Report - simplereward.net/

Report Overview

Submitted URL
simplereward.net/
IP
54.161.16.68
ASN
#14618 AMAZON-AES
Submitted
2022-10-26 21:53:56
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.27.12.161
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
www.gonitrotrack.com	950477	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	575 B	23.96.13.243
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.35
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	5.8 kB	104.17.24.14
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	813 B	99 kB	69.16.175.10
proadprovider.blob.core.windows.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	196 kB	52.239.186.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	2.0 kB	143.204.42.88
amclicks.com	112152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.4 kB	54.161.23.57
www.myopportunityfinder.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.5 kB	630 kB	23.96.13.243
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.174
simplereward.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	586 B	54.161.16.68
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.41

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-26	medium	simplereward.net/	Phishing
2022-10-26	medium	simplereward.net/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.myopportunityfinder.com/Scripts/nitro.min.js?v=4	3.2 kB	2023-03-07	2024-02-19
Pretty URL www.myopportunityfinder.com/Scripts/nitro.min.js?v=4 IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:25 Last Seen2024-02-19 23:28:32 Times Seen23 Hash 3efae74e10ef2be8eb819a43e9ca5776 dad41b7f0ff79292b6be96319e008f674a6b5d1f fd47e73dfb26a04f2b249c5b0fa9288471a7ea4d9841857cb324b5b9bc77adf9 Loading...

	amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/	93 B	2023-03-10	2023-03-10
Pretty URL amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/ IP 54.161.23.57 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:02:32 Last Seen2023-03-10 16:02:32 Times Seen1 Hash 32db5103b12c85006a980d40450326b2 7233eecf549d1a1693f18b892367bf1a37270e16 24efc89cd2aad38a493db3771fcc5764bd2ca64e94df644a58572cd749589919 Loading...

	code.jquery.com/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-04-23
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-23 20:42:24 Times Seen95331 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	code.jquery.com/ui/1.12.0/jquery-ui.min.js	253 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/ui/1.12.0/jquery-ui.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:25 Last Seen2024-04-19 11:30:32 Times Seen761 Hash 8cbf62fc02083afe12a90787cb8f9e3c 6c16d0906b837e37e5a924127639ab9dde1b1898 78613a6e5bab939b078feae691fb0661e2b2671dcce1b1be66517203b2a7b3b1 Loading...

	www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js	2.2 kB	2023-03-07	2023-12-27
Pretty URL www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:25 Last Seen2023-12-27 03:20:42 Times Seen10 Hash 6163f2ada9f3042a925e8b532db6a372 75be1241ae40ef8a69c4510e7ed4ae1416540ff6 bf6b54d254584c2ffa47bc405aa89b18818ceaff6bf10e573498c0cacb5697bb Loading...

	www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8	4.2 kB	2023-03-10	2023-03-10
Pretty URL www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8 IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:02:32 Last Seen2023-03-10 16:02:32 Times Seen1 Hash 5f63fbe7a324cd388e1931a74517ddf6 953063544a165238b8f3f77f91e6711269d1cfc3 41cc34d3e938b1e2fefe5cbe914663f08a0b4a1d61909731aa57936c7c74da0c Loading...

	www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8	2.1 kB	2023-03-07	2023-05-26
Pretty URL www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8 IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:35 Last Seen2023-05-26 09:59:39 Times Seen6 Hash 941a17f90d713b952389767805c3f9ab 7c171ea2c468945a44b16c671d494e41c658ac85 c3366c787a0af59bd6ff4ffcfec9e32ad2bc78c9e9a8a81a7d914227797b595f Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js	17 kB	2023-03-07	2024-02-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:13 Last Seen2024-02-19 23:28:32 Times Seen238 Hash 9dc30a5f28951b5f0623ac993885a2af 5c031b6959fef792df316f42575262425a1f2bfb fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84 Loading...

	www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0	3.9 kB	2023-03-07	2023-03-29
Pretty URL www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0 IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:35 Last Seen2023-03-29 22:53:37 Times Seen3 Hash b0096af8487adf7334e322eea40ee922 4adcc1a2ec910349aa206c70eca5f41552ba7a62 cb1fb2681eeed5719d5f9853c8e46a7d704e5d5ab14926d2372d3175561e8d96 Loading...

	www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0	2.0 kB	2023-03-07	2023-03-29
Pretty URL www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0 IP 23.96.13.243 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:25 Last Seen2023-03-29 22:53:37 Times Seen3 Hash bc48bc10702f05cf1a0c16f32b81175a 1e8b99ae41029afe99fafa82f6307ba036afb1f0 3fa15740fb494be24831c45d424b4ec6826236269f21e3f3d0fee2d55f6fc2d2 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

HTTP Transactions (50)

URL IP Response Size

simplereward.net/

54.161.16.68

301 Moved Permanently

134 B

URL HTTP/1.1
simplereward.net/
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: simplereward.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 26 Oct 2022 21:53:45 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://simplereward.net:443/

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7583
Expires: Thu, 27 Oct 2022 00:00:08 GMT
Date: Wed, 26 Oct 2022 21:53:45 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5355
Cache-Control: max-age=133592
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:45 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:00:17 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5504
Expires: Wed, 26 Oct 2022 23:25:29 GMT
Date: Wed, 26 Oct 2022 21:53:45 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wDzECaXLzTu6Jdp8hDU43zWtPJKB9y6tEAulsta9XJIkIyTslmRH2k3lyEC8mVGCc4mtxvK82kaJsDrJe8bjsA==
x-amz-request-id: DZRA187SJG31JGDN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 21:09:32 GMT
age: 2653
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 21:53:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8ee29f5ff21157ce842b713896b784e2
381613549df8e52fc3747090d6b02b2a5bbd3734
a14b37b03d8c1e3483b530e1033b3ce052e3e77d8caaa0c898484873dce86b51

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=166770
Date: Wed, 26 Oct 2022 21:53:45 GMT
Etag: "635994db-1d7"
Expires: Fri, 28 Oct 2022 20:13:15 GMT
Last-Modified: Wed, 26 Oct 2022 20:13:15 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wkAgustwwGL2sIry4xQKsHeJoascraUrsKlr-TLyegJp27HVpkU_HQ==

simplereward.net/

54.161.23.57

302 Found

0 B

URL HTTP/2
simplereward.net/
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: simplereward.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 26 Oct 2022 21:53:45 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=simplereward.net
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3658
Cache-Control: max-age=126839
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:46 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:07:45 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.27.12.161

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.27.12.161:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PsA7DZm+5c6TtxviXucBvQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IVSu27/BpFRdlIcYEam77IyhAkY=

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4b52442c5c6895849b1781a0847a7776
27f092a93c382d80ee8a35aaf3fb1ccb0d217772
0004b3c97923f18c878ada8e24b238c175bbb06ef9cb223eea2663de3ebdde4a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144787
Date: Wed, 26 Oct 2022 21:53:46 GMT
Etag: "63593efd-1d7"
Expires: Fri, 28 Oct 2022 14:06:53 GMT
Last-Modified: Wed, 26 Oct 2022 14:06:53 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Norajg4zzSNR4OOUC5P-rta8BTdzUkw_b6NgHsY7UUGExGG7lm53Fw==

amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=simplereward.net

54.161.23.57

302 Found

0 B

URL HTTP/2
amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=simplereward.net
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /clk.php?c=7749&p=504&s1=lead_root&s2=simplereward.net HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Wed, 26 Oct 2022 21:53:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2

amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/

54.161.23.57

200 OK

170 B

URL HTTP/2
amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
HTML document, ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
3178fde4a3b3060f0b505eecb4824a07
8c54ea6eb9b988d7ffd5742ba87deac8fec11182
c121ed78d946ce524e821e1de15534481984ddd4d18e5b92c63df6ad07301adf

HTTP Headers

GET /x/7749/504/0/lead_root/simplereward.net/0/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Wed, 26 Oct 2022 21:53:46 GMT
content-type: text/html; charset=UTF-8
content-length: 170
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ci_session=lc1v975fte6j507jlb254caat948iso3; expires=Wed, 26-Oct-2022 23:53:46 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Wed, 26-Oct-2022 22:53:46 GMT; Max-Age=3600
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/

54.161.23.57

302 Found

0 B

URL HTTP/2
amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /x/7749/504/0/lead_root/simplereward.net/0/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://amclicks.com/x/7749/504/0/lead_root/simplereward.net/0/0/0/0/
Cookie: ref=1; ci_session=lc1v975fte6j507jlb254caat948iso3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
date: Wed, 26 Oct 2022 21:53:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.41

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.41:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1778 bytes)
Hash
ad6e52f2c4c2319ac93de7168491faa2
3ff9adfb982d8a9808b77accef85da9be5e1bd3f
a68f304bb4fd3a4a71b15b046182e9429b0bae1351af54677fa643a6da2805cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 26 Oct 2022 21:53:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 26 Oct 2022 19:36:18 GMT
Expires: Thu, 27 Oct 2022 19:36:18 GMT
ETag: "3ff9adfb982d8a9808b77accef85da9be5e1bd3f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 21:53:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 21:53:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 21:53:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 21:53:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Wed, 26 Oct 2022 23:26:15 GMT
Date: Wed, 26 Oct 2022 21:53:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4524 bytes)
Hash
91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OV7g4Y4fcQGijljebzHQtnpKdcPKw6LTxqORxxBJL2lFPYQLLoyNuQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:34:40 GMT
age: 76747
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8090 bytes)
Hash
531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fUBXr7SKYdvhryoB8p9to-Eo8twjspRYnHO2xf9TtvLJIIyOwe3W1w==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 05:07:50 GMT
age: 60357
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8439 bytes)
Hash
db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: WVz4PqWqT9Pk1juQ95Xzi-7HcEDBqKb5VAncjXxOYFfKTnjRbmodoA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 04:44:59 GMT
age: 61728
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8553 bytes)
Hash
5987bcd44ab0db5313aa4f409a8a212f
691a36cde98a9fe1660745dd811e0be2ae67036c
e47ce3587c647b52669f675dc7e84e21555f82138091fb04febc951b4c06ba30

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 69931a9c-027e-428e-a88d-61c5fac64daa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2iEnzoAMFZAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-12c78c5157fb3fa41a13548c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9duxoaZUI6oX6_fQUG1cGY_sPKzqSrFuZxcjdLBvKMRhEs7orDtk8Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:46:51 GMT
age: 416
etag: "691a36cde98a9fe1660745dd811e0be2ae67036c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6831 bytes)
Hash
1cc61ad4b1d66ab4bce27288ee690e12
324e13ad5c99f628d713e55a2994ad4042ece70e
62cd88bc19bc1f0be2a37c3e990897158acd3d55aa3ddd299144d4f9596ba34e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F057530b7-f6b8-4f9b-b6fc-8fdc4a101f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6831
x-amzn-requestid: cc6f38ff-ab33-4b18-8cae-aa6bc061962f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alKjPH7ToAMFSiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635857ae-3db2790d0e6c5fab6c4bc81f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:39:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: tiWbOUwlRzaT2EnCWIgoFaT_ho55s3tgRxalb7yBbI21Pv0BhfLJOg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:54 GMT
age: 53
etag: "324e13ad5c99f628d713e55a2994ad4042ece70e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7929 bytes)
Hash
c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:49:35 GMT
age: 252
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0

23.96.13.243

200 OK

3.3 kB

URL HTTP/1.1
www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
3.3 kB (3307 bytes)
Hash
ea21e80047ae31fadd771c3872affcf0
586a02df6dd4e10e8048b5b4f40424face594d8a
0f14935670e8da30b99e48445db406d3a4636760840c78a4ae543c2ebd1e763b

HTTP Headers

GET /mof?sid=1148&affid=123036&SubID=lead_root0 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://amclicks.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 3307
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 21:53:46 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Encoding: gzip
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5287
Cache-Control: max-age=169165
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:47 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 20:53:12 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js

104.17.24.14

200 OK

5.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (17117)
Size
5.0 kB (4996 bytes)
Hash
c418dbc7ffcf6d7874db7ce864797577
7b2351ed37568cb0a9edf82c5fea0a4c1b9fe161
2c571556f8548fcea79358c058c978e076a37d2053ff7e5424f30a26ddd00b68

HTTP Headers

GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 21:53:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17172657
expires: Mon, 16 Oct 2023 21:53:47 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76066d411a27b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.4.1.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.myopportunityfinder.com
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 21:53:47 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666821227.dop209.sk1.t,1666821227.cds069.sk1.hn,1666821227.cds201.sk1.c
X-Firefox-Spdy: h2

code.jquery.com/ui/1.12.0/jquery-ui.min.js

69.16.175.10

200 OK

68 kB

URL HTTP/2
code.jquery.com/ui/1.12.0/jquery-ui.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (32250)
Size
68 kB (67684 bytes)
Hash
a257d0a44a0014ef5df8ddfb80e1697d
1ddbfaf50ca09db89086968547001195d44e1dd0
99d860f10b05d73c37c5ee28d7a02c6664a38cc2a77c99304bbfca73c28b09a7

HTTP Headers

GET /ui/1.12.0/jquery-ui.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 26 Oct 2022 21:53:47 GMT
content-encoding: gzip
content-length: 67684
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-3ddc9"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1666821227.dop230.sk1.t,1666821227.cds202.sk1.hn,1666821227.cds256.sk1.c
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5287
Cache-Control: max-age=169165
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:47 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 20:53:12 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279

www.myopportunityfinder.com/Content/new_styles/base.css

23.96.13.243

200 OK

335 B

URL HTTP/1.1
www.myopportunityfinder.com/Content/new_styles/base.css
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
335 B (335 bytes)
Hash
eb562314cb3c00b7493623b4eb108d48
3f1feef223c72008b7cf3d3ca0995de50c471048
44c3ea237786ae420ef6badc7e3e6c4e5651682b8ede8a8d5fb0c58c9a1f9cde

HTTP Headers

GET /Content/new_styles/base.css HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 335
Content-Type: text/css
Date: Wed, 26 Oct 2022 21:53:46 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "5559535e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js

23.96.13.243

200 OK

1.9 kB

URL HTTP/1.1
www.myopportunityfinder.com/Scripts/detectmobilebrowsers.com.js
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2082), with CRLF line terminators
Size
1.9 kB (1909 bytes)
Hash
dffe9061db61dcd898cf1dc412271657
96206d7492995f396af774bb215e0294cf6facc2
6d5adec8795ced34375c53a368a6e20f0679a226ed2c26e371717a249808b345

HTTP Headers

GET /Scripts/detectmobilebrowsers.com.js HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1909
Content-Type: application/x-javascript
Date: Wed, 26 Oct 2022 21:53:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "848c835e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/checkbox-popup.css?v=1

23.96.13.243

200 OK

787 B

URL HTTP/1.1
www.myopportunityfinder.com/Content/checkbox-popup.css?v=1
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
787 B (787 bytes)
Hash
4e7ff340d8e7bef19b56ce98b01f87da
d37574b6482f8c2668a05985f0fda3c681b7b038
4ee97ef945df6a99eb9814df688874fbf8eca7034bd1e3e8dac5866a4aa06072

HTTP Headers

GET /Content/checkbox-popup.css?v=1 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 787
Content-Type: text/css
Date: Wed, 26 Oct 2022 21:53:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "e419d88bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/nitro_darker.png

23.96.13.243

200 OK

7.6 kB

URL HTTP/1.1
www.myopportunityfinder.com/Content/nitro_darker.png
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 226 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7554 bytes)
Hash
f95ab421fc0ba6fc4222ebd80ec0ffaa
6ec24ed7c66e5e1e8dc87bd1410505bff4e77589
e500f21c08856d09d89aa3cf6d85afac7c4fad1baac5ad4f74f28de8dcbd6e25

HTTP Headers

GET /Content/nitro_darker.png HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 7554
Content-Type: image/png
Date: Wed, 26 Oct 2022 21:53:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "6f83d97154d2d71:0"
Last-Modified: Fri, 05 Nov 2021 14:50:15 GMT
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/images/loading_black.gif

23.96.13.243

200 OK

56 kB

URL HTTP/1.1
www.myopportunityfinder.com/Content/images/loading_black.gif
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 200 x 200\012- data
Size
56 kB (56524 bytes)
Hash
c2691bd5de228f7ca2d9cdbe27412e22
788900bba262a46dffa7cc57b8c2f4f883a71870
8e6286fbbc036d1a8c62a4445cb8521c3c9c0cf09b504152086ea9168e248222

HTTP Headers

GET /Content/images/loading_black.gif HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 56524
Content-Type: image/gif
Date: Wed, 26 Oct 2022 21:53:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "86a2dc8bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
X-Powered-By: ASP.NET

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 20:41:09 GMT
expires: Wed, 26 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 4359
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.myopportunityfinder.com/favicon.ico

23.96.13.243

200 OK

32 kB

URL HTTP/1.1
www.myopportunityfinder.com/favicon.ico
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
4859e39ae6c0f1f428f2126a6bb32bd9
1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 32038
Content-Type: image/x-icon
Date: Wed, 26 Oct 2022 21:53:47 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "2f5f1f35e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET

www.google-analytics.com/j/collect?v=1&_v=j98&a=876261844&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myopportunityfinder.com%2Fmof%3Fsid%3D1148%26affid%3D123036%26SubID%3Dlead_root0&dr=https%3A%2F%2Famclicks.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAIC~&jid=1382941864&gjid=1267815633&cid=1486750066.1666821228&tid=UA-68078527-1&_gid=1290307529.1666821228&_r=1&_slc=1&z=815985816

142.250.74.174

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=876261844&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myopportunityfinder.com%2Fmof%3Fsid%3D1148%26affid%3D123036%26SubID%3Dlead_root0&dr=https%3A%2F%2Famclicks.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAIC~&jid=1382941864&gjid=1267815633&cid=1486750066.1666821228&tid=UA-68078527-1&_gid=1290307529.1666821228&_r=1&_slc=1&z=815985816
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=876261844&t=pageview&_s=1&dl=https%3A%2F%2Fwww.myopportunityfinder.com%2Fmof%3Fsid%3D1148%26affid%3D123036%26SubID%3Dlead_root0&dr=https%3A%2F%2Famclicks.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAIC~&jid=1382941864&gjid=1267815633&cid=1486750066.1666821228&tid=UA-68078527-1&_gid=1290307529.1666821228&_r=1&_slc=1&z=815985816 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.myopportunityfinder.com
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://www.myopportunityfinder.com
date: Wed, 26 Oct 2022 21:53:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 21:53:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gonitrotrack.com/Api/Tracking/Track?emailAddress=0

23.96.13.243

201 Created

63 B

URL HTTP/1.1
www.gonitrotrack.com/Api/Tracking/Track?emailAddress=0
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
2b9beff76c1cb94965162b01d838473d
52a4dfe5d0cd3ebe71309cbd9f5224924c636eab
7297fbdb6a77c32726a3475701e2fa44c82a8e65703a695f345b80923212aa51

HTTP Headers

GET /Api/Tracking/Track?emailAddress=0 HTTP/1.1
Host: www.gonitrotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.myopportunityfinder.com
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 201 Created
Content-Length: 63
Content-Type: text/plain; charset=utf-8
Date: Wed, 26 Oct 2022 21:53:47 GMT
Server: Microsoft-IIS/10.0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.myopportunityfinder.com
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Set-Cookie: TrackingCookie=Email=0&Unique=4e01da22-960a-42f7-b7ac-77fbf755efc8; expires=Thu, 26 Oct 2023 21:53:48 GMT; path=/;SameSite=None;; secure
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8

23.96.13.243

200 OK

4.9 kB

URL HTTP/1.1
www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3482), with CRLF, LF line terminators
Size
4.9 kB (4921 bytes)
Hash
c9aeb6c06bc7dd5d403128d64b45bd04
c920efc637f5dc78ff02b5de77922da884adc554
c99f51da7368e887beed0d073d3d7a78f7da261f3e5fd9aa89904c3641c51234

HTTP Headers

GET /mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0
Cookie: _ga=GA1.2.1486750066.1666821228; _gid=GA1.2.1290307529.1666821228; _gat=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 4921
Content-Type: text/html; charset=utf-8
Date: Wed, 26 Oct 2022 21:53:49 GMT
Server: Microsoft-IIS/10.0
Cache-Control: private
Content-Encoding: gzip
Set-Cookie: ASP.NET_SessionId=cek1jxnyibxvhaih1dczhczf; path=/; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/nitro.css

23.96.13.243

200 OK

2.1 kB

URL HTTP/1.1
www.myopportunityfinder.com/Content/nitro.css
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
2.1 kB (2074 bytes)
Hash
7b64a039d26c829593a2723c5994491e
47847a4dde34397304eceaed521bfa7276915f20
473ab087ab31864b45af35fe5eb056dba8293667bac7a167a757e98e21e172c3

HTTP Headers

GET /Content/nitro.css HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8
Cookie: _ga=GA1.2.1486750066.1666821228; _gid=GA1.2.1290307529.1666821228; _gat=1; ASP.NET_SessionId=cek1jxnyibxvhaih1dczhczf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2074
Content-Type: text/css
Date: Wed, 26 Oct 2022 21:53:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "80f175d12732d71:0"
Last-Modified: Thu, 15 Apr 2021 18:47:43 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Scripts/nitro.min.js?v=4

23.96.13.243

200 OK

1.2 kB

URL HTTP/1.1
www.myopportunityfinder.com/Scripts/nitro.min.js?v=4
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document, ASCII text, with very long lines (3247), with no line terminators
Size
1.2 kB (1161 bytes)
Hash
6e1e1caebb445afa4bc2e9ae7b4300a7
b1d422038c5fe33dd542092cb24a04aad3b57ade
bada81f6cc96db4783cd12c075ce377f8d8c2092f900af07ff2342abb1d8a174

HTTP Headers

GET /Scripts/nitro.min.js?v=4 HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8
Cookie: _ga=GA1.2.1486750066.1666821228; _gid=GA1.2.1290307529.1666821228; _gat=1; ASP.NET_SessionId=cek1jxnyibxvhaih1dczhczf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1161
Content-Type: application/x-javascript
Date: Wed, 26 Oct 2022 21:53:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
Content-Encoding: gzip
ETag: "01bcc8bf7cfd71:0"
Last-Modified: Tue, 02 Nov 2021 14:40:14 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/new_images/nitro/mof_logo.jpg

23.96.13.243

200 OK

19 kB

URL HTTP/1.1
www.myopportunityfinder.com/Content/new_images/nitro/mof_logo.jpg
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 415x102, components 3\012- data
Size
19 kB (19297 bytes)
Hash
d3b6a1879c883fed57c24d1cb2570fc5
9902bf5aeafa1fe150cd46668bd2fdeb89c38cae
6e252ef3c5f995ffa51982fdb48be6caa549ef0c9bddb503269eaad37caa1aee

HTTP Headers

GET /Content/new_images/nitro/mof_logo.jpg HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8
Cookie: _ga=GA1.2.1486750066.1666821228; _gid=GA1.2.1290307529.1666821228; _gat=1; ASP.NET_SessionId=cek1jxnyibxvhaih1dczhczf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 19297
Content-Type: image/jpeg
Date: Wed, 26 Oct 2022 21:53:48 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "9f8bdb34e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET

www.myopportunityfinder.com/Content/new_images/nitro/mof_bg.jpg

23.96.13.243

200 OK

497 kB

URL HTTP/1.1
www.myopportunityfinder.com/Content/new_images/nitro/mof_bg.jpg
IP
23.96.13.243:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1922x976, components 3\012- data
Size
497 kB (497107 bytes)
Hash
d83d2c05865006a46b8ef3d5a5cb1f27
59b6ab519798f3f7e88dac939172f58d7287d1a2
8bae1cb1d064101714e977fe5b607671e12b152d056f4476b2ff5040eef7bd6e

HTTP Headers

GET /Content/new_images/nitro/mof_bg.jpg HTTP/1.1
Host: www.myopportunityfinder.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/mof?sid=1148&affid=123036&SubID=lead_root0&uid=4e01da22-960a-42f7-b7ac-77fbf755efc8
Cookie: _ga=GA1.2.1486750066.1666821228; _gid=GA1.2.1290307529.1666821228; _gat=1; ASP.NET_SessionId=cek1jxnyibxvhaih1dczhczf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 497107
Content-Type: image/jpeg
Date: Wed, 26 Oct 2022 21:53:49 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "bdc8da34e4e8d51:0"
Last-Modified: Fri, 21 Feb 2020 18:24:51 GMT
X-Powered-By: ASP.NET

proadprovider.blob.core.windows.net/images/Gnfor34.png

52.239.186.36

200 OK

195 kB

URL HTTP/1.1
proadprovider.blob.core.windows.net/images/Gnfor34.png
IP
52.239.186.36:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 500 x 300, 8-bit/color RGB, non-interlaced\012- data
Size
195 kB (195413 bytes)
Hash
ecd81a51d07a6f9e15c05cbdddbc57c3
f21f47a9bcab18c06dcc76d54b898c4e444766c2
e175c027f1104da020497966bd58a0988e94a65a26c3e9c2e993383861280acf

HTTP Headers

GET /images/Gnfor34.png HTTP/1.1
Host: proadprovider.blob.core.windows.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.myopportunityfinder.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 195413
Content-Type: application/octet-stream
Content-MD5: 7NgaUdB6b54VwFy93bxXww==
Last-Modified: Mon, 05 Nov 2018 20:12:31 GMT
ETag: 0x8D6435B04272BA4
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: f7ff3789-301e-0061-3285-e9bc9d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 Oct 2022 21:53:48 GMT

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations