www.zingaloum.fr/total.htm
40.79.130.129200 OK 202 B URL HTTP/1.1 www.zingaloum.fr/total.htm
IP 40.79.130.129:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 34dc431bcc7351b849687c9cace59a72
89341a29cb4a5aa153e09df9857166aa9cb055c5
9fc8c408492702d4664c542003e39d640fc9f5e93feaa8cb668b071cbd56f7da
GET /total.htm HTTP/1.1
Host: www.zingaloum.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Date: Wed, 08 Feb 2023 06:55:03 GMT
Server: nginx/1.22.0
Content-Encoding: gzip
ETag: W/"63b71764-f7"
Last-Modified: Thu, 05 Jan 2023 18:31:00 GMT
Transfer-Encoding: chunked
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2813
Expires: Wed, 08 Feb 2023 07:41:56 GMT
Date: Wed, 08 Feb 2023 06:55:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Wed, 08 Feb 2023 07:48:21 GMT
Date: Wed, 08 Feb 2023 06:55:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 06:34:12 GMT
content-type: application/json
age: 1251
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10783
Expires: Wed, 08 Feb 2023 09:54:46 GMT
Date: Wed, 08 Feb 2023 06:55:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cf2S/D0wCQV4uf2K7a7Cmi86t0g4FIQLojZCpdip3QowSNvp7ToOc6kwpqr5nIexT4UdUYIqNi0=
x-amz-request-id: 3EHZ7R7XGQX0RMKW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 06:45:52 GMT
age: 551
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:55:03 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1c83266561bdb561173eef453ccb9493
96898de1749f528e884787d15c0efd1187e6f607
5bb7b778dd08212598774df950fe37e6b3b57a14185e3c5e02dd130909cf474a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BB7B778DD08212598774DF950FE37E6B3B57A14185E3C5E02DD130909CF474A"
Last-Modified: Wed, 08 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13035
Expires: Wed, 08 Feb 2023 10:32:19 GMT
Date: Wed, 08 Feb 2023 06:55:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 06:14:52 GMT
age: 2412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2247
Expires: Wed, 08 Feb 2023 07:32:31 GMT
Date: Wed, 08 Feb 2023 06:55:04 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.197.133101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.197.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zxCfLwx28hsQmXm5Jc48Kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hTWeRBNOmPy1nLncIAmZOg5BU5I=
www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=ee00139659fd4960b25fee40c320f08b1c250
35.190.66.152302 Found 206 B URL HTTP/2 www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=ee00139659fd4960b25fee40c320f08b1c250
IP 35.190.66.152:0
File type HTML document, ASCII text
Hash f135ccf7b51ba7fa68230c42b365f8db
8e3733815f8c53a8ef1a3cb8b85536d0ed76db88
79b428e73ff51cce0fefd6e210a07e3d3468d3e0ddeaa11800398ee9674a81cd
GET /8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=ee00139659fd4960b25fee40c320f08b1c250 HTTP/1.1
Host: www.g33ktr4ck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 06:55:05 GMT
content-type: text/html; charset=utf-8
content-length: 206
location: https://gagnantclub.online/o/39FC2383?clickid=ed024dd7e93145469f91a10f4d5183a7&subid=122494&sourceid=&data=199.48.45.391.90.42.1541.164.22.1846646254.1675839305.1586856147
set-cookie: uniqueClick_6JHXF=78058f4c-8945-45d9-8169-9b2632b88a70:1675839305; Path=/; Expires=Sat, 11 Feb 2023 06:55:05 GMT; Secure; SameSite=None
transaction_id=ed024dd7e93145469f91a10f4d5183a7; Path=/; Expires=Tue, 09 May 2023 06:55:05 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 78466ccc-409e-48e6-80dd-d3579c0b3d5c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash fe4de6706f996f85096ead27e2ec6dfb
445abd66f7dbbeb2c90b5d35e959bca41cca260f
b3f0bd464e3a4e089bc77b394a25820667723cf067ebf648b365fa5d6f45bd27
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 08 Feb 2023 06:55:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 07 Feb 2023 21:50:15 GMT
Expires: Wed, 08 Feb 2023 21:50:15 GMT
ETag: "445abd66f7dbbeb2c90b5d35e959bca41cca260f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash c0666bf4623e498145d22067fca0cf79
c93e06e02d5b2aad9d45234dc89ad3177a9857d4
e592a616759f6a621873cbda2ce452a3ea727d68bea425bab6af460b635b601d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129245
Date: Wed, 08 Feb 2023 06:55:05 GMT
Etag: "63e29d26-1d7"
Expires: Thu, 09 Feb 2023 18:49:10 GMT
Last-Modified: Tue, 07 Feb 2023 18:49:10 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7kCzEW_iaz3eFG3UJZEIAXZNrXwg4W3tqs3HPZkYmDHJLf5ep_HgeA==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18916
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 06:55:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18916
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 06:55:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18916
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 06:55:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 68273225f74fbf7493f395610d7a73fc
5a8779ef5656aeeba23b365aad60b7901c5dd7fc
c83f285a1f3df0f7ac758a68ee95cc3d2671f80264c2e143cc0561cc574e3f19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C83F285A1F3DF0F7AC758A68EE95CC3D2671F80264C2E143CC0561CC574E3F19"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18916
Expires: Wed, 08 Feb 2023 12:10:21 GMT
Date: Wed, 08 Feb 2023 06:55:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 33064
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 544181f4aba24fc687a14522dd20f720
2b117270563b8c466ec774acce55271c38f6135b
607c45cc5b4726b92c8507988bbb90ac6a44a3cf22b290030d440266350099a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e021e8-f66e-44fd-94ca-b30d25a8f5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4961
x-amzn-requestid: c3b9db99-726f-4473-a6b6-9cff0dceb949
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswe1GeRoAMFiAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-17b52fcd74e374f1104af709;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S8zeMZ-IZHNe6x_IFZJgCv1V8fwSkBh0aNnKfwgGOP5r6U7LjT61qg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 05:48:02 GMT
age: 4023
etag: "2b117270563b8c466ec774acce55271c38f6135b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:49:38 GMT
age: 83127
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 33182
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 30948
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 845e4e4051f1162b20d3df5f208e8d3e
076462f67531c60b31ec768a275c96317292306d
40996d8929ab92f342328fc018518d6131c6222b0ec23051775eda276a602026
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6ac124e-27b8-4818-9240-77708d007004.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4168
x-amzn-requestid: 24814225-0063-49fb-86ff-e78869538b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjQFS_IAMFtLQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-67307c42182089b3096e98b5;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f90qZAgSmdYFuW_BDTZVivBlk_c5SrirTSeJmvoysOmCcOjxtFZrbA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 33182
etag: "076462f67531c60b31ec768a275c96317292306d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
216.58.211.3200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://track.em-trkcd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 10:15:17 GMT
expires: Thu, 01 Feb 2024 10:15:17 GMT
cache-control: public, max-age=31536000
age: 592789
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa0585c774900b36f3a634d3e2dfed08
8c5a2b456068a0263a90b5a4f7d8f62803fc1a96
eb56aadf872ee519ea9d605a157c03278d7db469746543a3a2da932b5e7ce4d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5844
Cache-Control: max-age=95857
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Etag: "63e203e7-117"
Expires: Thu, 09 Feb 2023 09:32:43 GMT
Last-Modified: Tue, 07 Feb 2023 07:55:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
gagnantclub.online/lp/template-led-bulb.src/img/head1.png
54.230.111.31200 OK 1.1 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/head1.png
IP 54.230.111.31:0
File type PNG image data, 66 x 66, 8-bit colormap, non-interlaced\012- data
Hash 4dbb8b44303e9fd8aa707b565a5ae166
127798e3d8e1e68cdd92a13846f98e1ce1ee17ca
5110ad16d7ca5c0eee29fcc7d3e828e0610e6dfde431be150ff23d34c5010a48
GET /lp/template-led-bulb.src/img/head1.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1068
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-42c"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s5SNxEaeYilWpa-76uGgiCExDmI8-5M40d8MXGHoyiKsVvctu-CCPA==
X-Firefox-Spdy: h2
gagnantclub.online/o/39FC2383?clickid=ed024dd7e93145469f91a10f4d5183a7&subid=122494&sourceid=&data=199.48.45.391.90.42.1541.164.22.1846646254.1675839305.1586856147
54.230.111.31302 Found 1.2 kB URL HTTP/2 gagnantclub.online/o/39FC2383?clickid=ed024dd7e93145469f91a10f4d5183a7&subid=122494&sourceid=&data=199.48.45.391.90.42.1541.164.22.1846646254.1675839305.1586856147
IP 54.230.111.31:0
Hash b54dde5b0fc3e31f084bfb2388496ece
3886b1975a0370caf412ef4a55e4fdba41b411e5
939e16f02f11e9bd2a1a53a9fa2dbf82abbf49736f14eb64728441c6641da35b
GET /o/39FC2383?clickid=ed024dd7e93145469f91a10f4d5183a7&subid=122494&sourceid=&data=199.48.45.391.90.42.1541.164.22.1846646254.1675839305.1586856147 HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
set-cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9; path=/; secure; HttpOnly; SameSite=lax
cache-control: max-age=0, must-revalidate, private
location: /
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: av8QMO_5VkcuzjJ8jJcUHN0VTBxnFh5bBt7vVtmnsglBVDXpe1hY7w==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/head3.png
54.230.111.31200 OK 913 B URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/head3.png
IP 54.230.111.31:0
File type PNG image data, 66 x 66, 8-bit colormap, non-interlaced\012- data
Hash 6ed050ccdb74469ea4490e065db52c81
9248fcab93367fb069685beb1bbb595944ec0c33
ee57bb991736ef071270b69fd8720fc9046fcbeaa6533ef9ef0090a6ff4a4f88
GET /lp/template-led-bulb.src/img/head3.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 913
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-391"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JlwqxAYWCkti1PsK0sUHIij8JFzXRx55rL3zU8-kfdKTzan3suLjLw==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/head4.png
54.230.111.31200 OK 996 B URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/head4.png
IP 54.230.111.31:0
File type PNG image data, 66 x 66, 8-bit colormap, non-interlaced\012- data
Hash a822c91c5d4e904f4520641fe4b766b1
94cf8ea48752c5952aca837bbd969df46fbd682b
e4a815e57a6e5242f86f07f5d3857167b3d6da38e9574e3512cba7e34fec992e
GET /lp/template-led-bulb.src/img/head4.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 996
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-3e4"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9KX_C7foPh2KlB6R0JPwshr-GC0GomcIer0DvLAZILtSxLQzckB_1g==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic3.png
54.230.111.31200 OK 1.5 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic3.png
IP 54.230.111.31:0
File type PNG image data, 98 x 98, 4-bit colormap, non-interlaced\012- data
Hash 3230c20fa26e5f590e9c6b8da7e8e035
88790b8313932f7e3dbbf05e2dd1c6fea3f5fbe7
7be3332c69a736617cbb9229a62c71c5f937105848db3cf537a1b47111ada775
GET /lp/template-led-bulb.src/img/ic3.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1502
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-5de"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wLQ6YvGz1LlUmVrbBXz8y7aPyxmz8dpzdRjF9LGlHsio3Af21Dwi8Q==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic2.png
54.230.111.31200 OK 1.5 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic2.png
IP 54.230.111.31:0
File type PNG image data, 94 x 94, 4-bit colormap, non-interlaced\012- data
Hash e2d80c1c2b2484a3a82acf6a1b72b3e2
48accb122f9a196e22cdca089a55f28c10e7fcb1
4befec109f41d7895165601f7a9a74fe3b20484a40e9cf168855b671bdb0b743
GET /lp/template-led-bulb.src/img/ic2.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1506
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-5e2"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rqcsaSxiwH7pZOHDakvThalq7R0G7xuTVIUY5e24ss5DgEjn3bWOzQ==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic1.png
54.230.111.31200 OK 1.5 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic1.png
IP 54.230.111.31:0
File type PNG image data, 106 x 106, 4-bit colormap, non-interlaced\012- data
Hash a46d9eeba91cf70e4e606f1c60f0cbeb
360c6f13cd701a0433296a48e42b24433284ecab
ffb722848ac2830bde2963a51616683b535d648500e93ee28b11bf5aa7de14fc
GET /lp/template-led-bulb.src/img/ic1.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1490
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-5d2"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: agHdyae2cgoZv2TaW6FXWkRxJEOwO4sxFvUi3vHIANaSKPqh4ol8-Q==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic6.png
54.230.111.31200 OK 1.8 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic6.png
IP 54.230.111.31:0
File type PNG image data, 104 x 102, 8-bit colormap, non-interlaced\012- data
Hash 1494d4512f7342bb9e59811eb37ccf5a
6730c85b33ef18aa35858bba3d9b480cf72b1b82
96b2e72bb9a3dca2506fbcfa09a4b538ca3970515a047a5369a0e519ce63eba6
GET /lp/template-led-bulb.src/img/ic6.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1760
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-6e0"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gfjz3dcB2M6Z7vkkLy0kAZ-qS7VwnUnQJdm3ZqmUZRGdFN2tPfU2YA==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic5.png
54.230.111.31200 OK 1.9 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic5.png
IP 54.230.111.31:0
File type PNG image data, 104 x 102, 4-bit colormap, non-interlaced\012- data
Hash 1f8d5dc466e83989295c52b27aec6aac
7b0ab3b8bdf6758a98ec939dc5f71ec525133985
eabc89696374ac3f27774c6931c5b9ce3e63270d1f55a9f3e3c2abcd5fda603a
GET /lp/template-led-bulb.src/img/ic5.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1905
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-771"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _TAnRMWqsp-PrtCFGuaMq1fWniIYvSlGd27QBcQAVJ1ceYLfif7zpw==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/ic4.png
54.230.111.31200 OK 1.4 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/ic4.png
IP 54.230.111.31:0
File type PNG image data, 104 x 102, 4-bit colormap, non-interlaced\012- data
Hash 8a7f79e81b1f2d9e3e5b2dda6a51011c
e53b890bc6db83d4458a3410bffcd3b4a16c9a64
62585d0741d1ab378a375e19e22a6b96c1f5b4dcbfc1e0dba06ba26f2b7eca17
GET /lp/template-led-bulb.src/img/ic4.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1448
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-5a8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: z18fKc-CRl-mNdxO1s4rqb5WRSp3oan6Po33gBoBx2_MYDxCkcSxXg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fa0585c774900b36f3a634d3e2dfed08
8c5a2b456068a0263a90b5a4f7d8f62803fc1a96
eb56aadf872ee519ea9d605a157c03278d7db469746543a3a2da932b5e7ce4d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5844
Cache-Control: max-age=95857
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Etag: "63e203e7-117"
Expires: Thu, 09 Feb 2023 09:32:43 GMT
Last-Modified: Tue, 07 Feb 2023 07:55:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
gagnantclub.online/lp/_global/img/paycards.png
54.230.111.31200 OK 39 kB URL HTTP/2 gagnantclub.online/lp/_global/img/paycards.png
IP 54.230.111.31:0
File type PNG image data, 700 x 86, 8-bit/color RGBA, non-interlaced\012- data
Hash 79bb325a4206a7644989098482c399f5
b4be48f706920b55f46024ad1921ece4ffff034a
bcbba6b1642f8d581cca594275c19501804c452b19376f27ffada1d5141c8389
GET /lp/_global/img/paycards.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 39249
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Tue, 03 Aug 2021 20:40:22 GMT
etag: "6109a9b6-9951"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i2PYILgUtJ0nsfeSsdrWJYPAMm3YBZ5bTplnQzzt8htSoW_Cq5_Z9g==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/product.jpg
54.230.111.31200 OK 30 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/product.jpg
IP 54.230.111.31:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 650x488, components 3\012- data
Hash 5a98d762eacb4da52e5ae02f74884321
57631821d27cdb31d14168858035c900c4a3ee1d
e728220f7d3f777af859fb8125b90050dac10089cfcdb1e1bef78f2e4fff217f
GET /lp/template-led-bulb.src/img/product.jpg HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 29678
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-73ee"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LfuarssStQHJQxqbxd8B39ZzrKiUqx32_2KIwtar5NFLTgyyt3HMXg==
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/img/product-main.png
54.230.111.31200 OK 87 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/product-main.png
IP 54.230.111.31:0
File type PNG image data, 518 x 604, 8-bit colormap, non-interlaced\012- data
Hash cb731f524aa129952624485ae63476d8
0484f68fa82706fc50249ce5012442239b9c4f23
15169ca2c38b3d1d40c7ae6c81135238850018aa59445ac60c9713efcea7353b
GET /lp/template-led-bulb.src/img/product-main.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 86963
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-153b3"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nQuRAHoY_xwx6nZ_ES22MmeUJkRUXgakQdyTFgWHAkLTwNTBKgQsBQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 15beb7bfb1e8bb9ad6f47c3a7945d341
9b28ae0959c9eb85356cead7d9dadbef4ef638fe
fc168abe9147f855283027ea0e5d90367d45c016fbdf181c06b0969e94c04e8f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4674
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Last-Modified: Wed, 08 Feb 2023 05:37:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 280
gagnantclub.online/lp/template-led-bulb.src/img/midimages.png
54.230.111.31200 OK 238 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/midimages.png
IP 54.230.111.31:0
File type PNG image data, 974 x 708, 8-bit colormap, non-interlaced\012- data
Size 238 kB (237976 bytes)
Hash 7e78f3db801b7c33f643606b13a21c45
bf2ad452d73990b05a39561ccace7928eb0d5c3e
611c9283c8e78fe32825713120a5b251cdc4af1e2d041f651e9f191d9da417ec
GET /lp/template-led-bulb.src/img/midimages.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 237976
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-3a198"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T66CVW0RyvYJeZmvlTJcqh397ChTUVRjwW4Qu9p5wDKCeuwlH_OhUw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese
IP 142.250.74.106:0
Hash a225472ad920482b014a98a7c1d8a989
b652456904f396af088b2dcb77a1e21b5b004f02
0d524bc709fab8e3a0f983c5b8f25c003d25cf40b417c6dd754b5be1da48b452
GET /css?family=Open+Sans:400,400i,600,600i,700,700i&display=swap&subset=cyrillic,cyrillic-ext,latin-ext,vietnamese HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 Feb 2023 06:55:06 GMT
date: Wed, 08 Feb 2023 06:55:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gagnantclub.online/
54.230.111.31200 OK 71 kB IP 54.230.111.31:0
Hash 76ae87b5d841f991610510787db1dbfd
2d9f1eb58c88ad03b8095af599dae1fee95fa014
643d8ff85f00be67d6a1d5b95b34777173a35ececf284762cb2dec2ff8246641
GET / HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
vary: Accept-Encoding
cache-control: max-age=0, must-revalidate, private
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eG4yWtCv84NdIQtQ0To9Vs_Ks3nAOVrE5Ev5U5voRiON_TAYYhTJcA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f89914f325ec7035b9efecb8b1d67c01
755002e7b721afecadbf2858e9ea711bf1b49fe0
26bdec72de6a04ec8ac7a61241a5c2aef023ebf096ba9049cde7eae3601c079a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Last-Modified: Wed, 08 Feb 2023 05:13:10 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gagnantclub.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 18:52:41 GMT
expires: Tue, 06 Feb 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 129745
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f89914f325ec7035b9efecb8b1d67c01
755002e7b721afecadbf2858e9ea711bf1b49fe0
26bdec72de6a04ec8ac7a61241a5c2aef023ebf096ba9049cde7eae3601c079a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Last-Modified: Wed, 08 Feb 2023 05:13:10 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
track.em-trkcd.com/?a=122494&c=300509&co=168391&mt=3
45.141.157.124302 Found 2.1 kB URL HTTP/2 track.em-trkcd.com/?a=122494&c=300509&co=168391&mt=3
IP 45.141.157.124:0
Hash 4a48fde875656def35546fb7be66d5f2
932e6a488ff7ef199f29c79588ad711debc4c0f4
3d71ff87afedef8a3d025a2f7218c63325c3d40f059ab673ee80465579fa6942
GET /?a=122494&c=300509&co=168391&mt=3 HTTP/1.1
Host: track.em-trkcd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 08 Feb 2023 06:55:04 GMT
content-type: text/html;charset=ISO-8859-1
location: https://www.g33ktr4ck.com/8LJN3/6JHXF/?uid=2207&sub1=122494&sub2=&sub3=ee00139659fd4960b25fee40c320f08b1c250
set-cookie: gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/
gdm_sid_v2_3_001=u7AMDtpPP06JZp9XjYm5sFLfTyQ2U/6RMgxqn7u69n37IYO74iiHBlySeJ3SldCRcNau2aAzJg9dkBVH3n+SG/Uw4WrgUkoIBY8U9tMB2yQKFX7XPbOC68/nLnTC6J15gIXny8kEollrwXPiPryaDSZa7o3Tklwagp5N23fq64v/uJKzP44oMn8Q0U0ZucYTAuAL6sY1SpjVoeBxq8C3xn5zLRM+Cm0w0xbTqUjqt6IeFhoghfWx5ob4lRXuwAfDtM2yZ2BeSOvOVf9603txddMqLJRJusxn5M+1DegWKmxBc0/2l38FL3S1pwqr4evNlemY6HXhvGLgK+itdjdAKOFiBIakYtJ/BAzXWM/llL0g4Y8Nrm6g++Ka38GGQvFC4mBXepxJLU5EKqcmD/f7D5Ak8mguG+5jpc82H53hGSc58rTnN89EihgT5H1ytE82KLfvc1M9sl38Zzw7VAVMcefdcoaFnXKN1vy9h94NZ9/c/T9O5TrNNc7RIVfejt5D8vX06e76WNI2RBiPNTExAXc7NTl3KlbyNq/drBUToiKKx026f5zL3/+9xgtjzpfaaORJawxQr4I2rqvzZ2KCmqNfHB+PVK6rp4uThGIiwW2pemiMK67P2pv+elFFjDTPYqBaEumlef9UC9LwVdl1Vl+Q0N3BE0ZCVwKn1ly2wMhq6atdPx8cvWxT5NarHJADsxyYn5wqlT7Kbf4uXjWi1FtPPbhND4oYVO6crK/eBg872oK36uYIYsA2UevpUGWhBc9Wt7s8EL2pFOw5qlJHm7Dhg6n7Y3CjLCrmgvc+KJd5azoCa6ZgT452VsCnUdT8i2lkEfHJtL5pc/Nlpdwm+A90K7c+fOowzzMuQjQcjpfzKtxxU48egIGgZ5exAMzHqyn8pUFoTtXrMxd/OMgH2cPMeKqy48QqqQPvoyzeqeySFrs9BFjtY+6U/NN6x7HEmn6872L5X5qh83zn4Sy4WgXTrmqLmWycKMhfeiqAlUtgI9wKKRSPpFie2I45IH1p; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/; Secure; SameSite=None
gdm_uid_v1_1_001=81zb0lcBARAclS3dF4VKOD7uZDPv8TmIrN+YQ27rW52KqKKWIXf3cEZLRYlzLv95; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/
gdm_click_adv_freq_v2_1_001=HSUfoXMu3hf0403QIr/sBGrJSnOKNopKhjMIkdFSwyIOZ/MfflJIuiNQrtyt2h15; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/; Secure; SameSite=None
gdm_sid_v1_3_001=u7AMDtpPP06JZp9XjYm5sFLfTyQ2U/6RMgxqn7u69n37IYO74iiHBlySeJ3SldCRcNau2aAzJg9dkBVH3n+SG/Uw4WrgUkoIBY8U9tMB2yQKFX7XPbOC68/nLnTC6J15gIXny8kEollrwXPiPryaDSZa7o3Tklwagp5N23fq64v/uJKzP44oMn8Q0U0ZucYTAuAL6sY1SpjVoeBxq8C3xn5zLRM+Cm0w0xbTqUjqt6IeFhoghfWx5ob4lRXuwAfDtM2yZ2BeSOvOVf9603txddMqLJRJusxn5M+1DegWKmxBc0/2l38FL3S1pwqr4evNlemY6HXhvGLgK+itdjdAKOFiBIakYtJ/BAzXWM/llL0g4Y8Nrm6g++Ka38GGQvFC4mBXepxJLU5EKqcmD/f7D5Ak8mguG+5jpc82H53hGSc58rTnN89EihgT5H1ytE82KLfvc1M9sl38Zzw7VAVMcefdcoaFnXKN1vy9h94NZ9/c/T9O5TrNNc7RIVfejt5D8vX06e76WNI2RBiPNTExAXc7NTl3KlbyNq/drBUToiKKx026f5zL3/+9xgtjzpfaaORJawxQr4I2rqvzZ2KCmqNfHB+PVK6rp4uThGIiwW2pemiMK67P2pv+elFFjDTPYqBaEumlef9UC9LwVdl1Vl+Q0N3BE0ZCVwKn1ly2wMhq6atdPx8cvWxT5NarHJADsxyYn5wqlT7Kbf4uXjWi1FtPPbhND4oYVO6crK/eBg872oK36uYIYsA2UevpUGWhBc9Wt7s8EL2pFOw5qlJHm7Dhg6n7Y3CjLCrmgvc+KJd5azoCa6ZgT452VsCnUdT8i2lkEfHJtL5pc/Nlpdwm+A90K7c+fOowzzMuQjQcjpfzKtxxU48egIGgZ5exAMzHqyn8pUFoTtXrMxd/OMgH2cPMeKqy48QqqQPvoyzeqeySFrs9BFjtY+6U/NN6x7HEmn6872L5X5qh83zn4Sy4WgXTrmqLmWycKMhfeiqAlUtgI9wKKRSPpFie2I45IH1p; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/
gdm_click_freq_v1_1_001=Shc/YqpJjNuR01159N5zdqlicj7NQVf+/VBBolyQc9k9yCgVSptZS9xssRADpzxX; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/
gdm_uid_v2_1_001=81zb0lcBARAclS3dF4VKOD7uZDPv8TmIrN+YQ27rW52KqKKWIXf3cEZLRYlzLv95; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/; Secure; SameSite=None
gdm_click_freq_v2_1_001=Shc/YqpJjNuR01159N5zdqlicj7NQVf+/VBBolyQc9k9yCgVSptZS9xssRADpzxX; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/; Secure; SameSite=None
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/; Secure; SameSite=None
gdm_click_adv_freq_v1_1_001=HSUfoXMu3hf0403QIr/sBGrJSnOKNopKhjMIkdFSwyIOZ/MfflJIuiNQrtyt2h15; Domain=.em-trkcd.com; Expires=Tue, 09-May-2023 06:55:04 GMT; Path=/
content-language: en-US
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gagnantclub.online/lp/template-led-bulb.src/img/favicon.png
54.230.111.31200 OK 2.4 kB URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/img/favicon.png
IP 54.230.111.31:0
File type PNG image data, 96 x 96, 8-bit colormap, non-interlaced\012- data
Hash 470f873216adfa6f2b6ebdbc35e4f947
e57294da5f7b53b99f3f0dd5055e7b4a212561b0
b3e97b805d5a7befbac9cfc6fe7f00e0c2e3501c7330af5abb21cabbf07ca1f4
GET /lp/template-led-bulb.src/img/favicon.png HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2403
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 13 Aug 2021 11:45:39 GMT
etag: "61165b63-963"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TOgFDMG3XmUKP1XcDu4Vpt7PdSvx_oPd25aE6HU0-XHpb9FXONqx3g==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5411
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Last-Modified: Wed, 08 Feb 2023 05:24:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 08 Feb 2023 05:44:06 GMT
expires: Wed, 08 Feb 2023 07:44:06 GMT
cache-control: public, max-age=7200
age: 4260
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.facebook.com/tr?id=&ev=PageView&noscript=1
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr?id=&ev=PageView&noscript=1
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr?id=&ev=PageView&noscript=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 08 Feb 2023 06:55:06 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=1174113809&t=pageview&_s=1&dl=https%3A%2F%2Fgagnantclub.online%2F&ul=en-us&de=UTF-8&dt=Special%20offer%20%7C%20SUPER%20EFFICIENT%20LED%20BULB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1178162117&gjid=138635946&cid=229267035.1675839360&tid=UA-103066933-1&_gid=2079705592.1675839360&_r=1&_slc=1&z=1535216305
216.239.32.178200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1174113809&t=pageview&_s=1&dl=https%3A%2F%2Fgagnantclub.online%2F&ul=en-us&de=UTF-8&dt=Special%20offer%20%7C%20SUPER%20EFFICIENT%20LED%20BULB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1178162117&gjid=138635946&cid=229267035.1675839360&tid=UA-103066933-1&_gid=2079705592.1675839360&_r=1&_slc=1&z=1535216305
IP 216.239.32.178:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=1174113809&t=pageview&_s=1&dl=https%3A%2F%2Fgagnantclub.online%2F&ul=en-us&de=UTF-8&dt=Special%20offer%20%7C%20SUPER%20EFFICIENT%20LED%20BULB&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1178162117&gjid=138635946&cid=229267035.1675839360&tid=UA-103066933-1&_gid=2079705592.1675839360&_r=1&_slc=1&z=1535216305 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gagnantclub.online
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://gagnantclub.online
date: Wed, 08 Feb 2023 06:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0251492cae08969a77cc1f8b4fa25e5
110161e230f81ac3a954dc1d5114c7401c1ecd93
6483e465b117e6af3950e659d8692acc4bb38f60c7dc312ec8c6824ac5f000ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5411
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Last-Modified: Wed, 08 Feb 2023 05:24:55 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103066933-1&cid=229267035.1675839360&jid=1178162117&gjid=138635946&_gid=2079705592.1675839360&_u=IEBAAEAAAAAAACAAI~&z=524333715
64.233.162.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103066933-1&cid=229267035.1675839360&jid=1178162117&gjid=138635946&_gid=2079705592.1675839360&_u=IEBAAEAAAAAAACAAI~&z=524333715
IP 64.233.162.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-103066933-1&cid=229267035.1675839360&jid=1178162117&gjid=138635946&_gid=2079705592.1675839360&_u=IEBAAEAAAAAAACAAI~&z=524333715 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://gagnantclub.online
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://gagnantclub.online
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 06:55:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 06:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c65144dcdaf688643761916851b151c0
1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1
974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:27:19 GMT
age: 8873
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.em-trkcd.com/service-worker.js
45.141.157.124200 OK 0 B URL HTTP/2 track.em-trkcd.com/service-worker.js
IP 45.141.157.124:0
Analyzer Verdict Alert fortinet Phishing
GET /service-worker.js HTTP/1.1
Host: track.em-trkcd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_sid_v2_3_001=u7AMDtpPP06JZp9XjYm5sFLfTyQ2U/6RMgxqn7u69n37IYO74iiHBlySeJ3SldCRcNau2aAzJg9dkBVH3n+SG/Uw4WrgUkoIBY8U9tMB2yQKFX7XPbOC68/nLnTC6J15gIXny8kEollrwXPiPryaDSZa7o3Tklwagp5N23fq64v/uJKzP44oMn8Q0U0ZucYTAuAL6sY1SpjVoeBxq8C3xn5zLRM+Cm0w0xbTqUjqt6IeFhoghfWx5ob4lRXuwAfDtM2yZ2BeSOvOVf9603txddMqLJRJusxn5M+1DegWKmxBc0/2l38FL3S1pwqr4evNlemY6HXhvGLgK+itdjdAKOFiBIakYtJ/BAzXWM/llL0g4Y8Nrm6g++Ka38GGQvFC4mBXepxJLU5EKqcmD/f7D5Ak8mguG+5jpc82H53hGSc58rTnN89EihgT5H1ytE82KLfvc1M9sl38Zzw7VAVMcefdcoaFnXKN1vy9h94NZ9/c/T9O5TrNNc7RIVfejt5D8vX06e76WNI2RBiPNTExAXc7NTl3KlbyNq/drBUToiKKx026f5zL3/+9xgtjzpfaaORJawxQr4I2rqvzZ2KCmqNfHB+PVK6rp4uThGIiwW2pemiMK67P2pv+elFFjDTPYqBaEumlef9UC9LwVdl1Vl+Q0N3BE0ZCVwKn1ly2wMhq6atdPx8cvWxT5NarHJADsxyYn5wqlT7Kbf4uXjWi1FtPPbhND4oYVO6crK/eBg872oK36uYIYsA2UevpUGWhBc9Wt7s8EL2pFOw5qlJHm7Dhg6n7Y3CjLCrmgvc+KJd5azoCa6ZgT452VsCnUdT8i2lkEfHJtL5pc/Nlpdwm+A90K7c+fOowzzMuQjQcjpfzKtxxU48egIGgZ5exAMzHqyn8pUFoTtXrMxd/OMgH2cPMeKqy48QqqQPvoyzeqeySFrs9BFjtY+6U/NN6x7HEmn6872L5X5qh83zn4Sy4WgXTrmqLmWycKMhfeiqAlUtgI9wKKRSPpFie2I45IH1p; gdm_uid_v1_1_001=81zb0lcBARAclS3dF4VKOD7uZDPv8TmIrN+YQ27rW52KqKKWIXf3cEZLRYlzLv95; gdm_click_adv_freq_v2_1_001=HSUfoXMu3hf0403QIr/sBGrJSnOKNopKhjMIkdFSwyIOZ/MfflJIuiNQrtyt2h15; gdm_sid_v1_3_001=u7AMDtpPP06JZp9XjYm5sFLfTyQ2U/6RMgxqn7u69n37IYO74iiHBlySeJ3SldCRcNau2aAzJg9dkBVH3n+SG/Uw4WrgUkoIBY8U9tMB2yQKFX7XPbOC68/nLnTC6J15gIXny8kEollrwXPiPryaDSZa7o3Tklwagp5N23fq64v/uJKzP44oMn8Q0U0ZucYTAuAL6sY1SpjVoeBxq8C3xn5zLRM+Cm0w0xbTqUjqt6IeFhoghfWx5ob4lRXuwAfDtM2yZ2BeSOvOVf9603txddMqLJRJusxn5M+1DegWKmxBc0/2l38FL3S1pwqr4evNlemY6HXhvGLgK+itdjdAKOFiBIakYtJ/BAzXWM/llL0g4Y8Nrm6g++Ka38GGQvFC4mBXepxJLU5EKqcmD/f7D5Ak8mguG+5jpc82H53hGSc58rTnN89EihgT5H1ytE82KLfvc1M9sl38Zzw7VAVMcefdcoaFnXKN1vy9h94NZ9/c/T9O5TrNNc7RIVfejt5D8vX06e76WNI2RBiPNTExAXc7NTl3KlbyNq/drBUToiKKx026f5zL3/+9xgtjzpfaaORJawxQr4I2rqvzZ2KCmqNfHB+PVK6rp4uThGIiwW2pemiMK67P2pv+elFFjDTPYqBaEumlef9UC9LwVdl1Vl+Q0N3BE0ZCVwKn1ly2wMhq6atdPx8cvWxT5NarHJADsxyYn5wqlT7Kbf4uXjWi1FtPPbhND4oYVO6crK/eBg872oK36uYIYsA2UevpUGWhBc9Wt7s8EL2pFOw5qlJHm7Dhg6n7Y3CjLCrmgvc+KJd5azoCa6ZgT452VsCnUdT8i2lkEfHJtL5pc/Nlpdwm+A90K7c+fOowzzMuQjQcjpfzKtxxU48egIGgZ5exAMzHqyn8pUFoTtXrMxd/OMgH2cPMeKqy48QqqQPvoyzeqeySFrs9BFjtY+6U/NN6x7HEmn6872L5X5qh83zn4Sy4WgXTrmqLmWycKMhfeiqAlUtgI9wKKRSPpFie2I45IH1p; gdm_click_freq_v1_1_001=Shc/YqpJjNuR01159N5zdqlicj7NQVf+/VBBolyQc9k9yCgVSptZS9xssRADpzxX; gdm_uid_v2_1_001=81zb0lcBARAclS3dF4VKOD7uZDPv8TmIrN+YQ27rW52KqKKWIXf3cEZLRYlzLv95; gdm_click_freq_v2_1_001=Shc/YqpJjNuR01159N5zdqlicj7NQVf+/VBBolyQc9k9yCgVSptZS9xssRADpzxX; gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_click_adv_freq_v1_1_001=HSUfoXMu3hf0403QIr/sBGrJSnOKNopKhjMIkdFSwyIOZ/MfflJIuiNQrtyt2h15
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 06:55:05 GMT
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Sat, 1 May 2020 12:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
content-encoding: gzip
X-Firefox-Spdy: h2
gagnantclub.online/lp/template-led-bulb.src/index.js?1675839306
54.230.111.31200 OK 0 B URL HTTP/2 gagnantclub.online/lp/template-led-bulb.src/index.js?1675839306
IP 54.230.111.31:0
GET /lp/template-led-bulb.src/index.js?1675839306 HTTP/1.1
Host: gagnantclub.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Cookie: PHPSESSID=lhkevdkff7ighsla87rl6jpqa9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
vary: Accept-Encoding
date: Wed, 08 Feb 2023 06:55:06 GMT
server: nginx
last-modified: Fri, 16 Dec 2022 13:29:15 GMT
etag: W/"639c72ab-18857"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Y4yi0dLWOkOjmGP4DiPxBEaCzRaphMEUninEOEQ_WiG0bUMAMIBA5w==
X-Firefox-Spdy: h2
flagcdn.com/fr.svg
104.21.39.104200 OK 0 B IP 104.21.39.104:0
GET /fr.svg HTTP/1.1
Host: flagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:55:06 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Nov 2020 12:03:17 GMT
etag: W/"5fb65f05-c2"
access-control-allow-origin: *
cache-control: public, max-age=2678400, s-maxage=2678400
cf-cache-status: HIT
age: 2537687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tmOkPB8%2B2GuNHsz%2FSbwrSLSmXW7BoHgns63BvnBbeGeKvop81qyVtDOPZmqH1RVjuTOa6tjekpUMNKe8ZxC8LJqVrq4e%2Bj44lZAC694hk9sF2mAE5r%2Fx9A2KQY11Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 796275329b61b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 0 B URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gagnantclub.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 08 Feb 2023 06:55:06 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 2248
expires: Sat, 11 Feb 2023 06:55:06 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 79627530bb81b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2