tr.rightwayshow.co/7143a65c-ad9e-4790-9645-8149ed8086a8?campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
18.184.38.55302 Found 0 B URL User Request GET HTTP/2 tr.rightwayshow.co/7143a65c-ad9e-4790-9645-8149ed8086a8?campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
IP 18.184.38.55:443
Certificate IssuerLet's Encrypt
Subjecttr.rightwayshow.co
FingerprintF2:00:AA:04:40:1B:76:BA:7D:5E:0F:52:8E:B9:DE:66:7D:3B:E4:97
ValidityTue, 18 Apr 2023 05:58:21 GMT - Mon, 17 Jul 2023 05:58:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7143a65c-ad9e-4790-9645-8149ed8086a8?campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8 HTTP/1.1
Host: tr.rightwayshow.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 10 Jun 2023 13:29:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
pragma: no-cache
set-cookie: 7143a65c-ad9e-4790-9645-8149ed8086a8-v4=G8kGuj9zzk8XErEttVrUiFGO_W4u9FlqWQExPsdjAWo; Max-Age=86400; Expires=Sun, 11-Jun-2023 13:29:55 GMT; Domain=tr.rightwayshow.co; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=OA798XsoFtwnWzMswiLfH865pPBNfS-2MwYxNlRh7rGetMDxpSZ7_8MzGKiB39HWfyi34KNpgKOzrW_EYYFtjbBy9bsL8sIj5tCkfbzPhPmbJcsiN0X3bxthn9tcOQgiG39VsHNQBl8pLW71GbNWNf4ASjnemz_cgU4cOCuszrAj3ubB6a5PUls--YTY5wJ5-25s--Lqc3TX-cuk-0dHVZtTkPzaU1MUEDF9FCldzwf7-oxoDrk4V_Lakvd4tpvy7ZtT_BBaYBJ5szcRID25OJBvwn1eXxdGfb4bqjadFMRZquqM4JI4U-FZnajChFcx6vErOtMAMWUGQY60_JY-ggdgzJEw9Im-cD0AQtN8QsrZ5nWAQnCODQnsYBjt5yOLX_Vxzx8ck1Vpn0tsucc-IgLtAlJ-cZCE6iFNs-9Q2x2ehI4lYIqGA7W1bBcBl7-IzcBDM9WLyf-vdLVLUUrFjtVck49yMI3zGEkWpv00sRxYSjGmAKWdVOaiIbKVpL9j; Max-Age=86400; Expires=Sun, 11-Jun-2023 13:29:55 GMT; Domain=tr.rightwayshow.co; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.14.101 472 B IP 104.18.14.101:0
Hash ab4f4f33c33b09bbef3f0419401560ae
b08e6ff2962953a7184e35894cbfd1733b9d440f
741ea7bd6c3337b4a33ff1c915b06e2e3dd9769429c08ae3d2fd37faa4dba5df
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Jun 2023 13:29:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 18:14:47 GMT
Expires: Thu, 15 Jun 2023 18:14:46 GMT
Etag: "b08e6ff2962953a7184e35894cbfd1733b9d440f"
Cache-Control: max-age=448490,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d51f7484d0fb527-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 13:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
216.58.207.227200 OK 30 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
IP 216.58.207.227:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409\012- data
Hash 52a2ab706682d2fd67348f6d3e1490d1
751592916859ef0d6eeae6a948055ea4194ac6d6
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
GET /s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://darkagedefense.convertri.com
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30418
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Jun 2023 06:20:59 GMT
expires: Fri, 07 Jun 2024 06:20:59 GMT
cache-control: public, max-age=31536000
age: 198536
last-modified: Tue, 26 Apr 2022 15:48:57 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPHA.ttf
216.58.207.227200 OK 30 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPHA.ttf
IP 216.58.207.227:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 16 tables, 1st "GPOS", 8 names, Microsoft, language 0x409\012- data
Hash d88c6ffa2ac44113965339295cf130fb
6313303a0b873cc2242f68f990961a458f0d3e1e
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPHA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://darkagedefense.convertri.com
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29896
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 20:49:47 GMT
expires: Thu, 06 Jun 2024 20:49:47 GMT
cache-control: public, max-age=31536000
age: 232808
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
216.58.207.227200 OK 21 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf
IP 216.58.207.227:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-Regularhtt\012- data
Hash a0d084a3e8176664e75f8eca3ebea96c
324ec20b91392a6871d7846e0ff2972447a1b2b8
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://darkagedefense.convertri.com
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20776
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 10:02:51 GMT
expires: Thu, 06 Jun 2024 10:02:51 GMT
cache-control: public, max-age=31536000
age: 271624
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.convertri.com/font/open-sans-400.ttf
138.199.37.230200 OK 34 kB URL GET HTTP/2 cdn.convertri.com/font/open-sans-400.ttf
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type TrueType Font data, 18 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, type 1 string, Open SansRegularAscender - Open Sans Build 100Version 1.10OpenSanshttp://www.apache.org/licenses\012- data
Hash 953de7bafd9fdbf41ea443aacabe2706
5fab28c46ba7b193608b31908f1d96c4b22ca640
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
GET /font/open-sans-400.ttf HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://darkagedefense.convertri.com
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:55 GMT
content-type: application/octet-stream
content-length: 34156
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
cache-control: max-age=31536000
etag: "953de7bafd9fdbf41ea443aacabe2706"
last-modified: Sat, 23 Jul 2016 08:57:13 GMT
cdn-cachedat: 06/06/2023 08:29:54
x-amz-id-2: A5ZdUTgzALvFHvoc2fNzjmr7r7iyiA48WIMa/+Z8DfOW25a+azMdwR1cgzZbm9arEsklAHJC6zQ=
x-amz-request-id: 02773Y41WK45TNY5
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1075
cdn-status: 200
cdn-requestid: d9e4d3b901001fbfa45cf5b773e0e276
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.convertri.com/img/powered-by-badge/v1/mobile.jpg
138.199.37.230200 OK 1.9 kB URL GET HTTP/2 cdn.convertri.com/img/powered-by-badge/v1/mobile.jpg
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x30, components 3\012- data
Hash 0dfa0754d017188576fd9b649e81fc26
88d1a5d6cb79b3b569b1e663bda02347ce342b0b
bdf23e805d067c111468eb60b30c02995327a58b05255d683e71641d0685afa5
GET /img/powered-by-badge/v1/mobile.jpg HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:55 GMT
content-type: image/jpeg
content-length: 1899
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 06 Jun 2023 08:29:56 GMT
cdn-cachedat: 06/06/2023 08:30:46
x-bo-server: ASB-197
x-downloadsize: 2010
x-bo-origindownloadtime: 66
x-bo-processingtime: 0
x-bo-compressionratio: 5.52%
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1082
cdn-status: 200
cdn-requestid: eb784d703eeb00515a023916684fdea6
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn.convertri.com/jquery-1.12.2.min.js?v=2022-12-20-08-24-26
138.199.37.230200 OK 117 kB URL GET HTTP/2 cdn.convertri.com/jquery-1.12.2.min.js?v=2022-12-20-08-24-26
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type Unicode text, UTF-8 text, with very long lines (32030)
Size 117 kB (117058 bytes)
Hash 5e67a845ea6269c67e7bb411bc111761
47553f53d982cd5a9de3b006d58ddf536c6cec2a
f3c8fa84a87d3ec83644f720bb91357f348baaf61c99a0625c395b30dfcb3b5c
GET /jquery-1.12.2.min.js?v=2022-12-20-08-24-26 HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:55 GMT
content-type: text/javascript
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
vary: Accept-Encoding
cache-control: max-age=604800
content-encoding: br
etag: W/"5e67a845ea6269c67e7bb411bc111761"
last-modified: Tue, 06 Jun 2023 08:29:50 GMT
cdn-cachedat: 06/06/2023 08:41:52
x-amz-id-2: mh+34GDx+QQ+9fTnH9mrOsCsUMiIyfB2cx5w7Cv8HC6aTpTIriJOFulqR64q1llCdIy+qCmhJ1M=
x-amz-request-id: D0G1TV7Y0JHWX2NH
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: 5c28e8031a78e05ef5f7d355a616687a
cdn-cache: HIT
X-Firefox-Spdy: h2
convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/8b7bb2337b753679901f11b07904b6a98228751d/Screenshot%20%281%29.png?auto=compress,format&fit=scale&w=17&h=18
151.101.246.208200 OK 387 B URL GET HTTP/2 convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/8b7bb2337b753679901f11b07904b6a98228751d/Screenshot%20%281%29.png?auto=compress,format&fit=scale&w=17&h=18
IP 151.101.246.208:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB4:E4:B7:6D:A3:73:77:08:35:9C:5A:31:F8:BC:B9:C0:D4:91:E5:D4
ValiditySun, 05 Mar 2023 12:38:15 GMT - Fri, 05 Apr 2024 12:38:14 GMT
File type ISO Media, AVIF Image\012- data
Hash b47fdc7e2fcfdfba63482855b22b1dab
6e889e9ad3f9a087898709f3ddd8efe3e1a97a2c
b8919d876d1316973a6f3fbcde7a4275163a3a2a18302cdb7a9e6b86b03121f9
GET /9b326dd5-e67d-11ec-aeb6-06deec350f13/8b7bb2337b753679901f11b07904b6a98228751d/Screenshot%20%281%29.png?auto=compress,format&fit=scale&w=17&h=18 HTTP/1.1
Host: convertri.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Sat, 13 May 2023 14:30:49 GMT
cache-control: public, max-age=2419200
server: imgix
x-imgix-id: 387d6ad3d45410531818f6bfb59db2bb3811c7b6
x-imgix-render-farm: 01.9256
date: Sat, 10 Jun 2023 13:29:56 GMT
age: 2415546
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000119-SJC, cache-hel1410022-HEL
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 387
X-Firefox-Spdy: h2
cdn.convertri.com/img/powered-by-badge/v1/desktop.png
138.199.37.230200 OK 3.1 kB URL GET HTTP/2 cdn.convertri.com/img/powered-by-badge/v1/desktop.png
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type PNG image data, 155 x 42, 8-bit colormap, non-interlaced\012- data
Hash c939d2aebc39cea7ecb8aab3c92a00f4
e830c9eac18e98d820389aa0f38c6c79ef043a3c
688affdd7440a97d8ba404251342a63288896459550dff310e47227ba9f087dd
GET /img/powered-by-badge/v1/desktop.png HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:55 GMT
content-type: image/png
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 06 Jun 2023 08:30:07 GMT
cdn-cachedat: 06/06/2023 08:30:46
x-bo-server: ASB-208
x-downloadsize: 2664
x-bo-origindownloadtime: 18
x-bo-processingtime: 0
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 2929fb7573392d49d6cd3aeecd7c94df
cdn-cache: HIT
X-Firefox-Spdy: h2
convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/32b1a12a8373b78c801394d163719964ece8aac2/dad-logo.png?auto=compress,format&fit=scale&w=60&h=66
151.101.246.208200 OK 2.1 kB URL GET HTTP/2 convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/32b1a12a8373b78c801394d163719964ece8aac2/dad-logo.png?auto=compress,format&fit=scale&w=60&h=66
IP 151.101.246.208:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB4:E4:B7:6D:A3:73:77:08:35:9C:5A:31:F8:BC:B9:C0:D4:91:E5:D4
ValiditySun, 05 Mar 2023 12:38:15 GMT - Fri, 05 Apr 2024 12:38:14 GMT
File type ISO Media, AVIF Image\012- data
Hash 73148a753c76c0c1ec96da00169f3c15
494b45e19224e9a8f29e1a72bad15b969cbe42ff
4b9deeaa27839396c26acb294be5a9e3606b151866622f334d27302b50be0f97
GET /9b326dd5-e67d-11ec-aeb6-06deec350f13/32b1a12a8373b78c801394d163719964ece8aac2/dad-logo.png?auto=compress,format&fit=scale&w=60&h=66 HTTP/1.1
Host: convertri.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 05 Jun 2023 15:32:07 GMT
cache-control: public, max-age=2419200
x-imgix-id: 38dbae577ffa7593110ee8ae43d2d591ecb83d91
server: Google Frontend
x-imgix-render-farm: 02.8744
date: Sat, 10 Jun 2023 13:29:56 GMT
age: 424669
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10024-SJC, cache-hel1410022-HEL
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 2113
X-Firefox-Spdy: h2
convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/7f5f2a5223da90e1e0d526c1edc79979621a18f1/dad-img1.jpg?auto=compress,format&fit=scale&w=709&h=487
151.101.246.208200 OK 12 kB URL GET HTTP/2 convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/7f5f2a5223da90e1e0d526c1edc79979621a18f1/dad-img1.jpg?auto=compress,format&fit=scale&w=709&h=487
IP 151.101.246.208:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB4:E4:B7:6D:A3:73:77:08:35:9C:5A:31:F8:BC:B9:C0:D4:91:E5:D4
ValiditySun, 05 Mar 2023 12:38:15 GMT - Fri, 05 Apr 2024 12:38:14 GMT
File type ISO Media, AVIF Image\012- data
Hash eeae57120bfeae095024be3255159e42
edc92f1163cc7acd692ba88b3aa5aade48d54fc6
5aa30969e647e9a2bad4039277ffe7ae9685036562f5189657b1ff1ed77dc169
GET /9b326dd5-e67d-11ec-aeb6-06deec350f13/7f5f2a5223da90e1e0d526c1edc79979621a18f1/dad-img1.jpg?auto=compress,format&fit=scale&w=709&h=487 HTTP/1.1
Host: convertri.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 05 Jun 2023 15:32:07 GMT
cache-control: public, max-age=2419200
x-imgix-id: a2581279224c208ecdf6e939a4c5e83afa3073da
server: Google Frontend
x-imgix-render-farm: 02.8744
date: Sat, 10 Jun 2023 13:29:56 GMT
age: 424668
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc1000086-SJC, cache-hel1410022-HEL
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 12262
X-Firefox-Spdy: h2
convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/9692077d3cd350742b5f79aa57b75618ca80a874/adv.png?auto=compress,format&fit=scale&w=15&h=20
151.101.246.208200 OK 367 B URL GET HTTP/2 convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/9692077d3cd350742b5f79aa57b75618ca80a874/adv.png?auto=compress,format&fit=scale&w=15&h=20
IP 151.101.246.208:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB4:E4:B7:6D:A3:73:77:08:35:9C:5A:31:F8:BC:B9:C0:D4:91:E5:D4
ValiditySun, 05 Mar 2023 12:38:15 GMT - Fri, 05 Apr 2024 12:38:14 GMT
File type ISO Media, AVIF Image\012- data
Hash fd24e677ed3844c5c9be017925d9e7c2
eb14e10725c574b601d99bf603de20470f99486c
504eea8df85aaa3f7fe07645999385b6bbbfdf4162d7346266c15214157c7e74
GET /9b326dd5-e67d-11ec-aeb6-06deec350f13/9692077d3cd350742b5f79aa57b75618ca80a874/adv.png?auto=compress,format&fit=scale&w=15&h=20 HTTP/1.1
Host: convertri.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Fri, 02 Jun 2023 02:46:20 GMT
cache-control: public, max-age=2419200
x-imgix-id: 843f8db539df02f21029af659d49f272622ba8b9
server: Google Frontend
x-imgix-render-farm: 02.8744
date: Sat, 10 Jun 2023 13:29:56 GMT
age: 729815
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10077-SJC, cache-hel1410022-HEL
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 367
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 66b9b06c731ce7f0946c618c7d4f85ae
1d68da168157c52245ad4f32facf7ec8d3c04296
ef5a8ef4b8f9afbc5881bd190ff034575d6039a5a3c9df687ba3a5f601b57a02
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 10 Jun 2023 13:29:56 GMT
Last-Modified: Sat, 10 Jun 2023 11:43:48 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O89BYkLQGWoQiR5Ue6kaBcC11UyspG5t8Jd7kM4mLB16-K_0xYvTQg==
Age: 6368
snowplow.convertri.com/i?stm=1686403795443&e=pv&url=https%3A%2F%2Fdarkagedefense.convertri.com%2Fstrangedevicepoisedtostartahugescandal%3Fcep%3DQ8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT%26lptoken%3D162a863c402255989510%26campaign%3DEmailMobileDAD%26TargetContainerType%3Demail%26AdID%3D891288%26PublisherID%3D3693_127875%26ClickID%3Dcafddb0cd9764aa487b7ad6e3934bdb8%26cost%3D0.285%26pi_adid%3D891288%26pi_clickid%3Dcafddb0cd9764aa487b7ad6e3934bdb8&page=Strange%20Device%20Poised%20To%20Start%20A%20Huge%20Scandal&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&cookie=1&eid=71a133d6-5e6c-4540-a011-072197c72695&dtm=1686403795442&vp=1280x1024&ds=1280x2307&vid=1&sid=5e04f32e-fd8f-4ab4-9f22-4f4c829de348&duid=e0c1bee9-f1ce-40ce-9bff-0a4889d10bab&fp=2411203771
3.214.9.39200 OK 43 B URL GET HTTP/2 snowplow.convertri.com/i?stm=1686403795443&e=pv&url=https%3A%2F%2Fdarkagedefense.convertri.com%2Fstrangedevicepoisedtostartahugescandal%3Fcep%3DQ8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT%26lptoken%3D162a863c402255989510%26campaign%3DEmailMobileDAD%26TargetContainerType%3Demail%26AdID%3D891288%26PublisherID%3D3693_127875%26ClickID%3Dcafddb0cd9764aa487b7ad6e3934bdb8%26cost%3D0.285%26pi_adid%3D891288%26pi_clickid%3Dcafddb0cd9764aa487b7ad6e3934bdb8&page=Strange%20Device%20Poised%20To%20Start%20A%20Huge%20Scandal&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&cookie=1&eid=71a133d6-5e6c-4540-a011-072197c72695&dtm=1686403795442&vp=1280x1024&ds=1280x2307&vid=1&sid=5e04f32e-fd8f-4ab4-9f22-4f4c829de348&duid=e0c1bee9-f1ce-40ce-9bff-0a4889d10bab&fp=2411203771
IP 3.214.9.39:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerAmazon
Subjectsnowplow.convertri.com
Fingerprint71:C9:04:CF:12:5E:35:D4:CC:90:08:B6:34:37:B2:56:BA:20:A7:39
ValidityWed, 25 Jan 2023 00:00:00 GMT - Sat, 24 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /i?stm=1686403795443&e=pv&url=https%3A%2F%2Fdarkagedefense.convertri.com%2Fstrangedevicepoisedtostartahugescandal%3Fcep%3DQ8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT%26lptoken%3D162a863c402255989510%26campaign%3DEmailMobileDAD%26TargetContainerType%3Demail%26AdID%3D891288%26PublisherID%3D3693_127875%26ClickID%3Dcafddb0cd9764aa487b7ad6e3934bdb8%26cost%3D0.285%26pi_adid%3D891288%26pi_clickid%3Dcafddb0cd9764aa487b7ad6e3934bdb8&page=Strange%20Device%20Poised%20To%20Start%20A%20Huge%20Scandal&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1280x1024&cd=24&cookie=1&eid=71a133d6-5e6c-4540-a011-072197c72695&dtm=1686403795442&vp=1280x1024&ds=1280x2307&vid=1&sid=5e04f32e-fd8f-4ab4-9f22-4f4c829de348&duid=e0c1bee9-f1ce-40ce-9bff-0a4889d10bab&fp=2411203771 HTTP/1.1
Host: snowplow.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:56 GMT
content-type: image/gif
content-length: 43
server: spray-can/1.3.3
set-cookie: _CVTa=f92be1bc-0bdd-42c4-b127-0df1aa246485; Expires=Sun, 09 Jun 2024 13:29:56 GMT; Domain=.convertri.com; Path=/
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
darkagedefense.convertri.com/favicon.ico
35.240.1.10307 Temporary Redirect 73 B URL GET HTTP/2 darkagedefense.convertri.com/favicon.ico
IP 35.240.1.10:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerSectigo Limited
Subject*.convertri.com
Fingerprint62:77:13:D5:CD:6B:12:A6:BF:97:F3:70:D2:63:3B:52:7B:FF:35:EF
ValidityFri, 17 Feb 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash 77437246341595cbdf55a298771b3f42
b4f764885c465e760ddf67cad3de29589d8f5de1
ca3170f23b6703190325c191f808a880be235ed452b2181519d94c34f8eab5ce
GET /favicon.ico HTTP/1.1
Host: darkagedefense.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Cookie: _sp_ses.6651=*; _sp_id.6651=e0c1bee9-f1ce-40ce-9bff-0a4889d10bab.1686403795.1.1686403795.1686403795.5e04f32e-fd8f-4ab4-9f22-4f4c829de348
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
location: https://cdn.convertri.com/favicon.ico
vary: Accept-Encoding
content-length: 73
date: Sat, 10 Jun 2023 13:29:56 GMT
X-Firefox-Spdy: h2
cdn.convertri.com/favicon.ico
138.199.37.230200 OK 2.4 kB URL GET HTTP/2 cdn.convertri.com/favicon.ico
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 542a6c950dc11dfdcc8262df4185b767
d997b8f51d2e8b462faf0217b911a23a5383f84e
c79c14bf58a56fb450588a775ea6e0b231f4c8f6977c6334b650795162e14e79
GET /favicon.ico HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://darkagedefense.convertri.com/
DNT: 1
Connection: keep-alive
Cookie: _CVTa=f92be1bc-0bdd-42c4-b127-0df1aa246485
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:56 GMT
content-type: image/png
content-length: 2425
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
cache-control: max-age=604800
etag: "542a6c950dc11dfdcc8262df4185b767"
last-modified: Tue, 11 Sep 2018 10:57:55 GMT
cdn-cachedat: 06/06/2023 08:30:02
x-amz-id-2: OtvYyqyqaZjFmMS8XtqZO7TENtzyilgFlL4p+APgpMxsEwcezVmj6AM2+kmGc2RshWLXR24Xp2s=
x-amz-request-id: E4X3MZ7MNA98AC29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1082
cdn-status: 200
cdn-requestid: 69d6eeefab0058df073acc250e8c5a80
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
35.240.1.10200 OK 152 kB URL User Request GET HTTP/2 darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
IP 35.240.1.10:443
Certificate IssuerSectigo Limited
Subject*.convertri.com
Fingerprint62:77:13:D5:CD:6B:12:A6:BF:97:F3:70:D2:63:3B:52:7B:FF:35:EF
ValidityFri, 17 Feb 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT
Size 152 kB (152097 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8 HTTP/1.1
Host: darkagedefense.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sat, 10 Jun 2023 13:29:55 GMT
X-Firefox-Spdy: h2
cdn.convertri.com/cdn.min.css?v=2022-12-20-08-24-26
138.199.37.230200 OK 67 kB URL GET HTTP/2 cdn.convertri.com/cdn.min.css?v=2022-12-20-08-24-26
IP 138.199.37.230:443
ASN #60068 Datacamp Limited
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerLet's Encrypt
Subjectcdn.convertri.com
Fingerprint75:F9:A3:AD:FF:C9:D3:93:56:1D:A2:9A:B8:96:49:9E:FE:FD:A7:20
ValiditySun, 28 May 2023 18:08:38 GMT - Sat, 26 Aug 2023 18:08:37 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ffcc203eb6131fcd89718a294d3b768
bce2687dc895a5ef27f3bc4584030c64f41a71be
a0af84c150aecc2e33efb2dee03f80cedd17c5decab32318cca215d82ae8cb9e
GET /cdn.min.css?v=2022-12-20-08-24-26 HTTP/1.1
Host: cdn.convertri.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 13:29:55 GMT
content-type: text/css
server: BunnyCDN-DE1-864
cdn-pullzone: 408079
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=604800
content-encoding: br
etag: W/"7ffcc203eb6131fcd89718a294d3b768"
last-modified: Tue, 06 Jun 2023 08:29:53 GMT
cdn-cachedat: 06/06/2023 08:41:53
x-amz-id-2: n1KktJf/eqVju4HHC+/Q2sr3kowGkKKgbwksmpz2kpxnP8dlqjhPubXdzWWDxlFuuOEZKAfgLxM=
x-amz-request-id: 9VWK9NJM2TNC60BB
x-amz-server-side-encryption: AES256
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 85544e55900f74deb790361c5736d091
cdn-cache: HIT
X-Firefox-Spdy: h2
convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/5811d9a6e1c73bd990758a10e4ed6358251a2e0d/Screenshot%20%282%29.png?auto=compress,format&fit=scale&w=23&h=18
151.101.246.208200 OK 397 B URL GET HTTP/2 convertri.imgix.net/9b326dd5-e67d-11ec-aeb6-06deec350f13/5811d9a6e1c73bd990758a10e4ed6358251a2e0d/Screenshot%20%282%29.png?auto=compress,format&fit=scale&w=23&h=18
IP 151.101.246.208:443
Requested by https://darkagedefense.convertri.com/strangedevicepoisedtostartahugescandal?cep=Q8ZR0g-D9VribdQY20MQnHHEx1pKIweqZXhBOnKBmFVX--STRWR4EZpPsoxckcvOs1zV9PZxRSRlkkyVOJiqVTMSrI99ySAivEW4-Gd_oTi97z37GWlJyaJIimux15FmvKEtnewSuePmr-rb63pQcQhfvD6F1ZwgSgO22Klu7PzAsSUJXCJg-KZf7885eT8NCEX1orFXx4s4xBOiCR8wyc69smuZZp9KOXDdrp0aoFYTFKMN17WuVovAIstSxmQ8YwWj0pDNNY4jQC65TgTJCWZagR37SqXWZ6hc9uNwvavavNXVyhHyPMh4Z8C1lyQSQ3LVkerjH2RuTGjQ9Ko_xXnCUxFtgWjkUv2Zf78BPutmLgmkBYRymF5iNhh-Hx6mJ_yuM1srYr5OON8bQ6IqBKeDaKEGuL1rVLQT9E5dcY2CcylgN5M4GFUrj5JswAWs-tSiOopYJH9T-K5zf3L71lgy7v8Ew3pu_U_yRZmg5dBBHIx3qaYLF9WRMTGfjMvT&lptoken=162a863c402255989510&campaign=EmailMobileDAD&TargetContainerType=email&AdID=891288&PublisherID=3693_127875&ClickID=cafddb0cd9764aa487b7ad6e3934bdb8&cost=0.285&pi_adid=891288&pi_clickid=cafddb0cd9764aa487b7ad6e3934bdb8
Certificate IssuerGlobalSign nv-sa
Subject*.imgix.com
FingerprintB4:E4:B7:6D:A3:73:77:08:35:9C:5A:31:F8:BC:B9:C0:D4:91:E5:D4
ValiditySun, 05 Mar 2023 12:38:15 GMT - Fri, 05 Apr 2024 12:38:14 GMT
File type ISO Media, AVIF Image\012- data
Hash 936849286cda31ba82f91c49ecb12975
ea10ddf94592f3aa8e393f1972ccce59baefbe96
8f1eda7eb3df4fd3065cde362fd5680d7faf4743e2d37dfdf1e477411d005242
GET /9b326dd5-e67d-11ec-aeb6-06deec350f13/5811d9a6e1c73bd990758a10e4ed6358251a2e0d/Screenshot%20%282%29.png?auto=compress,format&fit=scale&w=23&h=18 HTTP/1.1
Host: convertri.imgix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://darkagedefense.convertri.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Thu, 08 Jun 2023 21:06:32 GMT
cache-control: public, max-age=2419200
x-imgix-id: f141a60c4c3c5f8df130ae9f6e6817a97e1af2cb
server: Google Frontend
x-imgix-render-farm: 02.139816
date: Sat, 10 Jun 2023 13:29:56 GMT
age: 145404
accept-ranges: bytes
content-type: image/avif
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: X-Imgix-Bg-Remove-Failure-Reason
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10062-SJC, cache-hel1410022-HEL
x-cache: HIT, MISS
vary: Accept, User-Agent
content-length: 397
X-Firefox-Spdy: h2