Overview

URLsenecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 172.67.133.55 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 13:50:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (31)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
r3.o.lencr.org (13) 344 No data No data 23.36.77.32
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.215.56.181
ouhastay.net (3) 117137 2021-09-10 09:52:42 UTC 2022-11-25 00:24:04 UTC 139.45.197.239
www.googleoptimize.com (1) 1604 2019-07-23 08:23:32 UTC 2022-11-25 06:34:47 UTC 142.250.74.46
senecaphoneupdate.top (2) 0 2022-05-21 14:09:45 UTC 2022-11-24 07:55:31 UTC 172.67.133.55 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
datatechone.com (1) 0 2015-06-17 13:52:19 UTC 2022-11-25 09:59:37 UTC 37.48.68.71 Unknown ranking
player.vimeo.com (1) 1858 2013-09-26 03:16:08 UTC 2020-01-28 05:29:01 UTC 162.159.128.61
unpkg.com (1) 11693 2016-01-07 23:26:01 UTC 2022-11-25 06:19:56 UTC 104.16.126.175
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-25 06:34:38 UTC 142.250.74.168
flagicons.lipis.dev (1) 527996 No data No data 185.199.109.153
e1.o.lencr.org (3) 6159 No data No data 23.36.76.226
my.rtmark.net (4) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
redrotou.net (1) 145989 2021-03-16 05:03:50 UTC 2022-11-24 16:18:20 UTC 139.45.197.251
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
overalltrack.com (3) 112756 2018-12-01 03:47:10 UTC 2022-11-25 10:42:50 UTC 68.183.98.124
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-25 06:21:31 UTC 142.250.74.174
vod-progressive.akamaized.net (1) 19176 No data No data 23.36.76.152
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-25 05:53:39 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
app1-smartsecurity-etl.herokuapp.com (4) 115431 2021-11-12 17:04:25 UTC 2022-11-25 10:42:50 UTC 54.224.34.30
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 104.18.32.68
ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
analytics.tiktok.com (3) 1182 No data No data 23.36.79.32
track.profitableredirect.com (1) 124496 No data No data 18.192.108.151
broker-systems.com (17) 0 2020-12-15 12:26:55 UTC 2022-11-24 15:52:06 UTC 104.21.79.157 Unknown ranking
senecaphoneupdate.top (2) 0 2022-05-21 14:09:45 UTC 2022-11-24 07:55:31 UTC 104.21.5.85 Unknown ranking
ocsp.pki.goog (6) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-25 2 ouhastay.net Sinkholed
2022-11-25 2 ouhastay.net Sinkholed
2022-11-25 2 datatechone.com Sinkholed
2022-11-25 2 ouhastay.net Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.133.55
Date UQ / IDS / BL URL IP
2023-01-08 14:59:03 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-08 07:44:05 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55
2023-01-07 22:44:02 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55
2023-01-07 14:05:15 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-05 23:00:13 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-01 12:36:14 +0000 0 - 0 - 2 bafybeih4wf2nc5s3vgcwjvmvbtdgc42ogggkiallso6b (...) 104.17.64.14
2023-02-01 12:35:56 +0000 0 - 6 - 14 hawee.dlios.cc/ 104.18.28.49
2023-02-01 12:35:10 +0000 0 - 0 - 8 www.aceneurotonix.ltd/l/lt4PD11228O2G/5254J91 (...) 172.67.141.181
2023-02-01 12:34:38 +0000 0 - 2 - 1 video.o6hff.com/4LR2T5KC 172.67.165.17
2023-02-01 12:34:14 +0000 0 - 3 - 1 video.o6hff.com/NwgpSRvx 104.21.11.23


Last 5 reports on domain: senecaphoneupdate.top
Date UQ / IDS / BL URL IP
2023-01-09 01:48:02 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 188.114.96.1
2023-01-08 19:46:02 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 188.114.97.1
2023-01-08 14:59:03 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom2/ (...) 172.67.133.55
2023-01-08 07:45:05 +0000 0 - 3 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 104.21.5.85
2023-01-08 07:44:05 +0000 0 - 2 - 0 senecaphoneupdate.top/security-master-0-rom/i (...) 172.67.133.55


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-02 12:00:55 +0000 0 - 0 - 2 tele123.store/cl/500/env/nl 79.98.29.10
2022-12-02 12:00:27 +0000 0 - 0 - 2 telefonica.site/bd/fortune/nl/ 79.98.24.35
2022-12-02 10:51:13 +0000 0 - 0 - 2 senecaphoneupdate.top/smart-security-0/index. (...) 172.67.133.55
2022-12-01 13:56:11 +0000 0 - 0 - 2 exceptionalphonesecurity.xyz/smart-security-0 (...) 172.67.155.44
2022-12-01 13:02:12 +0000 0 - 0 - 2 televivo.online/kz/env/nl 194.135.87.58

JavaScript

Executed Scripts (51)

Executed Evals (1)
#1 JavaScript::Eval (size: 5) - SHA256: 35e6366764c85ff27d4eaa8798d75814c7c25d9aa684fc270eac4d8056341083
enSet

Executed Writes (14)
#1 JavaScript::Write (size: 331) - SHA256: 06b1d89c50ec70f73fc4772b195863767a48a12f911a69d423f6685c80e38a3f
< a class = "close exitpoint"
style = "display: none"
id = "close-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384242189" > < /a>
#2 JavaScript::Write (size: 2) - SHA256: 1d97c9fec35ad3ba402a8bb3548546924ce958f8f4b8a65b0f39c9c6171bdf34
Ad
#3 JavaScript::Write (size: 320) - SHA256: a14484f7af6c438927248815d7885d3b692ccd0e370113b271430549b86759db
< a class = "button exitpoint right cancel"
id = "cancel-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384242189" >
#4 JavaScript::Write (size: 6) - SHA256: 19766ed6ccb2f4a32778eed80d1928d2c87a18d7c275ccb163ec6709d3eb2e27
Cancel
#5 JavaScript::Write (size: 8) - SHA256: 31fbef162594de01bab0cd525c51f74de7bcb15063029fa1a54b2cf5944c80d8
Continue
#6 JavaScript::Write (size: 50) - SHA256: be434f49ec21e26b619e4186cce641233e60036505ac9cf6de704ebeb72b0e6d
Cleaner Update
for Android Android is Recommended!
#7 JavaScript::Write (size: 89) - SHA256: 6c19434f8282294efc05f0fd70015529942972352a6b00984ac14d444f61db9b
Update now
for < strong > FREE < /strong> to clean and boost your Android Android immediately!
#8 JavaScript::Write (size: 316) - SHA256: c6fe254d9ab361aee35b63836b8fad4c0f252e6635c5f73a67d666f23cd0a5d8
< a class = "button exitpoint install"
id = "install-button"
href = "https://play.google.com/store/apps/details?id=com.smartsecurityxzt&referrer=publisher%3D{trafficsource.name}%26clickid%3D{clickid}%26utm_source%3Dvar1%26utm_medium%3Drestart_{offer.name}%26utm_campaign%3D{trafficsource.name}%26timestamp%3D1669384242189" >
#9 JavaScript::Write (size: 68) - SHA256: 3d616b12fbe8aa4b171323dc696cebb002be86551f35cc23fe0bc2756abc58e7
< a class = "button"
id = "center-button"
href = "smartsecurityxzt://open" >
#10 JavaScript::Write (size: 156) - SHA256: 949398833ecb71dace0d6a15f4166af32a8e0c16be1f945f93297956925b8f51
< img src = 'https://overalltrack.com/api/v3.0/clickapi/img?aid=1&clickId={clickid}'
style = 'position:absolute;width:1px;height:1px;left:0;bottom:0;opacity:0;' >
#11 JavaScript::Write (size: 112) - SHA256: 4448b50a0446877c729032fc7d2ac04b985f7838bfc700b779e132afa7c2803c
Your phone Android Android can work faster, we released a Cleaner update, and it is recommended
for every phone.
#12 JavaScript::Write (size: 4) - SHA256: ecd5b806462c7dfdf078ac76c549060a06660422d00e55bd5823be6747361085
< /a>
#13 JavaScript::Write (size: 10) - SHA256: f96f4d46e788614ae69e039ae032229de03f08cfe7f84c7f405ba021e50d3eca
Update Now
#14 JavaScript::Write (size: 53) - SHA256: 6ce64525848d677d6f619f970e996c47cc6a82bf85d40bb2acd64474d3a3046e
Click < strong > Allow < /strong> To Continue Using Chrome


HTTP Transactions (89)


Request Response
                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: senecaphoneupdate.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.5.85
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 25 Nov 2022 13:50:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 14:50:42 GMT
Location: https://senecaphoneupdate.top/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JTxDT%2FcKbWA9a%2FDtrsYU2V2sFMsKlPrfdE4nxyPk4qC%2FpeXZYpvVhrd1p26Vp3pxbtRw6Eu2vId1oDoTHbNyxyAaRMzJJ9LP9U%2FInT7U%2FS%2BQTZjJKaSBZVLKciyjqULlY4GNeOymBU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fadad889b1b509-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3850
Expires: Fri, 25 Nov 2022 14:54:52 GMT
Date: Fri, 25 Nov 2022 13:50:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2275
Cache-Control: max-age=163107
Date: Fri, 25 Nov 2022 13:50:42 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:09:09 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6262
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 13:50:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15581
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:50:42 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:19:07 GMT
cache-control: public,max-age=3600
age: 1895
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2mQy20eyZFksNX0XSkpQFjc4SpzCKdPdaqV/yjzbNHOot4RFhbAjmaOu67pE98UubO/Y1wRKnNA=
x-amz-request-id: JJ8ZENF286GE9WCS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:43:51 GMT
age: 411
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 13:08:53 GMT
cache-control: public,max-age=3600
age: 2509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "C651001B0B255E41C0113FDAD79570CAAB6FB23BCDA7A74C8AB287F4841529CF"
Last-Modified: Thu, 24 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15581
Expires: Fri, 25 Nov 2022 18:10:23 GMT
Date: Fri, 25 Nov 2022 13:50:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6274
Cache-Control: max-age=162043
Date: Fri, 25 Nov 2022 13:50:42 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:51:25 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2785
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 13:50:43 GMT
Connection: keep-alive

                                        
                                            GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:43 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    7e1da03b7d5254f7b1d93874c8f85ce4
Sha1:   c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
Sha256: ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8U/wkt7Gslcl9GDz6fLr7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.215.56.181
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xCWexNL7U+J2MG/hOqaYvvJRPHQ=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0B380903430DED2A3ED82FC4D7506FDCED5C646D7D9AE91F739625E152C3A700"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1125
Expires: Fri, 25 Nov 2022 14:09:28 GMT
Date: Fri, 25 Nov 2022 13:50:43 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1376
Md5:    92dc62d384ad8265f45d60791127e9bf
Sha1:   ceced69d290307dee5ec2cf1ccc58da9360f1864
Sha256: 76e0dd952f789c7a05d2eececf4f02ad5940c1debbf75e95429887bc1d101544
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114704
Date: Fri, 25 Nov 2022 13:50:43 GMT
Etag: "637fcc2c-1d7"
Expires: Sat, 26 Nov 2022 21:42:27 GMT
Last-Modified: Thu, 24 Nov 2022 19:55:24 GMT
Server: ECS (dcb/7F14)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -AxRDxV4gvXrRIXlRwWHoyWwDggwc4fUSRrsHkn6gMIamfUaIiOUYw==
Age: 6423

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111880
Date: Fri, 25 Nov 2022 13:50:43 GMT
Etag: "637fcc2c-1d7"
Expires: Sat, 26 Nov 2022 20:55:23 GMT
Last-Modified: Thu, 24 Nov 2022 19:55:24 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SHMhCEIQegV3zghSTOGHr9AkUb_qzqo5A94CpOU-sjOPEGPXERGsGg==
Age: 3599

                                        
                                            GET /i18n/pixel/identify.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 202211251350430264EBFF7804862A887D
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b5bad2e85bc373d15a63039e1448a4ae1ffc873063d7b6e9050b5c65c6c6cf2bfe5322a086f4707ad3412b6cc50b64da4
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:50:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:50:43 GMT
content-length: 30817
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=4, origin; dur=113
x-origin-response-time: 113,23.36.79.28
x-akamai-request-id: 576f384c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30817
Md5:    32df3bbc6837c6554b137cb4a0230fab
Sha1:   8f3ab3ecab58bc322d0a21df6638b04e8a72807e
Sha256: 9222a19b12272931fb243e42a5bc5a67392daae6f51005868c737ddda711c911
                                        
                                            GET /api/v3.0/clickapi/img?aid=1&clickId={clickid} HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:50:43 GMT
Content-Length: 43
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Set-Cookie: currentClickid=%7B%221%22%3A%22%7Bclickid%7D%22%7D; Max-Age=31536000; Path=/; Expires=Sat, 25 Nov 2023 13:50:43 GMT; Secure; SameSite=None


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0808D22DF128F20931D86CE2BE12C5F1B1B031A083B4BB623B495ABE50AD6773"
Last-Modified: Thu, 24 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10936
Expires: Fri, 25 Nov 2022 16:52:59 GMT
Date: Fri, 25 Nov 2022 13:50:43 GMT
Connection: keep-alive

                                        
                                            OPTIONS /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.224.34.30
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:50:43 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 932
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Cookie: _ttp=2I2ejveYhCFXTjrKN7UkS46tS4A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 202211251350438C8A927DDE9CCD583E6A
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465bd8455dbf6a7d2e57675727bb851e015f8a419c3355de04bccaa8a40a4345125921458d7e8fb3c5317623b8025cb033a7
expires: Fri, 25 Nov 2022 13:50:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:50:43 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=3, origin; dur=121
x-origin-response-time: 121,23.36.79.28
x-akamai-request-id: 576f39c4
X-Firefox-Spdy: h2

                                        
                                            GET /device_by_model?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.224.34.30
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:50:43 GMT
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur

                                        
                                            OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://senecaphoneupdate.top/
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:50:43 GMT
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   8
Md5:    f30c3a40e9a3e65c868c754a5de95919
Sha1:   65101ff283414b70636ff494d866190a66ed9978
Sha256: 875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
                                        
                                            OPTIONS /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.224.34.30
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:50:43 GMT
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur

                                        
                                            GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1 
Host: overalltrack.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://senecaphoneupdate.top
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         68.183.98.124
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 25 Nov 2022 13:50:43 GMT
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

                                        
                                            GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Fsenecaphoneupdate.top%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:43 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b25214f25846407a8ba012e580b27b3e; expires=Sat, 25 Nov 2023 13:50:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B65B7FB441D78D75685F9062F7FE4C807CFCF366F425A50A53D41598BC68BBAC"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Fri, 25 Nov 2022 15:36:15 GMT
Date: Fri, 25 Nov 2022 13:50:43 GMT
Connection: keep-alive

                                        
                                            GET /device_by_model/?model=x64 HTTP/1.1 
Host: app1-smartsecurity-etl.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://senecaphoneupdate.top
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.224.34.30
HTTP/1.1 404 Not Found
Content-Type: application/json
                                        
Connection: keep-alive
Server: gunicorn
Date: Fri, 25 Nov 2022 13:50:43 GMT
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Size:   86
Md5:    024c203b02c3d88f5e07d125220aa18a
Sha1:   4450bc452d44c05834e068f5341745b2e81ebbe3
Sha256: a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
                                        
                                            GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1 
Host: redrotou.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.251
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:43 GMT
last-modified: Thu, 24 Nov 2022 15:53:54 GMT
etag: W/"637f9392-12fca"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   27797
Md5:    703a1430569f330510fb3618cda6a7eb
Sha1:   69f5664de26c43271eb93b26b3a0f31c81de0f85
Sha256: 44d7354c8fd5f428a904edcb3fe712d5de6c9791de648e68ee35a8ed2e9e2d29
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BEB57722EDC3A4176A2E5B390ECB597169D06BC6F73BA1FCB53CA536A8020B90"
Last-Modified: Fri, 25 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10386
Expires: Fri, 25 Nov 2022 16:43:50 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2784
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676
Cookie: OAID=2a2c969a7695492195e8be20c7ca2a5d; oaidts=1669384244
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /img.gif?f=merge&userId=2a2c969a7695492195e8be20c7ca2a5d HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ouhastay.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: image/gif
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:44 GMT
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2a2c969a7695492195e8be20c7ca2a5d; expires=Sat, 25 Nov 2023 13:50:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    b4491705564909da7f9eaf749dbbfbb1
Sha1:   279315d507855c6a4351e1e2c2f39dd9cd2fccd8
Sha256: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   2217
Md5:    dfd6870fac06b1052963d0566e57058e
Sha1:   abc4e59a0b51a497054ba436f2cae07ba3b1745c
Sha256: 4c8825bbeb91c66b27d26b64f52b4f1de9bb4ab7dc4684048f0f8504c028c5fa
                                        
                                            GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1669384243891&hash=1eJXIrZObS_QmGSHbI9obv_SDLiU6f_YANdm2lEvuAY&rm=D HTTP/1.1 
Host: track.profitableredirect.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=KxNH7SxRAOQHBfqQ4vDbDAK67iNGDtt664wbj84s-pU; cc-v4=n4AsHWI0Gd6ZzceMhlj84AoERrg%2BYFxtuFEzu96LT7yLDHiTAAj%2FnqFP41r1mvhR2KaESkl2wXtMCreFyBVpqLWbPl7tZaZiB%2Fz0MaiKCUdEm7MiGMSczO0h5UuuUlzqYyGWnw58CeENfPQyJLc1Cg%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         18.192.108.151
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:43 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2143
Md5:    e25dbf616dd08c110a5e8bcf5b87ca23
Sha1:   8372f568b00a1320fa3559daac2e940598d7140a
Sha256: c8701b320fb0898ac4604f1b171f2e1f8acf739ad550c0d1849436defef8d456
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3676
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 13:50:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11954
x-amzn-requestid: c2484616-009c-47c4-b52a-36b956c7b207
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JzaHXLoAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2348-01d4a7be526475d31fce3c13;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 3KRN_6gYmJqP-Ehaxdu5iwp9xKOOg-dhtGdUcSaho56NVWqVCtyiFA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 14:49:47 GMT
age: 82857
etag: "b80047da428636adb7027f12718c8d11bd461da4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11954
Md5:    6673267df195141739d1018c17101368
Sha1:   b80047da428636adb7027f12718c8d11bd461da4
Sha256: de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:38:44 GMT
age: 33120
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
age: 58536
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57359
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 42196
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 57816
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            POST /?z=3647676&syncedCookie=true&rhd=false HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 455
Origin: https://ouhastay.net
Connection: keep-alive
Referer: https://ouhastay.net/afu.php?zoneid=3647676&var=3647676&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=2a2c969a7695492195e8be20c7ca2a5d; oaidts=1669384244
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         139.45.197.239
HTTP/2 302 Found
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:44 GMT
content-length: 0
location: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
x-trace-id: 978f03480435fda33b1e1e141978c5d0
link: <https://broker-systems.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
access-control-allow-origin: https://ouhastay.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2a2c969a7695492195e8be20c7ca2a5d; expires=Sat, 25 Nov 2023 13:50:44 GMT; path=/; secure; SameSite=None oaidts=1669384244; expires=Sat, 25 Nov 2023 13:50:44 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 13:50:44 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=149671
Date: Fri, 25 Nov 2022 13:50:44 GMT
Etag: "63806ddb-117"
Expires: Sun, 27 Nov 2022 07:25:15 GMT
Last-Modified: Fri, 25 Nov 2022 07:25:15 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4243
Cache-Control: max-age=94502
Date: Fri, 25 Nov 2022 13:50:45 GMT
Etag: "637f85c8-117"
Expires: Sat, 26 Nov 2022 16:05:47 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /assets/img/2022/02/04/1646413684488-18ea1365-fd52-4a50-b07f-2ba9046efb59.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FY3czEV8eAeP%2BrIEZiUO%2BMxGDCI2%2BH%2FAQS2ig%2BWOOO2GubnbUbMjVqMtdE9bzJjpc1zL4cXOn36w1cKdXnROQal55UmIQDB2quTY7jzLGa2lpQpdBGmUyO65EHYLfTawc66Ag0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef10afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 513 x 68, 8-bit/color RGBA, non-interlaced\012- data
Size:   7891
Md5:    76f3f9a82d01ff7f4ea57c026675a96b
Sha1:   bb4f94eba8bbccd39c09017c0c952f3a6dc4793d
Sha256: a3437ba118f9434c07f254acd7f3c0c563d947e45d79912727432fd9e23e9c70
                                        
                                            GET /assets/img/2021/07/03/1627983981297-09ae9196-87ef-4a69-938e-8ca455880a42.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQ1FTMcd8sjO1nkkdvbHybaBq3bJU02JEG9DkNIEilnlKKUyeeVGPfkj95wQf%2Bo3js8vSCpsbVJ%2Fhpv72DGim98cSHkaDP5KpOdhiccnkTpFe3mh%2F%2BECvCn4nLBOXVD%2F1Ahk2HI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef40afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 66, 8-bit/color RGBA, non-interlaced\012- data
Size:   7876
Md5:    5802570e1c7a952586bf795fad8f9427
Sha1:   96f8b4632984ff62849574a35c5d2ae982d4d081
Sha256: ca1de381f284c79c87d2fe68034484be45f72819fdf697be35a185c6f54e97d9
                                        
                                            GET /assets/img/2021/07/03/1627994332152-c4584953-f3aa-4b49-b0fb-e9b64e9d2a97.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 661
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ezn9FRpXxQ1vn3BYmc43E%2F1PherCTr%2FaVwgFObLQ3zGz3ANfbUL%2BpsKL%2FtSpQxH13Jijn8EHFU80hx3lPyQKyu9wXGRLBflrMG3CElfJkMVbd2DIGiE7ZbdCZdsnSnm958MLSdQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaec0f240afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 124 x 112, 8-bit colormap, non-interlaced\012- data
Size:   1546
Md5:    1e300bf8fd53c4012addc6384869ecba
Sha1:   360650729f2d9a4e4187c81bf2efdf43c0a61c80
Sha256: c02d2f99c35f5f6e8117f60dc2a115b069153504c54bb0839374460848cf6594
                                        
                                            GET /gtm.js?id=GTM-MLX3JTP HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:50:45 GMT
expires: Fri, 25 Nov 2022 13:50:45 GMT
cache-control: private, max-age=900
last-modified: Fri, 25 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48796
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2518)
Size:   48796
Md5:    4da2a18382972ec10a7e92422e693fae
Sha1:   e57227a297e84afeb889f5f797a4fc9953c3293d
Sha256: dfd8f53f5b176b1412b9bbdef24e4beab85c8ea156c087b296cd2adaa70daf94
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "54D2B755BFBFEDFC4DA722A3260099C671FFB2449458266C99FAEFD2429A2869"
Last-Modified: Fri, 25 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20609
Expires: Fri, 25 Nov 2022 19:34:14 GMT
Date: Fri, 25 Nov 2022 13:50:45 GMT
Connection: keep-alive

                                        
                                            GET /assets/at/v5/tracking.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qg9fvjbVgICOLx7bhU3Au5TvXEEktO6cd8EQ8bTBQRCVwaVc3QklWFEneqTzOMFkomWdVrOO9C1m%2FUmNyDA2%2F8SlKPBoDGs9R%2BMmXN5kVkQ2M%2FrNUr7ApNTquO01OEjaRbCcrik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcee70afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28968)
Size:   10857
Md5:    5c67f6d6f778eb0ee0eb44a27531cf41
Sha1:   bc3af6f3899d63f61c1be1e3c0a3a44d7624c29f
Sha256: 34c490b8d6d0e8bc8abf3be6ee96f750b410a841447c34437b186468b1276329
                                        
                                            GET /assets/reg/v2/registration.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05VgceEC2mdWe6qphrTYElAQAbapfGtXayBKXdbJQXSssps5N6IFbLkUMPOF4AQZq4D33t24KsTAPBxm8clfxEGvDGEDNOXuu0ULkgiKx%2BWe599QOlQ4u%2FgBop7vxLILJXLS6Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcee20afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (22747)
Size:   114078
Md5:    70785d932273eb53bc325e6185767e87
Sha1:   7dfe0736992e94c8fd6c3da5f92d01f49cdad480
Sha256: d0b36f046a7fa1cd182e1e53676801372699d41486b90fe7e44af9c63ccb80db
                                        
                                            GET /assets/img/2021/06/26/1627297013883-7dbc897f-02ca-4586-9259-4c23ea49acb5.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCFcV6sAv43DRBE%2BPiiyP2kPiOxOFS2rfea8SaayV8qqGaE6e8nujXMRk3%2Bas%2FiV%2BwBS1MHy9lMlfpGvG70s3XeAkU6ppNnzuANN9kSbMp0m8aychG%2FWuBXVpQc3MGqpmkdAMpE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef70afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 822 x 988, 8-bit colormap, non-interlaced\012- data
Size:   225801
Md5:    fc75e7d005a4ecc71cf64c0aa8668fdb
Sha1:   b3c289633cd9b0296455275c2ed9fde981158e6a
Sha256: b072b5f89c0be55f74766b4164d150b1236f099e0fb037334446e26a298a4439
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:45 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 24 Nov 2022 16:52:35 GMT
Expires: Thu, 01 Dec 2022 16:52:34 GMT
Etag: "2ffaca360ca166595c22af6993fe09f828d94f2e"
Cache-Control: max-age=528708,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fadaef2b1ab503-OSL

                                        
                                            GET /optimize.js?id=OPT-TLN47DR HTTP/1.1 
Host: www.googleoptimize.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:50:45 GMT
expires: Fri, 25 Nov 2022 13:50:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   44245
Md5:    3aef15d1379916130c74415a504b2a94
Sha1:   bcc13f768a1a6764ce31559a2dc75f5738fbb8b9
Sha256: cada3970321f0a75d9b6ed7ce9ca7b182ce7c5800648e5d5f77dc7d1d57fbccf
                                        
                                            POST /log/add?cid=0146f596-44d1-40c0-b3b5-74fcad621e75 HTTP/1.1 
Host: datatechone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1122
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 13:50:45 GMT
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://broker-systems.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   2
Md5:    444bcb3a3fcf8389296c49467f27e1d6
Sha1:   7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
Sha256: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2783
Expires: Fri, 25 Nov 2022 14:37:08 GMT
Date: Fri, 25 Nov 2022 13:50:45 GMT
Connection: keep-alive

                                        
                                            GET /p.js?f=sync&lr=1&partner=eab99f1fc1f1a842a80c0c1f9eaf61c227df092b0e93a22ef50a18b65955d84a HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:45 GMT
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   697
Md5:    109d9d0f284658da4525b3d1c0ead2ec
Sha1:   3fc4214c1bef95a85db5eaa84c262d6d85275b6e
Sha256: 73657615b5abe9d595c5dcb7faa33dd526743bc03168c7fd72de56d573c5cc7c
                                        
                                            GET /flags/4x3/no.svg HTTP/1.1 
Host: flagicons.lipis.dev
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         185.199.109.153
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: GitHub.com
x-origin-cache: HIT
last-modified: Wed, 19 Oct 2022 08:52:22 GMT
access-control-allow-origin: *
etag: W/"634fbac6-13e"
expires: Sun, 20 Nov 2022 06:21:53 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: ECA6:9356:1523F66:1CD8CDC:6379C529
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:50:45 GMT
via: 1.1 varnish
age: 578
x-served-by: cache-bma1661-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1669384246.816035,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: c32c588943fd5daf664c139e0beb015d7f613605
content-length: 188
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   188
Md5:    f916e66fd4723d7b98979d330bdab4d4
Sha1:   b30df178bab8c3751c9e593dc19999823d98c6a7
Sha256: 9c4ce2506adbbb63dda2139fb698e6ec80134b41862e8206d431ba3607cd4148
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5055
Cache-Control: 'max-age=158059'
Date: Fri, 25 Nov 2022 13:50:45 GMT
Last-Modified: Fri, 25 Nov 2022 12:26:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 12:41:08 GMT
expires: Fri, 25 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 4177
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /external/465726082.hd.mp4?s=e5c3d3024ed8e02293307a9d67b5e6f9b16e59e8&profile_id=174 HTTP/1.1 
Host: player.vimeo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         162.159.128.61
HTTP/1.1 302 Found
                                        
Date: Fri, 25 Nov 2022 13:50:46 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Security-Policy: default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Expires: Fri, 15 Dec 1985 19:30:00 GMT
Location: https://vod-progressive.akamaized.net/exp=1669398646~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=f0024a36a03282b2c59ecf547953dbcaa7509b3869095aeed8d32237a22c26e1/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-Host: player-backend-5ff8dcb846-p9qgv
X-Player-Backend: g
X-Xss-Protection: 1; mode=block
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Age: 0
X-Served-By: cache-bma1630-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1669384246.973585,VS0,VE143
CF-Cache-Status: DYNAMIC
Set-Cookie: __cf_bm=pqop5hIwtxF8n9a9n.GVBbq1QHPKP5wjiCp7I_QcP.Q-1669384246-0-ASnAoTrYJWm2xmFIFa2qlk4b3m2uPfjAarjHwZVBwlzVCg8TV1UCt0deeb+Czy0zKqGzPe3x8m+6aMzvsy5AH5s=; path=/; expires=Fri, 25-Nov-22 14:20:46 GMT; domain=.vimeo.com; HttpOnly; Secure; SameSite=None
Server: cloudflare
CF-RAY: 76fadaf13c08b529-OSL

                                        
                                            GET /exp=1669398646~acl=%2Fvimeo-transcode-storage-prod-us-west1-h264-720p%2F01%2F3145%2F18%2F465726082%2F2066354506.mp4~hmac=f0024a36a03282b2c59ecf547953dbcaa7509b3869095aeed8d32237a22c26e1/vimeo-transcode-storage-prod-us-west1-h264-720p/01/3145/18/465726082/2066354506.mp4 HTTP/1.1 
Host: vod-progressive.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Range: bytes=0-
Referer: https://broker-systems.com/
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.152
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
X-GUploader-UploadID: ADPycdvFALOJgFC8lHRE0XZtj_vOO8NMw94V883uDWMJyDi0Z5tzcMZ5sJ_cbHrMp_W3I5t9ZIwCFXUG4i7oN_MZINQBq6BT75Ie
x-goog-generation: 1661020573365224
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11965965
x-amz-meta-x-goog-reserved-source-generation: 1602068348320686
x-goog-hash: crc32c=hqujiA==, md5=DBrrzNDq44InOGp42cFLAQ==
x-goog-storage-class: COLDLINE
Accept-Ranges: bytes
Server: UploadServer
Aka-c-hit: cache-hit
Last-Modified: Sat, 20 Aug 2022 18:36:13 GMT
ETag: "0c1aebccd0eae38227386a78d9c14b01"
Cache-Control: private, max-age=29527447
Expires: Thu, 02 Nov 2023 07:54:53 GMT
Date: Fri, 25 Nov 2022 13:50:46 GMT
Content-Range: bytes 0-11965964/11965965
Content-Length: 11965965
Connection: keep-alive
AK-REFERENCE-ID: 0.944c2417.1669384246.50e69de
Akamai-Mon-Iucid-Del: 875210
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Timing-Allow-Origin: *
X-VIM-CACHEBC: EP:H11,E:h
Access-Control-Expose-Headers: Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Akamai-Edge-IP: 23.36.76.152


--- Additional Info ---
Magic:  ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size:   11965965
Md5:    0c1aebccd0eae38227386a78d9c14b01
Sha1:   f05673ace82e6c754989e36334a939d66fadf3c8
Sha256: d945e04c74f6b88360ee453d3183015ed971b3dd55c89de0d36e11e117c0137d
                                        
                                            GET /assets/reg/v2/registration-form.js HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
cf-cache-status: HIT
age: 663
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH3DTLjEQPHC1Xmu8go4L8Y2d5WkxyBXHXnYA5u32kI7%2FroZQLpV%2BgDWKhTI0O%2Ff%2F9%2FVADZzIttXQ1yrnoAIUvVNgVZZkxOPsfX%2BhoTzDoRVYCbtsI033SeR9roOUfmM1IzyFZk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcee60afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (41190)
Size:   12440
Md5:    f1d52be75aec39a61f46a51df79b15a8
Sha1:   cfb8e1a489a44f6e6804eac990cdb3eb97195dfc
Sha256: a9af8d9815f318a401ae14351f88f2bd1039e67fc3e28b2e75801c11ada68792
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-Y5BMFENDVB&gtm=2oeb90&_p=1134994730&cid=1290173071.1669384245&ul=en-us&sr=1280x1024&_s=1&sid=1669384245&sct=1&seg=0&dl=https%3A%2F%2Fbroker-systems.com%2Fcompare-r%2F%3Fadgroupname%3DBS-NO-NO-Robots-DC%26propelleradsid%3D620005060965052462%26country%3DNO%26campaignid%3D6340333%26cost%3D0.005863%26offerType%3Drts%26utm_source%3Dpropellerads%26utm_term%3D3647676%26utm_campaign%3DBS-NO-NO-Robots-DC%26rdk%3Drk3&dt=broker-systems.com&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://broker-systems.com
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://broker-systems.com
date: Fri, 25 Nov 2022 13:50:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /vue@2.6.14/dist/vue.min.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.126.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"16fc7-2o16WfTmzFXqWKvsM++c67m6Z8E"
via: 1.1 fly.io
fly-request-id: 01F7JYERAAW5E3031G1EAGDR8T
cf-cache-status: HIT
age: 14788414
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fadaec1bfeb4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65449)
Size:   43958
Md5:    671a70b4c6306631b0ec9e7812da6c2e
Sha1:   1343c1fe34b8ea0741a53fc3ef4fe91e865bdc2f
Sha256: 5497b4bf63c7487993d89b4cfd25a291a8a76f2f9a2a007866b844eed292f9ed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 13:50:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /afu.php?zoneid=3647676 HTTP/1.1 
Host: ouhastay.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         139.45.197.239
HTTP/2 200 OK
content-type: text/html; charset=utf8
                                        
server: nginx
date: Fri, 25 Nov 2022 13:50:44 GMT
x-trace-id: b3fc4139a555382637279d787ea4ba71
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2a2c969a7695492195e8be20c7ca2a5d; expires=Sat, 25 Nov 2023 13:50:44 GMT; path=/; secure; SameSite=None oaidts=1669384244; expires=Sat, 25 Nov 2023 13:50:44 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /assets/img/2021/06/23/1627034952535-217e2eaa-ce12-41ea-92b9-82e94483661c.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xrmnF60CZ9ouZwkDeq7%2FBLhxPLqv1vBB0Lr2KBDoqbMPJcvL5n7BOq063VZx8RLcfNobT756fsM2bhUzWXcOUZAH%2BI%2F4TV9grYLdRkzWIwcXLJSEPIA%2BPpSCH7LVRwF2Ia1Ow4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef30afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627979101733-6f5c97a5-241b-4c75-a8ad-48f67971041f.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYm0%2Bt68UdEcqY3pWRIVwhjtS1v6Nc9CTr9Cyt%2BkqtWsbADeecd%2F1lEBhKnyixS8IAd7w5P0OTOYPhFQBaNpLBwYyL6cD3uEOLGeBJAdRo6Kv9hKCcfl1WhntTqqjPO3YZrkDUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaec0f260afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /services/offers/register?language=no&includesConsent=false&includesMinimumAge=true HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Fri, 25 Nov 2022 13:50:45 GMT
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 13:50:45 GMT
cf-cache-status: DYNAMIC
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7YFImXOohJgpMkkjB0TsB9bScxyMX1iCML3s%2FZXMqKcVniczl%2BgJE5sp0BgoWy9z4tHejIJpmMePLj%2B%2FLTXVpBApWFBOqHP5ZnBSZOI5cWzSzFNrLEnRgwT%2F%2Fq5TnvT8gjsKrE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaef3a900afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1 
Host: senecaphoneupdate.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         172.67.133.55
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:42 GMT
last-modified: Thu, 05 May 2022 04:35:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhcYXtGV7vfbA9%2Fmui4wyi1Si7dewaiB0CJtxmD5c3ehs94iSY7wRRF22%2BRxgeeQPG%2BIvjA20wNoUQrghe94AEftMyNnpBroEiQQAIbAKbC9OJVDLz9LUeVmiBKm%2F47Fe8ATin3NiXU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadad9ff26b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /i18n/pixel/events.js?sdkid=C8SQEGFV9S6N3MLDFVTG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://senecaphoneupdate.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.79.32
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221125135042616289C7DD49373DC661
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60459c918a449af51d55daa38da0f8465b8c4560aa47662a253c143cd0055ba42c59e8640e73ca296e7befd8d9a719b59aa167e3955b1dab81d4b88b2d03533ba4
content-encoding: gzip
expires: Fri, 25 Nov 2022 13:50:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 25 Nov 2022 13:50:42 GMT
x-cache: TCP_MISS from a23-36-79-28.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=104
x-origin-response-time: 104,23.36.79.28
x-akamai-request-id: 576f36b3
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3 HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
vary: Accept-Encoding
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
cache-control: private
x-do-orig-status: 200
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=We5lfaLeXiZMJS1gbft9AJTo%2F5CTwCNDjDBF%2FDiFt1TMw7KROqyAvFN91gYyBWAWij9O0y29%2BzOrFyyTms756ug%2BdKKaRF9l1zyf85wqdLbWwCG4EzAekAn7Zmj7XU5oGpRkPcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadae8ec560afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Cabin:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 13:50:45 GMT
date: Fri, 25 Nov 2022 13:50:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994280359-a8930d1d-c68c-48c1-9109-f4c3e8036b91.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 634
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7z3Gf1bsC73AfyAd7nvU3k8vfetg8wMncsS4n2JgG6YFvrMnaZ8LwHYB18XAVow6GkXoKTAxDuYz6IYPtXPznFEV5eDhWt2aNNPY%2BkA%2BQlPvyy17X1IueN3Gp1iLAczdijyeLhk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebdefe0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/26/1627314620658-6820b11c-be15-43f5-8fe9-9c5a5a70c2ca.jpg HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08NeqVqIhw6ra1Y9VV3hAnpYaNEkRd4WxdH5JOfkSfngFy9OchPbS3ZD7u3ecYwE%2BvyxqTq5KA5BooOmvz5vj9%2Fw6NlATOfGXjuGoABDT%2FU%2BADJIGtDhb8R%2F%2BOYpbfRz6jALuCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaed48960afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/08/08/1631094157993-71e6734e-0583-460e-ad85-f2e9c96f6f65.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Cookie: _ga_Y5BMFENDVB=GS1.1.1669384245.1.0.1669384245.0.0.0; _ga=GA1.1.1290173071.1669384245
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 10:08:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 6012
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sngteWpb2teMZcZwvsNn2Z9EN51GXGGWYo09EZR5QblFWwQHEcowc0pVDuafVob2OzH7h%2BqegOLGL%2B8KW1DXLSFZy%2Bq%2FbvdtxHv0zYhYEaHE5PyA8mbo5oUtmUrNL7Y2BOZfBbg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaf10c3c0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627983967543-9619d850-d57a-4851-807a-02068b4f5e17.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUEnmBIj%2BG3wcJ3U2xNkf5jhMm8kj127rIpPWtnUwvLywJKsCtgJyLbmmi%2FFanLIxDe%2FiQfVTO6zirIPhYeAQvDndcLedUoPHZtiJt9bjtPITk%2BtJVzGGr5Ehqir%2FoZe9XJzHCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef20afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/06/23/1627034872559-2caa23ff-eecf-4033-b355-8c1f5da0ec76.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aibqT40NhVbUyNrurSakz%2B%2FJuaBavUIsw7CW3Zd%2F8wDSIlmYxO64nUpAbSoJcduqjVShFunHhbbmIKr3%2B42AOPltkctTMD%2F8%2BKtRX0J9EzRuXQErl337jBzKsoKcGoWilKONgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebcef50afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/img/2021/07/03/1627994300561-5bf0b534-f69d-4dab-ba2c-ade842022f0f.png HTTP/1.1 
Host: broker-systems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://broker-systems.com/compare-r/?adgroupname=BS-NO-NO-Robots-DC&propelleradsid=620005060965052462&country=NO&campaignid=6340333&cost=0.005863&offerType=rts&utm_source=propellerads&utm_term=3647676&utm_campaign=BS-NO-NO-Robots-DC&rdk=rk3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.79.157
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 13:50:45 GMT
x-powered-by: Express
access-control-allow-origin: *
x-robots-tag: noindex
cache-control: public, max-age=14400
x-do-app-origin: 5f355662-e6ae-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
last-modified: Fri, 25 Nov 2022 11:38:10 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 662
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM9yfrhSewuRhIyT34k1aW7Z0VP42sGQl04%2FK5uWwnp1R0DXDpM%2FGRATHW%2BExwTi%2FvgNi4SSVp%2Fc2NoG1B4aMPQSrl%2BKMkMp9HhFONtnxG6ilRAvLeo5XHvEv1fx3aqf1nW%2BHOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fadaebdeff0afa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---