| gotdate.xyz/tds | 18.196.9.157 | 302 Found | 0 B |
IP18.196.9.157:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /tds HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 23:09:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Access-Control-Allow-Origin: *
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Accept-CH: UA, Platform, Model, Mobile, Arch
Set-Cookie: dci=91597c6f280849caa5651e8f232701f35fdc8ee1; Max-Age=31536000; Domain=.gotdate.xyz; Path=/; Expires=Tue, 28 Nov 2023 23:09:29 GMT; Secure; SameSite=None
dm=fe450dd0d1dadc615429144d33241f42; Max-Age=432000; Path=/; Expires=Sat, 03 Dec 2022 23:09:29 GMT
Location: https://gotdate.xyz/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashcdbad2434b7d127a4fc769807a9dc3e7 fa98cd9fc2309ab4423f33f683d17bdb17d76713 560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7729
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Mon, 28 Nov 2022 23:09:29 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9408cc0694fcbea57966c3a3ba906092 fddcee1fdcf3209298e41a4b1b5560357fa165f0 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2001
Cache-Control: max-age=129313
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:09:29 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:04:42 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2996
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash3b56944f0e5716fd4fad2ec18994d4be 61cafa4de31ba960d1145ec37272f6f6b6944e0c 4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8415
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Mon, 28 Nov 2022 23:09:29 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 1634
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashe60e9fe75a1a425f00997f0d619f009b 7c8d3d764045f683c1bc1c4b9ddd3b8e96b45177 f39479a1211b439171353489014b2ca743130255b48ccf8c5a4fdc54accebb6f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171589
Date: Mon, 28 Nov 2022 23:09:29 GMT
Etag: "63853aee-1d7"
Expires: Wed, 30 Nov 2022 22:49:18 GMT
Last-Modified: Mon, 28 Nov 2022 22:49:18 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RWv798X2ZAzF7-nQy7aO2QjNkQcs0HHxAm0BvbKq4qi8zlvmoVdaPg==
|
|
| gotdate.xyz/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN | 18.196.9.157 | 302 Found | 350 B |
URL HTTP/2gotdate.xyz/res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN IP18.196.9.157:0
File typeHTML document, ASCII text, with very long lines (350), with no line terminators Hash67f0003da95624d577f7653bcd071724 f8a6d804d1064054ca52cfc703b8f2c8f547ed92 3fc0fbd5baebc9966029c9362a532698f7de479aa586a8b306826e9e952315be
GET /res_route/fback?s1=&s2=&s3=&s4=&s5=&s6=&s7=&s8=&tds_ac_id=&tds_cid=&tds_campaign=&utm_source=&utm_campaign=&utm_term=&tds_layer=ATE&tds_reason_code=TECH_UNKNOWN_CAMPAIGN HTTP/1.1
Host: gotdate.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 23:09:30 GMT
content-type: text/html; charset=utf-8
content-length: 350
location: https://www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source=
server: nginx
x-powered-by: Express
access-control-allow-origin: *
vary: Accept, Accept-Encoding
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:11:12 GMT
cache-control: public,max-age=3600
age: 3498
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.158 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.158:0
Hashe1d56092b31771631a8088a7442d671a f3c26dc0cc0aa95bb630595446bec05389cf04b3 6f580f6acceb45898993c22de5a3ec230de6735906f90fd77130d4a19313deb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=97411
Date: Mon, 28 Nov 2022 23:09:30 GMT
Etag: "6384192d-1d7"
Expires: Wed, 30 Nov 2022 02:13:01 GMT
Last-Modified: Mon, 28 Nov 2022 02:13:01 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZnB7Jzj62oDDHGPk-V3NvKPO6RnpreD4Dd7N_-hw8odXs8vQ7p3bGA==
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash7ab2ef968cb6a3078f4b9cb2dda813d4 e669116047ca058a2c1b2999ff0ea8682719162c 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2318
Cache-Control: max-age=124563
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:09:30 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:45:33 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
|
|
| www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= | 3.122.92.146 | 302 Found | 316 B |
URL HTTP/2www.dirtytinder.club/c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= IP3.122.92.146:0
File typeHTML document, ASCII text, with very long lines (314) Hasha38e47682ec15640ed6a62a732d0c1e5 8f6536e1a98ac73935519d0876f4e675b5992018 73ce711fc45db3c2b0b0665e028df80d259e851c5af97aae0f13ecdf1f70938a
GET /c/8d2358ea43d0439d?s1=36_all_ng&s2=TECH_UNKNOWN_CAMPAIGN&s3=&s4=&s5=&s6=&s7=&s8=&utm_source= HTTP/1.1
Host: www.dirtytinder.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 28 Nov 2022 23:09:30 GMT
content-type: text/html; charset=utf-8
content-length: 316
location: https://www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_tmp
server: nginx
set-cookie: unique_id=63853faa000f37a3; Path=/; Expires=Fri, 27 Jan 2023 23:09:30 GMT; Secure; SameSite=None
unique_id2=63853faa000f3fbb; Path=/; Expires=Sun, 26 Feb 2023 23:09:30 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 28 Nov 2022 23:09:30 GMT; Secure; SameSite=None
tid=cjokc63853faa000fcaf0; Path=/; Expires=Tue, 02 Nov 2027 23:09:30 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 35.161.136.21 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.161.136.21:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: usna15Ej7xCO6lzB/IX14w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8LgfnfhGf+UEdgQqg2WhUTe1x4c=
|
|
| ocsp.sectigo.com/ | 104.18.32.68 | 200 OK | 471 B |
IP104.18.32.68:0
Hashcca2ab26d10dc195e5f9710d19b771ce 64946db67a8e5ecda75c3916063392c31514ec0c 0493f706c24390b6a3f6dbbb19fcc44d4e0a0fb4de96d5887c0d9ee6a2a4d4cf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 23:09:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 23:00:40 GMT
Expires: Sun, 04 Dec 2022 23:00:39 GMT
Etag: "64946db67a8e5ecda75c3916063392c31514ec0c"
Cache-Control: max-age=517268,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716c58aab40b4fd-OSL
|
|
| www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_tmp | 52.19.101.114 | 200 OK | 295 B |
URL HTTP/2www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_tmp IP52.19.101.114:0
File typeHTML document, ASCII text, with no line terminators Hash5f16a04826929ec7fe9464ab9dd87733 5e7c88a959b3c2da4ab1ab5f568c9561a368a08b 43a5699a5822d286924d0b352e3bec27f9813df52d179034907f7e1c8ab84b66
GET /redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_tmp HTTP/1.1
Host: www.redir2fuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:30 GMT
content-type: text/html; charset=utf-8
content-length: 295
X-Firefox-Spdy: h2
|
|
| www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_final | 52.19.101.114 | 200 OK | 161 B |
URL HTTP/2www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_final IP52.19.101.114:0
File typeHTML document, ASCII text, with no line terminators Hash5f44a4edc2f40861a21f93ec7dc6a800 87c73b92ae870e63006e9d3ee2af0518c3781c71 807e32c77c90e63f886989e514129724d71c6b80a8bed9fded9f0c530da26064
GET /redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_final HTTP/1.1
Host: www.redir2fuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redir2fuck.com/redirect/index?type=script&to=aHR0cHM6Ly93d3cucmVkaXIyZnVjay5jb20=&data=aHR0cHM6Ly9yZ2pnd2UuaW1wcmVzc2x2ZWRhdGVzLmNvbS9jL2UyOTA1ZjU1ZWMzYTU2OGI/czE9MTM4MDg5JnMyPTEzMTA5MDYmczM9JnM1PSZjbGlja19pZD1jam9rYzYzODUzZmFhMDAwZmNhZjAmajE9MSZqOT0x&action=action_tmp
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:31 GMT
content-type: text/html; charset=utf-8
content-length: 161
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash2bbbcbe85986564d056c39340c329921 a2f73a0954b14a9153738e1ad78846a82291e298 488526083dcee420a5c7c4a5bbc3c97d07e20d76cfe37b321273118ad8062a6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "488526083DCEE420A5C7C4A5BBC3C97D07E20D76CFE37B321273118AD8062A6C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20926
Expires: Tue, 29 Nov 2022 04:58:17 GMT
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
|
|
| rgjgwe.impresslvedates.com/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=&click_id=cjokc63853faa000fcaf0&j1=1&j9=1 | 52.19.101.114 | 200 OK | 6.0 kB |
URL HTTP/2rgjgwe.impresslvedates.com/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=&click_id=cjokc63853faa000fcaf0&j1=1&j9=1 IP52.19.101.114:0
Hash1b57f7f11e39b5942d0539a23174953f 60e77b1d8d54f72a316dc9ad5232b196ae0ae7c7 eef66e7cd4a5db71d09b1bdf023a6331cf34708fc806d92df577440ab94090c0
GET /c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=&click_id=cjokc63853faa000fcaf0&j1=1&j9=1 HTTP/1.1
Host: rgjgwe.impresslvedates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redir2fuck.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:31 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=63853fab000d80f8; Path=/; Expires=Fri, 27 Jan 2023 23:09:31 GMT; Secure; SameSite=None
unique_id2=63853fab000f964a; Path=/; Expires=Sun, 26 Feb 2023 23:09:31 GMT; Secure; SameSite=None
63853fab000f964a_c=1; Path=/; Expires=Sun, 26 Feb 2023 23:09:31 GMT; Secure; SameSite=None
ref_token=138089; Path=/; Expires=Wed, 28 Dec 2022 23:09:31 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Mon, 28 Nov 2022 23:09:31 GMT; Secure; SameSite=None
63853fab000f964a_sl=[212225]; Path=/; Expires=Mon, 12 Dec 2022 23:09:31 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/css/main.css?1624025125 | 184.31.15.67 | 200 OK | 1.4 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/css/main.css?1624025125 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeassembler source, ASCII text Hash8df101b94d92ec02934a35a76b709de6 d76437a536afe0430c9d6a765841de9eeb50a448 c8aff816800155d1460ec0dbce2c4ea158df479388e1f276e06514ab28d2bc2b
GET /landings/212225/1624025125/css/main.css?1624025125 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dGUFAMVBkOQ2M09fPhZ1Ma8w2Xy1XvKCfgRZ8AuwChumab2SGLxJ/MaaDA5FdXypzEIBQ1OFg34=
x-amz-request-id: 3SRVVYPBVS1113MX
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "e8ad0d5112ebc38ccffa906a88480571"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Length: 1438
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/js/jquery.validate.min.js?1624025125 | 184.31.15.67 | 200 OK | 7.8 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/js/jquery.validate.min.js?1624025125 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeUnicode text, UTF-8 text, with very long lines (24228) Hashf808399407c6ac496fe830d5deacb05f 151039ee8631ce8ff989c5cf795c2feba950a499 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
GET /landings/212225/1624025125/js/jquery.validate.min.js?1624025125 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: x0n88vy6R42RaV/564yya+rciGgXVcQvshv7BBD+QqFLxydxKP4YN3T5glF0YCxYX1XDiujp19w=
x-amz-request-id: 76SPH51FAFYCDKPA
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/js/trls.js?1624025125 | 184.31.15.67 | 200 OK | 13 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/js/trls.js?1624025125 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash7c49093e0da4cde7c10e6eaeb5db33e8 8335e795d1fa1d5a59aad88a9f23a8bb43a09986 95390457c7424017fadc461ca9ab9ad441f3fc2f96fb70e7b69ea333cf460a55
GET /landings/212225/1624025125/js/trls.js?1624025125 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: bEDMW+4uYXQPwp93E6hYipGoikvYukxCW1jf3CF2FDbC2bufMmZoIbFJeitROyv5M+AHZbFBmeE=
x-amz-request-id: 76SN3BPGWTYB3T7P
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "1f2a63d62e50fb3ea9b5bdfd69c66411"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Length: 12875
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/js/script.js?1624025125 | 184.31.15.67 | 200 OK | 145 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/js/script.js?1624025125 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeASCII text, with CRLF line terminators Hash7088a812e48fb5ed8602225eddbac48f 4ab069794875538586cdbb1a924333a037e630d1 ee31e979a2410b8968bbfa00dbc3a6f2fb870562da1ac4315054da1a6c14eba0
GET /landings/212225/1624025125/js/script.js?1624025125 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 9v4LI0Nf/QJJk1CdEv3RcXP+gaGX0x+GvEWprsUgwN9MHr/m5kCGlZEi1P6bQ42YQFXAMUEd4PA=
x-amz-request-id: 76SV05V07173EPSM
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "7088a812e48fb5ed8602225eddbac48f"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 145
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/js/jquery-2.2.4.min.js?1624025125 | 184.31.15.67 | 200 OK | 36 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/js/jquery-2.2.4.min.js?1624025125 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (530), with CRLF line terminators Hash378507f30ab981ba7c512e07d134caaf dd17d6f540df83bab63921deda1b9462a5047c00 97d25af867afe95682e66a2d01f9c5e2f085df402403671e6ba885f49a1e03be
GET /landings/212225/1624025125/js/jquery-2.2.4.min.js?1624025125 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: iGCeVFed+qRt5/WMxWkRwGf/gH1XJWT9G/wuX8FMV9kjQEmQ+TKNro5xNmWT1F7vjK1rbeV2n2g=
x-amz-request-id: 3SRP1WXFV252M78E
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "61a04f254179208c931ebf40f4cfddf5"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Length: 36023
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/css/css2.css | 184.31.15.67 | 200 OK | 478 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/css/css2.css IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash71422cc0c98c0f0d038113e2c0f4fc74 8cb475413b46c087e604adcbf6e0dcd7b3e4f1ae edd01a5eba971514bdb2bdac264929d7cc99b67d7b2d3999bb4f57c82a1a986b
GET /landings/212225/1624025125/css/css2.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/212225/1624025125/css/main.css?1624025125
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
x-amz-id-2: +P7HmwoyklT5lBsWZZv8dRfONDR5sFbboGSfNKeGGuNgxzrvRIj5nqW9OadQJ+qU+0ZavuZXcfU=
x-amz-request-id: 3SRH1EH4G0K4GEFB
Last-Modified: Fri, 18 Jun 2021 14:05:28 GMT
ETag: "71422cc0c98c0f0d038113e2c0f4fc74"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 478
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/camera.png | 184.31.15.67 | 200 OK | 521 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/camera.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 29 x 22, 8-bit colormap, non-interlaced\012- data Hashe6fc25af3843556766acc03739200472 6aee49dbf2166cb5b0542fbe491d1b26da3f9e2c 8a5920605debc2378688b502b33f55753fc099c17639d56c652981fc0442e57f
GET /landings/212225/1624025125/images/camera.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +6sgPo4IwWDjLEpOourHrMnv1aGCfMHsbFzaIuTWVIa/h1JSb2utLt52SYBYiwI1colyaojeSqs=
x-amz-request-id: VSQJ2R9W0GQP46WC
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "e6fc25af3843556766acc03739200472"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 521
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/btn.png | 184.31.15.67 | 200 OK | 876 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/btn.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 55 x 55, 8-bit colormap, non-interlaced\012- data Hashc90d93be7b9e2e55e87b9d58d3589721 951a4e7d04ec68e711196b3c9db68bce699f7f89 75941932fdfac80826ee9f5516cd038ed9233b6e377c8daf3440a90aa4b0ccc3
GET /landings/212225/1624025125/images/btn.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: qS2r5FFQMtAGAH23af0BXqmzGu3JWD1tTH4mc4+4fujcUy6S3Dms9YqNpNpupX0Q58dps+7UyRQ=
x-amz-request-id: G2ZEVQSE2KW3W5TF
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "c90d93be7b9e2e55e87b9d58d3589721"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 876
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/filter.png | 184.31.15.67 | 200 OK | 621 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/filter.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 38 x 33, 8-bit colormap, non-interlaced\012- data Hash9c15c9a0a02ff49660d3c31f5c190b99 54c7501b9dfb865b87cd496e692779609bdc03bf ad282a1099717f016062356106530897020924d9e92f613a21f2c305059184f8
GET /landings/212225/1624025125/images/filter.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 6eh5do1b8hgTeOza38mZfW8wgPNOd77OHhj5QOvCkmuRXAHd3sggs6UfTfbV6M2Kt838nKJuYCM=
x-amz-request-id: G2Z4PE5JF8DVJFA5
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "9c15c9a0a02ff49660d3c31f5c190b99"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 621
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/lightning.png | 184.31.15.67 | 200 OK | 259 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/lightning.png IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePNG image data, 13 x 22, 8-bit colormap, non-interlaced\012- data Hash432a82abcebbf54d61969c7551feb4f3 15ed6893f8e3aa17da4c6412e369074ed9626b01 7eebda5ca1e762f5e0ad0a4857be6e60589c5b842357c9f92fde24eb91a16717
GET /landings/212225/1624025125/images/lightning.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VKsHfp/kCHhMynrgK7dZBBKiqCEKf/5TTPF7VY2er0xQkFwet1udk2gPu6xxB2DQRqt9ZdygebE=
x-amz-request-id: VSQJJMN2KB42FZEC
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "432a82abcebbf54d61969c7551feb4f3"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 259
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/preview.jpg | 184.31.15.67 | 200 OK | 41 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/preview.jpg IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=257, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=257], progressive, precision 8, 257x257, components 3\012- data Hashf14e845449946d94336832c6a288b753 16b73762fe2dd8ffccbf8da97504a3bd4c4c396f c7c713b35f729a8e3246f80f666d8ff01233745653afee65ff603ab2d86fe9b5
GET /landings/212225/1624025125/images/preview.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +nHh7RkH0nutv1CA35z5OcqzIEFGocwQgk9KVJyOUbAiSWuTg5EJP9olbg5ef7NM90ctAxxWtCM=
x-amz-request-id: VSQNNVA9AT56022K
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "f14e845449946d94336832c6a288b753"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 41399
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf | 184.31.15.67 | 200 OK | 74 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typeTrueType Font data, 18 tables, 1st "GDEF"\012- data Hashd4ba4608a5d94d28a2bc6a2da6c321dd a8596d6fe3e2c8de64926bb45666b2b5766fc77c ae5a996c653b33cc80a770795b03d001edea005272e230ca6e3bdffec8328196
GET /landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rgjgwe.impresslvedates.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: JjY7K3ACjyfHw8f0c40KEvr8Bw+EmjghFjhoCYFuJQ6seGXl896FqCkW90D6EPjHiI4hbmKrOb8=
x-amz-request-id: G2Z6J4CSDXVWPY0W
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "74bc6165dc68714ccaa88f5c64656b1c"
Accept-Ranges: bytes
Content-Type: application/x-font-ttf
Server: AmazonS3
Content-Length: 131008
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| rgjgwe.impresslvedates.com/js/pushjs/1.0.0/utils.js | 52.19.101.114 | 200 OK | 7.5 kB |
URL HTTP/2rgjgwe.impresslvedates.com/js/pushjs/1.0.0/utils.js IP52.19.101.114:0
Hashfdcbc2b2a51df3329d444d117ea06bde 45cdc6cb7b2990ba5fa635eedb6fdf3e16d933b1 ca09abdc6092d2de69dc5cb9e15564f7551342bf6e3586535b1548bf67110bb3
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: rgjgwe.impresslvedates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=backuser&click_id=cjokc63853faa000fcaf0&iexpp=1&j1=1&j9=1
Cookie: unique_id=63853fab000d80f8; unique_id2=63853fab000f964a; 63853fab000f964a_c=1; ref_token=138089; 63853fab000f964a_sl=[212225]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:31 GMT
content-type: application/javascript
expires: Mon, 05 Dec 2022 23:09:31 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hash49eee25f3ccd585a29e34e80cf5bb160 73eca8be91deedd049304862759a3d8084c0b07e 531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf | 184.31.15.67 | 206 Partial Content | 62 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf IP184.31.15.67:0 ASN#20940 Akamai International B.V.
Hash2d2d640f14b25feb69666b2f8590bc16 c4822b90deacc69e40d8aa0ee2f839e2de4b0a6b 075b698cdff6dfaa0fed03fba4288b73d4847cf2e582b1b5aa67e6d7a749ee5e
GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rgjgwe.impresslvedates.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=50572-
If-Range: "0d984acaec916c225c012f27d0c56a91"
HTTP/1.1 206 Partial Content
x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc=
x-amz-request-id: G2Z2ZQSPT2KV8EE2
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "0d984acaec916c225c012f27d0c56a91"
Accept-Ranges: bytes
Content-Type: application/x-font-ttf
Server: AmazonS3
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Range: bytes 50572-131915/131916
Content-Length: 81344
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf | 184.31.15.67 | 206 Partial Content | 63 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf IP184.31.15.67:0 ASN#20940 Akamai International B.V.
File typePDP-11 executable - version 15\012- data Hash7980dde9cdff5c15534162e348fa9da0 a3ab7c04e30bc19db31fef83fb3dcef5789c89e0 179bc0891c0750ea10b98b5af6c25cc4e7adf8167f24460ec8319477efef8130
GET /landings/212225/1624025125/images/KFOlCnqEu92Fr1MmWUlvAw.ttf HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rgjgwe.impresslvedates.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Range: bytes=51712-
If-Range: "74bc6165dc68714ccaa88f5c64656b1c"
HTTP/1.1 206 Partial Content
x-amz-id-2: JjY7K3ACjyfHw8f0c40KEvr8Bw+EmjghFjhoCYFuJQ6seGXl896FqCkW90D6EPjHiI4hbmKrOb8=
x-amz-request-id: G2Z6J4CSDXVWPY0W
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "74bc6165dc68714ccaa88f5c64656b1c"
Accept-Ranges: bytes
Content-Type: application/x-font-ttf
Server: AmazonS3
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Range: bytes 51712-131007/131008
Content-Length: 79296
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaebda342a81ad83f60d2523f54ccda67 e590d9326e4a283e0929a8ffccb13cc4308af0e6 bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7757
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash516776052e5e906ea9f42d25bae5cc85 be4c4d01fc67218e26a3e9d27a2f708e639c9d4b 28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ieDA8l_Up51cFaB9IExlSs8A5m-H77va1rCVF_WRMg_FN53Xakipuw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 4956
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.35 | 200 OK | 472 B |
IP142.250.74.35:0
Hashcd0a5be4865b85e858cfcaafa90f8dca 122569d314b0900b1f5e5f58cdad0d9fc16b7e1b 624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 23:09:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4058fd62595d15c58b3d3266de9865a d0dff35eb78f129b5da407043037bcf9c27e55c0 ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:56:43 GMT
age: 51168
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb5e2bc1651b37b8e0467c2a6cb860fb3 3348f081a3357490a704592d105d02e81886df89 751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 46513
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash415b1b1d5a29fc17b4114bb3df1d1c22 600859401c885cc2cdd1f199cccc198eb41d6a04 abfbf4ecf2423736a29686859f6a8f2b77204b48f3f60d208f6d491e80611e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F306bb762-e2a8-4771-9a39-086c46f94b11.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7549
x-amzn-requestid: bb37235a-8c7d-47fe-abb6-6cc633560165
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP-7lHmsoAMF9lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638311e3-1f2a4abc40119f3e026dc393;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:29:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ds96jURZ0epaXMg2oTUETRQCpHwlVJrl5hTqvpUAWEGVa5rbDve1FA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:42 GMT
age: 4969
etag: "600859401c885cc2cdd1f199cccc198eb41d6a04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash7e44c46db2ac9917110dc47aa38fdc85 b5b245c90705ad80c31d457c0d7c96709ca31e96 5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:56:22 GMT
age: 29589
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash748366131b496e41f92e15ce7d1cd0e0 a6c7a59a6599ece2cf0e76c778c920dea94ff469 b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ImCYNlZ1ri4mMpJhMnoucEoQPgKly8gj7KvMPFYb6WpsoJ18WyFog==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 13:28:25 GMT
age: 34866
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| rgjgwe.impresslvedates.com/js/pushjs/1.0.0/subscriber.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rgjgwe.impresslvedates.com/js/pushjs/1.0.0/subscriber.js IP52.19.101.114:0
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: rgjgwe.impresslvedates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/c/e2905f55ec3a568b?s1=138089&s2=1310906&s3=&s5=backuser&click_id=cjokc63853faa000fcaf0&iexpp=1&j1=1&j9=1
Cookie: unique_id=63853fab000d80f8; unique_id2=63853fab000f964a; 63853fab000f964a_c=1; ref_token=138089; impression=; 63853fab000f964a_sl=[212225]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:31 GMT
content-type: application/javascript
expires: Mon, 05 Dec 2022 23:09:31 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| rgjgwe.impresslvedates.com/js/service-worker.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2rgjgwe.impresslvedates.com/js/service-worker.js IP52.19.101.114:0
GET /js/service-worker.js HTTP/1.1
Host: rgjgwe.impresslvedates.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=63853fab000d80f8; unique_id2=63853fab000f964a; 63853fab000f964a_c=1; ref_token=138089; 63853fab000f964a_sl=[212225]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 23:09:31 GMT
content-type: application/javascript
expires: Mon, 05 Dec 2022 23:09:31 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/bg.mp4 | 184.31.15.67 | 206 Partial Content | 0 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/bg.mp4 IP184.31.15.67:0 ASN#20940 Akamai International B.V.
GET /landings/212225/1624025125/images/bg.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rgjgwe.impresslvedates.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
x-amz-id-2: PYCeh/fcpOLFMxwp+WjJrLuyZWn0W+QEBQxTdDCG8v368APnG/m0oked+OngdOIureCe7kW4K0g=
x-amz-request-id: YNQGNQF9RNKBV33G
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "cc4714e8b4e4c5fec9b05bafaeb508d5"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Mon, 28 Nov 2022 23:09:31 GMT
Content-Range: bytes 0-3823843/3823844
Content-Length: 3823844
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf | 184.31.15.67 | 200 OK | 0 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf IP184.31.15.67:0 ASN#20940 Akamai International B.V.
GET /landings/212225/1624025125/images/KFOmCnqEu92Fr1Me5Q.ttf HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rgjgwe.impresslvedates.com
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ikXxGD3V55TtP6jGVtUGbyHqUiHUqCgb3+gelfaqLxGkMURzm5+ptdLgvufLXjgWPv6+1e11TDc=
x-amz-request-id: G2Z2ZQSPT2KV8EE2
Last-Modified: Fri, 18 Jun 2021 14:05:27 GMT
ETag: "0d984acaec916c225c012f27d0c56a91"
Accept-Ranges: bytes
Content-Type: application/x-font-ttf
Server: AmazonS3
Content-Length: 131916
Date: Mon, 28 Nov 2022 23:09:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|