Overview

URLa.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES;10282dbd32edba623b6ab6360f52bf&affiliateID=44542&source=102b6ba6332fbac7f86b4543a259c6&subID2=44543&s2=102b6ba6332fbac7f86b4543a259c6&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES;10282dbd32edba623b6ab6360f52bf&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=10282dbd32edba623b6ab6360f52bf&aff_click_id=102b6ba6332fbac7f86b4543a259c6&bo=2753,2754,2755,2756
IP 18.192.108.151 (Germany)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 13:13:49 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.sca1b.amazontrust.com (1) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
cdn-dimi.akamaized.net (29) 0 2022-07-07 13:18:25 UTC 2022-12-08 13:28:46 UTC 184.31.15.67 Domain (akamaized.net) ranked at: 280
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 100.20.30.105
ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-12-08 17:12:01 UTC 142.250.74.131
a.vfgtf.com (1) 0 2020-02-06 07:47:32 UTC 2022-12-09 00:03:00 UTC 18.192.108.151 Unknown ranking
r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 95.101.11.115
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
fonts.googleapis.com (2) 8877 2012-05-23 12:41:44 UTC 2022-12-08 17:12:12 UTC 142.250.74.106
jwbvdz.exceilentdate.com (2) 0 2022-11-02 12:20:38 UTC 2022-12-08 09:11:33 UTC 63.32.216.166 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239
t.anmdr.link (1) 0 2022-07-07 15:35:25 UTC 2022-12-09 01:38:28 UTC 54.230.111.117 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-09 2 jwbvdz.exceilentdate.com/ortb Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.192.108.151
Date UQ / IDS / BL URL IP
2023-02-09 01:57:24 +0000 0 - 6 - 0 myeasetrack.com/8b901698-fb76-4d85-9b09-48673 (...) 18.192.108.151
2023-02-09 01:31:10 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-02-08 21:58:11 +0000 1 - 0 - 1 track.supercosmo.xyz/888ac5c1-a909-49ec-821f- (...) 18.192.108.151
2023-02-08 21:21:39 +0000 0 - 1 - 0 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-02-08 20:57:39 +0000 0 - 5 - 0 myeasetrack.com/605dcdfe-8da0-41fe-bb05-bb664 (...) 18.192.108.151


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-02-09 03:15:19 +0000 0 - 0 - 4 nucleuscorps.com/office365/ 52.220.178.0
2023-02-09 03:14:54 +0000 0 - 0 - 1 daftar.site/Y4NB/ChSTtEhyKBATgkkklgbtq.bin 3.64.163.50
2023-02-09 03:11:46 +0000 0 - 0 - 1 dratingmaject.com/f9cb773e-829d-4363-8611-277 (...) 18.195.149.11
2023-02-09 03:11:24 +0000 0 - 3 - 4 www.stockfootageonline.com/website.php?url=co (...) 54.194.44.236
2023-02-09 03:10:46 +0000 0 - 0 - 1 braokeextrefore.com/6ed7e6c2-76c0-41ca-a247-c (...) 3.124.99.72


Last 5 reports on domain: vfgtf.com
Date UQ / IDS / BL URL IP
2023-01-31 05:50:21 +0000 0 - 1 - 0 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151
2023-01-28 17:23:49 +0000 0 - 1 - 0 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151
2023-01-20 02:02:49 +0000 0 - 0 - 15 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151
2023-01-16 08:45:46 +0000 0 - 2 - 0 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151
2023-01-14 01:47:56 +0000 0 - 0 - 1 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-15 13:16:48 +0000 0 - 0 - 1 s.sloffer1.com/44542/3458/0/?aff_sub4=_bucket (...) 52.1.220.62
2023-01-14 22:15:06 +0000 0 - 0 - 1 a.vfgtc.com/cb5cb9a8-26a4-42ae-946b-aae4b3e52 (...) 18.192.108.151
2023-01-14 18:58:40 +0000 0 - 0 - 1 s.sloffer1.com/75077/8047/27900/?aff_sub4=_bu (...) 52.1.220.62
2023-01-14 03:56:02 +0000 0 - 0 - 2 mobile.clubhouseflings.com/l?u=MTM3NTg2MTE2fD (...) 35.203.113.247
2023-01-14 01:47:56 +0000 0 - 0 - 1 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629 (...) 18.192.108.151

JavaScript

Executed Scripts (15)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (59)


Request Response
                                        
                                            GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=REDIRECTED_FROM_LEGACY_LANDING_PAGES;10282dbd32edba623b6ab6360f52bf&affiliateID=44542&source=102b6ba6332fbac7f86b4543a259c6&subID2=44543&s2=102b6ba6332fbac7f86b4543a259c6&s3=REDIRECTED_FROM_LEGACY_LANDING_PAGES;10282dbd32edba623b6ab6360f52bf&s4=44543&url=1&affsub=REDIRECTED_FROM_LEGACY_LANDING_PAGES&affsource=10282dbd32edba623b6ab6360f52bf&aff_click_id=102b6ba6332fbac7f86b4543a259c6&bo=2753,2754,2755,2756 HTTP/1.1 
Host: a.vfgtf.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         18.192.108.151
HTTP/1.1 302
                                        
Server: nginx
Date: Fri, 09 Dec 2022 13:13:38 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://t.anmdr.link/44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B10282dbd32edba623b6ab6360f52bf&aff_sub2=44543&aff_sub3=w9ofhgbidlu0r52l228acm7i&source=102b6ba6332fbac7f86b4543a259c6&aff_sub5=_10282dbd32edba623b6ab6360f52bf
Pragma: no-cache
Set-Cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=QW_o7Vi0K6rDzWcBMQU4bmzIkNCABaioricRl_pJeA0; Max-Age=86400; Expires=Sat, 10-Dec-2022 13:13:38 GMT; Domain=a.vfgtf.com; Path=/; HttpOnly cc-v4=vffCDmRcS8Us9WlWvDOGm11qzmO0DO40MudvjB5lDUc6eBmbRxTLmvnzbp%2Be5ntm%2BVMBj9jYAbIEem8gaPJQCibXi50pzNP%2FUnhAiifDHVSqX8MlACfs1PHcRH5MYOf1CGJgHbR7DLDD4uLmBwJeDg%3D%3D; Max-Age=31536000; Expires=Sat, 09-Dec-2023 13:13:38 GMT; Domain=a.vfgtf.com; Path=/; HttpOnly

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8985
Expires: Fri, 09 Dec 2022 15:43:23 GMT
Date: Fri, 09 Dec 2022 13:13:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14125
Expires: Fri, 09 Dec 2022 17:09:03 GMT
Date: Fri, 09 Dec 2022 13:13:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 13:08:18 GMT
age: 320
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10224
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 13:13:38 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: r/H8IqvRIYeXrVw3H5ZWhB9RA4eDr1pNwKoSTipgdhz9yy3MDNq3Ln+15qQOvWLJ/Ok6KNqtrFs=
x-amz-request-id: STEHBF74DJSXN3ZB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 12:48:20 GMT
age: 1518
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113364
Date: Fri, 09 Dec 2022 13:13:38 GMT
Etag: "6392371b-1d7"
Expires: Sat, 10 Dec 2022 20:43:02 GMT
Last-Modified: Thu, 08 Dec 2022 19:12:27 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8T63zCKPaqUrKd9SHUo-g-JG_JKNip1GC03ME-IVWhKVks0ruBnyXw==
Age: 5435

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 13:13:38 GMT
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 13:07:55 GMT
age: 343
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /44542/3458/0/?aff_sub4=_bucket&aff_sub=REDIRECTED_FROM_LEGACY_LANDING_PAGES%3B10282dbd32edba623b6ab6360f52bf&aff_sub2=44543&aff_sub3=w9ofhgbidlu0r52l228acm7i&source=102b6ba6332fbac7f86b4543a259c6&aff_sub5=_10282dbd32edba623b6ab6360f52bf HTTP/1.1 
Host: t.anmdr.link
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_5592=ENC039240db4fc2ac07ebc323a720b61656be1d57a6cb2d237b5333f07515e217510fcb66ee5793c5de8844e4a17f5d821bdcfc7f5ef73757829ddbdf15fbdf983c38506108d65e23c5fae1291b713acd880e50eb88b0a729a5e3ab88f9232fff766ffb9667853437f6747413224ea62ea5cc67f1ee127ce8ec04c0f619e4a54ce701cb7be975041b600c2e437fae6f75b06ace1d50b11d8e2d8e5287610f7eb2f2ce00dc0f9844129ebaede4ace4eb5c3b6620963d4ebda0f42e878c89fcd1fbab25791358f2ed55d73fed4e80824c970dad818db7e599b67153c01f048108e11eae7e559ebdb503a197b3d3cbaf2910bdc10ba7320ca7402a5d4a4f89e5814e5fdf00e8623f; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.117
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
                                        
content-length: 500
location: https://jwbvdz.exceilentdate.com?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_10282dbd32edba623b6ab6360f52bf&click_id=10251de93fcf4cf898a603ee2f37c8&j1=1&j5=1&j8=1&j9=1
server: nginx/1.19.0
date: Fri, 09 Dec 2022 13:13:38 GMT
set-cookie: enc_aff_session_3458=ENC03c04f54d541a513d5d54b3974e86ec7fa172b79306273c3c6ca9d2c8109d8dd0aea5ce620e2867014d2f1e236d04de31796d49a66439db02ce304a59b089ec7bd023c1d64fbc93b96c939fb9efde29dbd89b3c2d20a70c0ad08c761a91718e2ec8083e379c890f2e38019ce50f277d945bcb0e30688add5b096b72162278eee79fe7ca72cf8f618a6bf80d56ed2ced0483549dccd578a10758e8e4d6e9feac3ab3e6535e93ba6891c079d5f5c55eb1ca3002268ecb9493ad3911e976448e5b71e2ff7595a94f6c4549b526944b5bd53229d0b359f1c1b72c0dd82a1f5128849f68556c231d1aba50b89706faa683775eb228ec942f732a7c217a53589107f6913215c1cc1; Path=/; Expires=Sun, 08 Dec 2024 13:13:38 GMT; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Sun, 02 Nov 2025 23:53:38 GMT; Secure
tracking_id: 10251de93fcf4cf898a603ee2f37c8
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rmdh7XlSaSVS1z0MNUQ4JXnTBB124MTYqVWu31mjuggxyk_sLau6bg==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (500), with no line terminators
Size:   500
Md5:    3b6972af48d4874410410e6dc737e4c8
Sha1:   a3ca1183f09a7b01df41a9dc196570a1616b2b9f
Sha256: 39ee5c426fe3bdecaf625acc5ec2294cfede9431fb62e1d83e0d1038255ba159
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4277
Cache-Control: max-age=162273
Date: Fri, 09 Dec 2022 13:13:39 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:18:12 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8DD16DB0C5D2553DE11C0D08A06FF5364125FFFCF0129B2523938777F0C36554"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19792
Expires: Fri, 09 Dec 2022 18:43:31 GMT
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive

                                        
                                            GET /landings/277388/1669909893/css/style.css?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: f5VAymymq0tqf4LnXLsR+O1NVNgx6eoakWETaDw6DexC/ZIPbdv9Jt52Ae3AqycM7Huyhy28lyA=
x-amz-request-id: HHR66K8H91R1X658
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "601cae70cc2392cc82bb0880a52c34b2"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 2525
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   2525
Md5:    3a9e218cc897678a6788880abf0160ff
Sha1:   203c09dfe805bf819b1892fdecdf6291e5252a15
Sha256: e75408a5801e512c02b9a15f11ebdb0ff9fd750aa2e59dadd89bd911b85156de
                                        
                                            GET /landings/277388/1669909893/css/reviews.css?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: KiGLe+/KGxY9Fm8u2NQ0rUkvbmtCrZmQrov0Du7AykxUjCCE7JA2Hrb73lRALUEArSG5c4pATRA=
x-amz-request-id: HHREQKHDEZM7CHC7
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "02fc738b862d5e88721cc902804c9b07"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 890
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   890
Md5:    466f426463119d3aace3b644141b966d
Sha1:   f33a2d1438c11e875eef7835560eb4e6b9f95174
Sha256: e9476ac8c7fcbbb31de32e4b81f29ddb7cb00e69e89fc0672126384d8e24b2fd
                                        
                                            GET /landings/277388/1669909893/css/popup.css?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: qDraqSCwnI5tz3ECL0cWvOmw87wqyk9dUKAeTCCv3Zc3VzCK5J3lJNCnoQ9Z8QLS/v1MW2RYRcI=
x-amz-request-id: HHR59KQMF638PZ6W
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "8a876cdb790f9d5309812f3655502d26"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 638
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   638
Md5:    022e4069739fdcff450b70f51d797042
Sha1:   77454d10095021822fe0c7dbcd0087d221cdd517
Sha256: 2c8feafab8ab925a45b46d96f13dd9c36b1d8eec4a04751db4a869701d212a47
                                        
                                            GET /landings/277388/1669909893/css/timer.css?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/css
                                        
x-amz-id-2: NfmU2tOo0YNHRe2zFAcr8PZ+rWiWgDmDGi4NTr+yw1460ZXi5G/M0kwcSKgt10DQ9KGn57BSBfY=
x-amz-request-id: HHR4S3X2NNG0ZYQE
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "4e1a14660a47095c0800554d16bc976d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 706
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text
Size:   706
Md5:    d17de96a078697a128af6d9710a97f97
Sha1:   caf9b62ce9227e30063485e62260c4cf11a08b1d
Sha256: 2b8e8317d4a773fcd62f862e5045bd4a0eef242b25fe7ac3ddbd355238842def
                                        
                                            GET /landings/277388/1669909893/js/jquery.validate.min.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: e5uvJ4HCxfAKSL9ipCqodHr7ZLfLcORi+m7s3TgI1OU/DaLHU7AjWdq10Ak++sVc1bNwUpIw8Rw=
x-amz-request-id: HHR0Z7R9KT3FG908
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "23d73c6bd6cbea8f06d0cc227896a827"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 7815
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (24228)
Size:   7815
Md5:    f808399407c6ac496fe830d5deacb05f
Sha1:   151039ee8631ce8ff989c5cf795c2feba950a499
Sha256: 21e11160c5ba11e65a1c97b0306a9f5dec06c8fd3d4a7d69dd0a80e263577958
                                        
                                            GET /landings/277388/1669909893/js/jquery-2.2.4.min.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: dpNKpxkLGveae5kYfhScKtKeZCBpaklwMaB/td4lrXfUS/ZhSe1iNxp7YQFFFpBymRP5Q+5MOg+9CYcimeo+MQ==
x-amz-request-id: HHR6YZHPZGSQDE44
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  ASCII text, with very long lines (32065)
Size:   29855
Md5:    2fa28552f1ee4e1382ee43930b53afb8
Sha1:   803670da6a35378bf4eb73acc8e72fe4feb5ca30
Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
                                        
                                            GET /landings/277388/1669909893/js/translates.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: NYSS9fS5R00nJFj1nVZYEry/FJn07EFNaV3qtaRs44jf5tC4P9PQcg/CorbSP+QRcMsN5qygW/8=
x-amz-request-id: HHR9ANPMQ0W1SMHX
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "6324d6d9c30698e2157f74377a990e7c"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 29254
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   29254
Md5:    5bd51fb068efaa9ec931be840659a801
Sha1:   751b54ed9c0b57d8a390962357ca91223b49a931
Sha256: e509ead61b32171bc167f5a6a19b7d6b227524c4d63b45d115cabd99f4de6b67
                                        
                                            GET /landings/277388/1669909893/js/title_tanslate.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: wxpI0X7PW0J4cC536DplOIc0p/JVL96cxWpbburATvCs7diSQy/ALnGaT4chF/bsUOUX+2L2ag8=
x-amz-request-id: HHR8J5TBX4QK307K
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "5f373fa5bf21c44b9ad23b70ef96e73d"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 1298
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1298
Md5:    0e212ad4454c941c45c2e57df42c2b4f
Sha1:   fe9d7c484c2c0d7a6475692ef984c53a06c95406
Sha256: e950a9e5e696f39d02028b27a4cd82fab1b6fd07fa34a238d3a3f7f5e90d95c3
                                        
                                            GET /landings/277388/1669909893/js/translates-review.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: 7vEMKYnTyBHgkxbzQKWwBHDkTzdAkTNB2SblIYnnHvrtSAoYQOBE6jXukEm0HKz5pPkYw6mr75g=
x-amz-request-id: HHR53V3981G9500T
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "1933dcd305e29148845fdd372197ee4a"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 14048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   14048
Md5:    9c292591c0532df07caa6a0a0c00065b
Sha1:   f998699809120f0c21d7333f4850822b4d84d2a5
Sha256: c46389b9213c4e1ce9789b380a319496fff7b7c04b15ab4235bd438cf99bdcbe
                                        
                                            GET /landings/277388/1669909893/js/timer.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: EGzvzkPfPRvoDCYd/9JEBlJ9dGm8axFvk8pVhADTbGooVZ5w5cI1R40BQHjZ1NmRt0dN3JdoQwA=
x-amz-request-id: HHREXHK1XHWZDT5W
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "3350ef7fbc19030e06999dbb12a2c9b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 903
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   903
Md5:    24af8e8209962d30b5e6bb428d28489c
Sha1:   a00033869880cf83bc81fde7874242d838b59e34
Sha256: 52fe1029652b5a0576cdae96e8278900eb7eee3f81a1ae66ea88129aa6f3f924
                                        
                                            GET /landings/277388/1669909893/js/translate-popup-timer.js?1669909893 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
x-amz-id-2: gqAupR9CJkWq0wEh3VCf5qabhdlv6VSgefPYX1uMT8dGCkLOT/P62Qqv99Ro7FpWC7iV2Sk1d9k=
x-amz-request-id: HHR38WG1E6N59FYA
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "e87a84612ebce6b2a84f41ef7f6d40b0"
Accept-Ranges: bytes
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Length: 1080
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   1080
Md5:    b8caed488bbb08c2414fb1c79c9c8d35
Sha1:   8bda431010a9d7666cd6c2c15f9a3b7f81634ed8
Sha256: d72877ab0432583bfed248050bf32ad260c7b06c4e20a714d07ee65e7948ee0c
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tDKZ3X//8yf4dJPtol5yxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         100.20.30.105
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UBrS6TJq5e/zcNp0x1+ch/6cSlU=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 09 Dec 2022 13:13:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /landings/277388/1669909893/images/1-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: HrBHmei8EalB7h779VkIQVyOroLL1ecYhDOxU24MjABz9D7trpA/7cxiuJWZjOntt3nMWBeOtbQ=
x-amz-request-id: AFKBW5KVENC7XM35
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "6e6d0b84c81d847e24671a711115a781"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4292
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   4292
Md5:    6e6d0b84c81d847e24671a711115a781
Sha1:   20dc2d359e437dc10ceefea4d3c7b5189c2e58d0
Sha256: 515974c9245ead07b3332ca22fa1581622118c75955941452140a602646aa553
                                        
                                            GET /landings/277388/1669909893/images/2-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: irtSpsHSYVOdvnxhq1K9deClnqKdxGOOvsDsWS3ZOdnM9Bjv4t0cETuSntU2WdW1mz/pkRVwkq8=
x-amz-request-id: SYBPZA5MKR27CDVY
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "66b6dc51bd19c799dcadf1dbeb628d9c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2009
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2009
Md5:    66b6dc51bd19c799dcadf1dbeb628d9c
Sha1:   ff7fe6049e944186764bfc5041d624ec11f8d362
Sha256: d3c1502509ae60909fe60c46cc58c41c1a9fe53ee7aeffb92d37a074ba8550f0
                                        
                                            GET /landings/277388/1669909893/images/password.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: 9btLNf6TtGpWvWnHq+dkVMGg7d84R3Dhs8m+oIwCwfH9wsrRfer1hvxSzBwJNX3FQB4zvbHgm5Q=
x-amz-request-id: AFKF3V2C4HR020X4
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "f42aef7f97d4c9bdb074673081f38ac7"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1339
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (330)
Size:   1339
Md5:    f42aef7f97d4c9bdb074673081f38ac7
Sha1:   0231df782e371d139c826e091279acd9a07e691c
Sha256: 5fca7f589cd825e1f152e0a1677d6cbd0a3ee3ecde05905d572af87e8b453eac
                                        
                                            GET /landings/277388/1669909893/images/3-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: h84qb7pVDdUKNLwmqvqzFzX4Fx2Q+vtsl/9/RKr7CClZpHgHK2Whyfm8CsiZ8XXPttbQhRj3Jd4=
x-amz-request-id: SYBK15818R8NY5PD
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "1dc512dcb0850f22cfa72c789578085c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3946
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x80, components 3\012- data
Size:   3946
Md5:    1dc512dcb0850f22cfa72c789578085c
Sha1:   933e9c5648e782c9f9a1504d2248f0acb4b9950b
Sha256: 7a27ad3bbf259cc02f80f496c19e6033d958362c1b5075c1957bb502f2666d00
                                        
                                            GET /landings/277388/1669909893/images/6-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: XFEqnW6koPROW6uIPHjAYCM05JRAEzLouWqsziLupkLPeibUJ9oVboQSPIE13IikB5bBZOdnrCfoDCr8YyE7bQ==
x-amz-request-id: SYBXQ9C03DY5NZJG
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "9a6870069cb979e16b239f9ed485fb3c"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 3256
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   3256
Md5:    9a6870069cb979e16b239f9ed485fb3c
Sha1:   c1dc7f3620c8cc391648c550f91b269b04d3c612
Sha256: 3e280ac6e0be5142f62957076a5c99e792eb61533e23f33b165aea4d522de818
                                        
                                            GET /landings/277388/1669909893/images/110010_3.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: A/wi+W4VJ0alokLfYYliaXmpKpEq861sqCtFpv4kdq+P5O0ljgRCKMhQMGy23waiIkUGwmkCeko=
x-amz-request-id: AFKAHNEBAFAHE16R
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "1cda15cc6238bfbf394087f9e4240c08"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 41178
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 682x388, components 3\012- data
Size:   41178
Md5:    1cda15cc6238bfbf394087f9e4240c08
Sha1:   d04d25fae912c5c660bfb855b0463e7cfffdc52e
Sha256: 2fccdea801925553b007bf3f67a8a59715589ab98796dbeebe84bb40a8a77ac4
                                        
                                            GET /landings/277388/1669909893/images/4-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: g6S2QikgYvuaNmWTGVBc0+CGCpk4yGnUVzOS+M+atwNZM2YNHHsDg6QBZsDqQ/3Cw+M4szOZJm8=
x-amz-request-id: SYBN7C72VENB4YQ3
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "cb3aff7c886e4f72a98172b873b5e62d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2586
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2586
Md5:    cb3aff7c886e4f72a98172b873b5e62d
Sha1:   33de244dcb4db4abe54b6508ae8d1546eb279aa5
Sha256: d22825c9a1ff2c18506f0c2c3abaf3bb77f8352ba7bd410d50d35f20adbab08e
                                        
                                            GET /landings/277388/1669909893/images/5-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: 12mw2SwDsmKOqIBeKUwfvmvim27No52WtdnrPCo1gEl6QQTgp3yPkl1JJh7oZialXK0i7AhqVMs=
x-amz-request-id: SYBS7GGJ9NQ2RWC6
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "27109a247208262e6293950ca8f5450d"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2879
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2879
Md5:    27109a247208262e6293950ca8f5450d
Sha1:   cea89616d15ad45a0f2b04082dff608abd96b800
Sha256: 86755df878f9f09c1b06deb1ac049db77b1931d3b0f650548fac960b3fedaa96
                                        
                                            GET /landings/277388/1669909893/images/blocked-icon.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: f0+Egeov+GWratnIYHZvg+8toI5JViJCgldKUeb21G5sQZwW8J6r9Umhzn+QLyV1/TtW/FXjZA8=
x-amz-request-id: SYBRVR1A50E9GY3S
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "87487ad255dde0624f59abb85602defc"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 502
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 23 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   502
Md5:    87487ad255dde0624f59abb85602defc
Sha1:   caafad17df41875bed690353ead6cc495a9bf8c2
Sha256: f7a4b3fb74b9e06f243f23ede51a801a0aa3fa2c0040bc44a49a97444780923d
                                        
                                            GET /landings/277388/1669909893/images/8-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: jqKDD+V3vcQp//2/C49FzPcNcgu1GVIF56x+ThljVM7axSunlJPMp4wn3pUiVL69UQf9PYMl1MY=
x-amz-request-id: SYBPX3DSTAAYVGTX
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "41bbda91cef3f22db1d45d66f7ca0961"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2458
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2458
Md5:    41bbda91cef3f22db1d45d66f7ca0961
Sha1:   e2f8f56674e0180063a4f8287931dc0b273baf8e
Sha256: d0f8fe31f17be4afd352a60628de61eef59ee08ac0ecddac9cfe4e4a504f4f0e
                                        
                                            GET /landings/277388/1669909893/images/7-eu.jpg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
x-amz-id-2: qJCLGoTWJYv0lb5TXiHCovGASXEZN8k4Cmo9i4TIfzVbSYaggw1XsH4pVUKFJR8vhGAwJTCsOZc=
x-amz-request-id: SYBT4FHT8XRXKGCG
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "8155d8ecc7dc2d9b29cf99ab85c3d2a8"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2282
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 80x80, components 3\012- data
Size:   2282
Md5:    8155d8ecc7dc2d9b29cf99ab85c3d2a8
Sha1:   ba784563c7787760b318af24ea274ad6df2c5b89
Sha256: 7e368b2c331e65b43d9e6977dde473b4ee4ed25f0253e0d086ca676438b97d27
                                        
                                            GET /landings/277388/1669909893/images/shield.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: qHWbXn3OmGKPG0bQ+DmI68Uns0ZsQhFdFFP8t6U10m4n3rhKLNNtfCRAK3l79y8ao2wkEIJKMJs=
x-amz-request-id: AFKB2K13V5P3SEBK
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "0c7a0dfd64cf020cd8a6dc0c3df1dbdf"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1539
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (310)
Size:   1539
Md5:    0c7a0dfd64cf020cd8a6dc0c3df1dbdf
Sha1:   f705635388aebebae1223d828c38233067f28ab1
Sha256: 856fdb53067254df9495660a355e5ed91936803b567867f1053ce5fb97107888
                                        
                                            GET /landings/277388/1669909893/images/icon-city.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: uVfEiaQzyJJ+v1XGTkuO3Mww9e2YAwUf/oEe8hPj7FSCFa4i//nBChQxt4NJBFcbU8ZweH1QEU8=
x-amz-request-id: AFK0F994N5Y3FH6F
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "5f5ead641bc30316f498592eec2016a1"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 839
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (735)
Size:   839
Md5:    5f5ead641bc30316f498592eec2016a1
Sha1:   3195aa33596ba190a6584ccb75124dd9d9c13261
Sha256: f028477ede528af987acd2bea73c8e462ea4cd6cf1137aae5085c85a82d93409
                                        
                                            GET /landings/277388/1669909893/images/unlock.svg HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
x-amz-id-2: oOWw+1BHDdf+zIzAgOJC2OySjJhu7rDTAFrZtqaIpTpAuyE8NUp6z5GfsQPNsnsK21T5NUGpPNQ=
x-amz-request-id: AFK8JMA3WSZ4BWTV
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "a732e1e06affb4575c050fdb0131e5ca"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 2378
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (944)
Size:   2378
Md5:    a732e1e06affb4575c050fdb0131e5ca
Sha1:   da4f4f204a4d22c7424274a91520e0ea993c48c7
Sha256: e17f481e5fe197e600ffe6cf53a94a4e49a73b6b817ff560cd92c3dd501d603f
                                        
                                            GET /landings/277388/1669909893/images/49.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277388/1669909893/css/style.css?1669909893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: fUANWLIiaZUa7V2/5D2zupC950SRVbJO2DVqJnR307wb3laEecMNU+spukeGyKxu6DvEPQhEjcE=
x-amz-request-id: SYBJHZTS8KBTEPYT
Last-Modified: Thu, 01 Dec 2022 15:51:35 GMT
ETag: "372e58a66b7d92e1dd903f32fb308d1e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4510
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 336 x 336, 8-bit/color RGB, non-interlaced\012- data
Size:   4510
Md5:    372e58a66b7d92e1dd903f32fb308d1e
Sha1:   40be5d7067b822dfed07e173acd11cfceaa9e329
Sha256: 82408edfa51c2d831b86658b6637a6950986c342195aa08fd1467ea1d71b9793
                                        
                                            GET /css2?family=Alfa+Slab+One&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 13:13:39 GMT
date: Fri, 09 Dec 2022 13:13:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /landings/277388/1669909893/images/action_icons_20px_2x.png HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/277388/1669909893/css/reviews.css?1669909893
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: uYq+TK/9UZmvCdsCVO88DSAlsmqXV3NnWt7ncX3Pk7iatskKTDilyukIqAm34s6v9bKxYZjR9Qs=
x-amz-request-id: SYBYNVG6CBDCSMW8
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "b699975b5fe73b087e711a33ff24ee1e"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 1726
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 40 x 360, 8-bit colormap, non-interlaced\012- data
Size:   1726
Md5:    b699975b5fe73b087e711a33ff24ee1e
Sha1:   0e33cc5c32a5e7d18440751e3946076664caaf53
Sha256: 4e06866c22bb275c6c4f01265e1f3e9f00fe9face9739f6531371d688a8e7a7e
                                        
                                            GET /landings/277388/1669909893/images/favicon.png?t=20221209131339 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
x-amz-id-2: 6wKzDkOpDtH0dyPvmGXjSgwTs95fQoXFKuj+E/OPLC7lWkCjjiuPDWvmc51Wq1mrXPnVydE+7bo=
x-amz-request-id: TS6255DBAZFJCYSK
Last-Modified: Thu, 01 Dec 2022 15:51:37 GMT
ETag: "40a54c3ecf143b64096b063ff793fdbb"
Accept-Ranges: bytes
Server: AmazonS3
Content-Length: 4093
Date: Fri, 09 Dec 2022 13:13:39 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   4093
Md5:    40a54c3ecf143b64096b063ff793fdbb
Sha1:   017eafffc5e55226a2aec0dd3c03f1b6130a6bab
Sha256: 39b439471019cb16f819e05166d23492593310fd55cce8471062d8f2dc5de423
                                        
                                            POST /ortb HTTP/1.1 
Host: jwbvdz.exceilentdate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 295
Origin: https://jwbvdz.exceilentdate.com
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/?s1=120749&s2=1506505&s3=44542&s5=backuser&click_id=10251de93fcf4cf898a603ee2f37c8&iexpp=1&j1=1&j5=1&j9=1&utm_source=1e3a4e532f1c7040&j8=1
Cookie: unique_id=639334770002a152; unique_id2=6393347700043842; 6393347700043842_c=1; ref_token=15596_120749; impression=; 6393347700043842_sl=[277388]
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 13:13:39 GMT
content-length: 13
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   13
Md5:    1031bf08481e45e42ceb3fd978c3d379
Sha1:   3d6d43df4c45f09f5d68593646fd83352323a5ea
Sha256: c99e0e70ba976626855bf7f83fc0e333b57833bcaf3dcfba16215a6e4fa3e208

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:13:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:13:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:13:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:13:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13336
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 13:13:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 32692
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5382e616-602f-4e00-bed7-d95c66a5000d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5245
x-amzn-requestid: 9770ebcd-fb1e-4b81-bb87-1e98ef024741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy-E8HugoAMFsKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911085-54eb7a48323113d52329abf5;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:15:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sVBYLtIioHYKROtAhiQ1BpQyuLqjBNlREaT22evfVPJ1fX1rzO-7WQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:39:52 GMT
age: 52428
etag: "27f558d5cdc150a50f080c054423500666b63d74"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5245
Md5:    43fdc85bfd574fa803f0bcdc216ef622
Sha1:   27f558d5cdc150a50f080c054423500666b63d74
Sha256: fafd2a81cddacdb4e5fd7c9963a784e6e56d06ac98f0bd4124fd74fa3ba015e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 34753
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6578
Md5:    8546542f00ea29ef4df6ab8d3c7c2164
Sha1:   5c8ffe91490006a9890188b53f875568c2b6bd8f
Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 32793
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7557
Md5:    5de5d319f43d9c9c641419d96655541f
Sha1:   cde4c7fa0145d3645af17e34c83c63c08f76a076
Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 72756
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 34314
etag: "7558222788f06623ddae6e883413e38e1146281e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7897
Md5:    8c3214044657f3b876d1f1848bca5684
Sha1:   7558222788f06623ddae6e883413e38e1146281e
Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
                                        
                                            GET /?utm_source=1e3a4e532f1c7040&s1=120749&s2=1506505&s3=44542&s5=44543_10282dbd32edba623b6ab6360f52bf&click_id=10251de93fcf4cf898a603ee2f37c8&j1=1&j5=1&j8=1&j9=1 HTTP/1.1 
Host: jwbvdz.exceilentdate.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         63.32.216.166
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
server: nginx
date: Fri, 09 Dec 2022 13:13:39 GMT
set-cookie: unique_id=639334770002a152; Path=/; Expires=Tue, 07 Feb 2023 13:13:39 GMT; Secure; SameSite=None unique_id2=6393347700043842; Path=/; Expires=Thu, 09 Mar 2023 13:13:39 GMT; Secure; SameSite=None 6393347700043842_c=1; Path=/; Expires=Thu, 09 Mar 2023 13:13:39 GMT; Secure; SameSite=None ref_token=15596_120749; Path=/; Expires=Sun, 08 Jan 2023 13:13:39 GMT; Secure; SameSite=None impression=; Path=/; Expires=Fri, 09 Dec 2022 13:13:39 GMT; Secure; SameSite=None 6393347700043842_sl=[277388]; Path=/; Expires=Fri, 23 Dec 2022 13:13:39 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landings/277388/1669909893/images/1.mp4 HTTP/1.1 
Host: cdn-dimi.akamaized.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://jwbvdz.exceilentdate.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         184.31.15.67
HTTP/1.1 206 Partial Content
Content-Type: video/mp4
                                        
x-amz-id-2: 0WvuBmPpUHDVw0mp2PNI1T3WXHAWZD4SRdirldqUybuyUw0AowRDt2rbjA711ZX8SmX40JqkAQ8=
x-amz-request-id: 3A7JRT320X13QA95
Last-Modified: Thu, 01 Dec 2022 15:51:36 GMT
ETag: "9da1ec568a44f92b56f3d1e3c10da6a4"
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 09 Dec 2022 13:13:39 GMT
Content-Range: bytes 0-2971964/2971965
Content-Length: 2971965
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"


--- Additional Info ---
                                        
                                            GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 13:13:39 GMT
date: Fri, 09 Dec 2022 13:13:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---