires=Sun, 23-Apr-2023 21:58:46 GMT; Max-Age=2592000; path=/ cache-control: no-cache, must-revalidate expires: Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin: * access-control-allow-headers: X-Requested-With, Content-Type access-control-max-age: 1728000 strict-transport-security: max-age=31536000; includeSubDomains; preload content-encoding: gzip X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML