smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
54.144.195.192301 Moved Permanently 134 B URL HTTP/1.1 smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
IP 54.144.195.192:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
GET /go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663 HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Mon, 20 Mar 2023 00:14:50 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://smoothreward.com:443/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2857be6f18459c7a4a7f00f6cd6076f1
570609086d72a9be57cde7bfefd25663c1035fba
bd8abb8f420d1e31462fca1d6a7caadf1e2bba6fc7db05684b5811e00e84107f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD8ABB8F420D1E31462FCA1D6A7CAADF1E2BBA6FC7DB05684B5811E00E84107F"
Last-Modified: Fri, 17 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2642
Expires: Mon, 20 Mar 2023 00:58:52 GMT
Date: Mon, 20 Mar 2023 00:14:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6313
Expires: Mon, 20 Mar 2023 02:00:04 GMT
Date: Mon, 20 Mar 2023 00:14:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Mon, 20 Mar 2023 01:11:24 GMT
Date: Mon, 20 Mar 2023 00:14:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 19 Mar 2023 23:27:09 GMT
content-type: application/json
age: 2862
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8CHv7pEaHZ5f3mha196gKRsoUbn4daPF69rOJzZXW6SA95Pthk05Uo3R00RgtYfX+I5v/LASrh4=
x-amz-request-id: 0R740YDM0TYWMK4S
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 19 Mar 2023 23:52:33 GMT
age: 1338
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 1cf65fde5653c21883317c07541b26d9
b25af2e2572f62cbee46b8addcd41cc975e4c1b1
3c4b184e2720a1d9543c536b6133c590fa6d3c5441c9e7ff37be8a40686d2e78
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 00:14:51 GMT
Etag: "6415835e-1d7"
Server: ECAcc (dcb/7F2F)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uD7LZKYaSxWeH_cIriKH21xfrE0Rz4tQQAx0bux_TW8f9O_wLbCPrw==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Retry-After, Content-Type, Expires, Alert, Pragma, ETag, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 20 Mar 2023 00:14:32 GMT
age: 19
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
54.144.195.192200 OK 17 kB URL HTTP/2 smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
IP 54.144.195.192:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2499)
Hash 276ef3769d079525115b10f34b5a214a
721d9bbf8614854a88a845cbd2b7e7b7e9e89c63
4488bc8027f20bb3f42cb74fb03a7ca8b7bc9e7c904d6077ef5421c0b68d7f2b
Analyzer Verdict Alert fortinet Phishing
GET /go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663 HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: text/html; charset=UTF-8
content-length: 16814
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3722
Expires: Mon, 20 Mar 2023 01:16:53 GMT
Date: Mon, 20 Mar 2023 00:14:51 GMT
Connection: keep-alive
ads.pro-market.net/ads/scripts/site-141028.js
23.36.76.115200 OK 1.1 kB URL HTTP/1.1 ads.pro-market.net/ads/scripts/site-141028.js
IP 23.36.76.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (514), with CRLF line terminators
Hash 540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9
GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1101
Cache-Control: max-age=86400
Date: Mon, 20 Mar 2023 00:14:51 GMT
Connection: keep-alive
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
104.17.25.14200 OK 6.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.3/umd/popper.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (19063)
Hash c679fc5b9888418ef9f3e7926440af62
8139d70efdd87422f5178a5e94dc118835359d7b
1a86b9e51ba3f00d80d15a4ccb3994a57a19d14a1d5f82f8bcd2cd3f24182560
GET /ajax/libs/popper.js/1.12.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 6174
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4b24"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5167698
expires: Sat, 09 Mar 2024 00:14:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5aogKFX6uSJETuCeQTgJXEZbsvTVC5ZRD%2FsDP5OehO3nCDdji17TWAUpzjjSvHCpoOO6C0d4dOvg71N2OWQrhoPqrCRgkgNQxCm9z3sFX3yOS8WnJ1hXjrKaGwlzGeVKnA6H6OQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aa9c1e6a961b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
smoothreward.com/css/loading_icon_1.css
54.144.195.192302 Found 0 B URL HTTP/2 smoothreward.com/css/loading_icon_1.css
IP 54.144.195.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/loading_icon_1.css HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=smoothreward.com
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
smoothreward.com/assets/js/pop_window.js
54.144.195.192200 OK 752 B URL HTTP/2 smoothreward.com/assets/js/pop_window.js
IP 54.144.195.192:0
Hash cc82d44651dcf889c4e1f023547fd369
a088f669982d55599b374bb8e6d16e421e058b85
d379aee72fde87b2492c62e193e2f7744106b6ffb45dff0ef1b2c6f71db8f43e
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/pop_window.js HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript
content-length: 752
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "1085-5c80ac33e7600-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
smoothreward.com/assets/js/plugins/email.verify.1.1.js
54.144.195.192200 OK 1.5 kB URL HTTP/2 smoothreward.com/assets/js/plugins/email.verify.1.1.js
IP 54.144.195.192:0
File type assembler source, ASCII text, with very long lines (947)
Hash 3b6641f0dcf9827d3493d9deec174f45
5b3661d8b11e1ad71cc50d37c7906a75813640f8
a4260beb78cfaa7bd9b02e04bad1779b74aae3f4e1b7b40cdb304d8056245164
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/plugins/email.verify.1.1.js HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript
content-length: 1470
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:14 GMT
etag: "14c2-5c80ac33e27e0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
smoothreward.com/assets/js/jquery.email-autocomplete.min.js
54.144.195.192200 OK 1.3 kB URL HTTP/2 smoothreward.com/assets/js/jquery.email-autocomplete.min.js
IP 54.144.195.192:0
File type ASCII text, with very long lines (2986)
Hash 798676a5ff3d21a8bc176f70d2c5bd76
d24542ec54da8193b27a88270eee8786ded40cd6
3749352310004b2e3e2a12e34c80e0a3a4cfefb2bf54a075396376e2708eb92d
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/jquery.email-autocomplete.min.js HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript
content-length: 1279
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:10 GMT
etag: "c5e-5c80ac301ea00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
smoothreward.com/assets/js/templ_standard_js.min.js
54.144.195.192200 OK 981 B URL HTTP/2 smoothreward.com/assets/js/templ_standard_js.min.js
IP 54.144.195.192:0
File type ASCII text, with very long lines (937)
Hash 589a59a46c420bfc8d8321e483d7c6ff
026c4794525ef59b3c0093d894554a8de8b40dd9
1ffd2d86a03350e50ba7d890df8f17d0c92c936c4674a2abde84b902cc5c74aa
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/templ_standard_js.min.js HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript
content-length: 981
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 11 Nov 2021 17:25:09 GMT
etag: "987-5d0869fd7fe28-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
smoothreward.com/assets/img/footer_satisfaction.png
54.144.195.192200 OK 6.7 kB URL HTTP/2 smoothreward.com/assets/img/footer_satisfaction.png
IP 54.144.195.192:0
File type PNG image data, 95 x 95, 8-bit colormap, non-interlaced\012- data
Hash 34e8e980148b64284092e4198408c752
e7a54183d915fc8790a91f3c27f1c868e1f21156
9e79cb2435516522ff45c5285b6b57f21ac9fbba158ca92d98b20d39db6b0503
GET /assets/img/footer_satisfaction.png HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: image/png
content-length: 6736
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 20 Oct 2017 13:05:36 GMT
etag: "1a50-55bfa20ee6800"
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Mar 2023 16:33:16 GMT
expires: Thu, 14 Mar 2024 16:33:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 373295
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Playball
172.217.21.170200 OK 863 B URL HTTP/2 fonts.googleapis.com/css?family=Playball
IP 172.217.21.170:0
Hash 7cab54684f4ce5f42cb210d197d29d0d
ed8968d4d23d2e1e56ab7f93474c6679f6a0a840
c7c2a2526e063ba7a108182015467306c6ef182e954a596c7a8265f18f374abb
GET /css?family=Playball HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Mar 2023 00:14:51 GMT
date: Mon, 20 Mar 2023 00:14:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7b9696c5a484fe48a260ec0ac6f4c2dc
5fa72a6aae12370de4d88d0aa205f293e5a85c5b
578156cb0f02ebb0d6472976aa7186f70b49dfad8623edd5595b740ff1559d2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.165.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.165.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A+s08Gyy8ACsrITXG5rM7A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bl/sLdZQRzRBDcw8EUk/m9+y/Zw=
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash c306098c5fbc15bdfdd0684cb2830e19
e70bcbea20b231eb52c8b84aa49f1dace823ef11
852ae769b18e84b49566f6814defa5a6ef25bf71b6c5e4973471e23981b7b743
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 00:14:52 GMT
Last-Modified: Sun, 19 Mar 2023 23:09:56 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oXTWvOgpx0wUBftgjJuzjQyio4I3MpvxjlD-hoJVIjyAeOvTZNtYdQ==
Age: 3896
amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=smoothreward.com
54.144.195.192302 Found 0 B URL HTTP/2 amclicks.com/clk.php?c=7749&p=504&s1=lead_root&s2=smoothreward.com
IP 54.144.195.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clk.php?c=7749&p=504&s1=lead_root&s2=smoothreward.com HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://smoothreward.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 20 Mar 2023 00:14:52 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://amclicks.com/x/7749/504/0/lead_root/smoothreward.com/0/0/0/0/
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
amclicks.com/x/7749/504/0/lead_root/smoothreward.com/0/0/0/0/
54.144.195.192200 OK 170 B URL HTTP/2 amclicks.com/x/7749/504/0/lead_root/smoothreward.com/0/0/0/0/
IP 54.144.195.192:0
File type HTML document, ASCII text, with no line terminators
Hash bdbc97c0614325385efffd73e6b39977
019c1c4be201aa2208491dc47d17b23094629063
ca9bebefc550ee8a3f900982c08d2763f8cc8f33065fe0e48daf2bac58ff5109
GET /x/7749/504/0/lead_root/smoothreward.com/0/0/0/0/ HTTP/1.1
Host: amclicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://smoothreward.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:52 GMT
content-type: text/html; charset=UTF-8
content-length: 170
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: ci_session=r220mhvohd2mnil2ibq7dlblm7g3k1sd; expires=Mon, 20-Mar-2023 02:14:52 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Mon, 20-Mar-2023 01:14:52 GMT; Max-Age=3600
referrer=https%3A%2F%2Fsmoothreward.com%2F; expires=Mon, 20-Mar-2023 01:14:52 GMT; Max-Age=3600
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash ed297f9bce4b93eb353348fd9005c0d6
c35cc2c297a5952cb6a7e5e1e4641ecc167a0510
569c22c3aca3503ff3b3c9a97c9b1023238cfd01bb18d075d3a6eb06b2e80aab
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Mar 2023 00:14:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 18 Mar 2023 22:10:20 GMT
Expires: Sat, 25 Mar 2023 22:10:19 GMT
Etag: "c35cc2c297a5952cb6a7e5e1e4641ecc167a0510"
Cache-Control: max-age=604111,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 624
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aa9c1ebbe1f0afe-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30352, version 1.0\012- data
Hash c6b6f4a49d859d86ea48e3e6d70acf49
78b8a69771e9b7e3b9a399d9a215a85d6369509d
2bdb2c285cdd30b68da0947a4b540c200d29107ca0bad1c223397f2149f449fd
GET /s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Mar 2023 17:59:32 GMT
expires: Fri, 15 Mar 2024 17:59:32 GMT
cache-control: public, max-age=31536000
age: 281720
last-modified: Wed, 27 Apr 2022 16:06:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
smoothreward.com/assets/img/campaign/798_bg.jpg
54.144.195.192200 OK 1.3 kB URL HTTP/2 smoothreward.com/assets/img/campaign/798_bg.jpg
IP 54.144.195.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 30x900, components 3\012- data
Hash 67e4181618f05955da81f7db47cee267
d6a013c7458f772428f65cf9274af747e03444dd
6215ad798b397e026dcdfc0f4a93db041e0c25a33ff94f4948c878ec44ee838c
GET /assets/img/campaign/798_bg.jpg HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:52 GMT
content-type: image/jpeg
content-length: 1305
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:29:33 GMT
etag: "519-5d7afcede2578"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 55ad4123e19b3babc18ece16b13ff042
97d003194e3a29a4f64596b981b5a4a730e263c9
3dc00b98beb78092083878847d238f0784a7e720f82e524bde4fa115cbf34078
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
smoothreward.com/assets/img/campaign/798_welcome.jpg
54.144.195.192200 OK 71 kB URL HTTP/2 smoothreward.com/assets/img/campaign/798_welcome.jpg
IP 54.144.195.192:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x551, components 3\012- data
Hash cf701927b9338448dce122f6bd1de434
3132f47bbf8ac59a02f0f95eb9a3d1192e34a338
a2b7d3dec725db6889730486f2c909e438ce9d9e933d13377105d10e72e6b5b3
GET /assets/img/campaign/798_welcome.jpg HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:52 GMT
content-type: image/jpeg
content-length: 71318
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:29:33 GMT
etag: "11696-5d7afcee5f578"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 109a25164afa1860486d1810ce1b1f22
9701586d73d50766ed0177ede20f0c67382c3d91
33fb52c318491fca78b21d127886a5eaf29f373a0d10ea933bbab3cf2af01b42
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116052
Date: Mon, 20 Mar 2023 00:14:52 GMT
Etag: "6416b5f6-1d7"
Expires: Tue, 21 Mar 2023 08:29:04 GMT
Last-Modified: Sun, 19 Mar 2023 07:12:54 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ddDvomuFNYpGzg0AiUkyP4wR6MHwGCrAuU6xsEsW9AEtIEIPiAkNFg==
Age: 4570
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false
54.209.198.209301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false
IP 54.209.198.209:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Mon, 20 Mar 2023 00:14:53 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 2e768091224fbbed88b23a73c895cbc1
2491527d2be4d23d1644de65c936f76446dd6177
bb63ace0f44be72f799650f627f9d97b6e20893835fecd14389d68a403556c6e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162620
Date: Mon, 20 Mar 2023 00:14:53 GMT
Etag: "64176717-1d7"
Expires: Tue, 21 Mar 2023 21:25:13 GMT
Last-Modified: Sun, 19 Mar 2023 19:48:39 GMT
Server: ECAcc (nya/1C5E)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Rp1_o7ankYj8Gc263fVB7rEnJgSrTUoz5DjYC-lcuOhFxQYQI_ZHqA==
Age: 5794
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 578f019641747e6ed56988ab476ba2d0
3355ea1575c835c5632c6f536ab857da501c6dba
80f0926c2b9c385fb48883294ba62b3b47f07e1af02777291eeb56688979ade5
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 00:14:53 GMT
Last-Modified: Sun, 19 Mar 2023 23:01:28 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iNYSFaGJv3LVlL8y2OapQh2FTjh91CVZKUecq_qY74PbAZm6bjkFWg==
Age: 4405
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3027
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Mon, 20 Mar 2023 00:14:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3027
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Mon, 20 Mar 2023 00:14:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3027
Expires: Mon, 20 Mar 2023 01:05:20 GMT
Date: Mon, 20 Mar 2023 00:14:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f5a12c7beb240250d70bf6049cdd80f
7d44ba70f3e2ed0efeb22312550a49f2eb3d8857
077bb80f575533f541b809cc99fab53278c161be6077cceef77d6fd649f274e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38bb12d7-f954-4d00-8df4-529b55100544.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6608
x-amzn-requestid: c996ce16-31c3-4019-8b10-c10e6bcfd1b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFZyGKrIAMF-dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641782a4-1f5079bd367eee3967348203;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:46:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: omN7GTv6uStX0wpgVajZZHuQj88ssOT9kRpNpZAFafkDhM8hyCqRcA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:10:18 GMT
age: 7475
etag: "7d44ba70f3e2ed0efeb22312550a49f2eb3d8857"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec950311-4d8e-4168-aaf2-bb3ec1701f40.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec950311-4d8e-4168-aaf2-bb3ec1701f40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 384832933b06f9caf6c2a78c60dd9b36
f23894adaad55d264d8dd12cba30779b204a9c6f
b849d2d24fb5013ec4fe4dfa3431eb7ddf739a02dfbf030a02c82faf1bf33873
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec950311-4d8e-4168-aaf2-bb3ec1701f40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10600
x-amzn-requestid: 2b110ce0-9298-41c8-b33f-25498982aa3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDED_EgJIAMF7Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417807f-0b09e5af57af784d7f396dce;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: F2EDdVgAo42ExUX3RnB29BcuK02K2YCXGBq6BUF_HnaQApld_-hR1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 21:37:21 GMT
age: 9452
etag: "f23894adaad55d264d8dd12cba30779b204a9c6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aa7e338-78f3-4b23-ba48-fdcaa290e5d2.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aa7e338-78f3-4b23-ba48-fdcaa290e5d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 84cdc7c4fbca72df6fb4a3672f284b85
6e0f64e9760db6a0270492f79fc93de244708c90
15c7975ad724ff226415225d46a9838ea40bca9fc8d5709bc3097bc8ded2c271
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aa7e338-78f3-4b23-ba48-fdcaa290e5d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7141
x-amzn-requestid: 3b661da1-49ae-4c2b-a971-6c690578674b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDEFrHpOIAMFsFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417808a-70f2ffed0fe3d85f5d75a19d;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kqVbodW0-hjY9VXiEqhgrHmR7TlkOe4iyrnxRweqjwY1Qf9JqMvo8g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:22:33 GMT
age: 6740
etag: "6e0f64e9760db6a0270492f79fc93de244708c90"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b9c000-8304-4b46-b5c2-572e5a9ac294.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b9c000-8304-4b46-b5c2-572e5a9ac294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b8d564e57c415adf4736684c271dab1
cee94b98882ac041c7863d9f4c7ac8f216288759
803908f441ff44a4925c5ac411399ac61365160880cda2ef10962584103189dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11b9c000-8304-4b46-b5c2-572e5a9ac294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7627
x-amzn-requestid: 747a6f33-8cb6-42e5-9b2d-b1d9712131f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDneEqVoAMFaVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177fc9-7ee25a494fdc9d3902fa1dd0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:34:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oAriFKiFexpvefiqshsNWiAiw6ahPOQmCqFxC2bFxGW5oyof7zH3Yw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:05:41 GMT
age: 7752
etag: "cee94b98882ac041c7863d9f4c7ac8f216288759"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dd89721d1aeaf671e76434c7d8a4ad7
a3dedec80d68e8f0326548d03b0e594ffc87ecd1
ff593609540ed01673c58483ce57a40cc712000d32427ccf2486fd0035728448
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7cd6847f-4682-4476-ab1c-3a96a63feea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6839
x-amzn-requestid: c478a5c6-cb9b-4324-be41-b79c32f99570
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDU6GKyoAMF6uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f52-180dc15d2627e08d3182a761;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DSmKBceJ2qg1APkPHqdky68b35cxstD-4bvUpzS55J--1FjVZ0AbKg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 22:22:00 GMT
age: 6773
etag: "a3dedec80d68e8f0326548d03b0e594ffc87ecd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bka10YWXvoKBRkwgvJNMzm1SSv_J1USzdugO9lPduHxe2uYFYkXh4w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Sun, 19 Mar 2023 04:25:44 GMT
age: 71349
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 20 Mar 2023 00:12:29 GMT
expires: Mon, 20 Mar 2023 02:12:29 GMT
cache-control: public, max-age=7200
age: 144
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
54.230.245.38200 OK 1.4 kB URL HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 54.230.245.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1
GET /iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 14 Feb 2023 20:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sun, 19 Mar 2023 23:26:14 GMT
ETag: W/"63ebe88f-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 0NtUn1bldMBzOqkONj9038mTbb3R8oWVBqrLlx-AXeRnO0irgxfYxg==
Age: 3092
smoothreward.com/assets/img/campaign/798_icon.png
54.144.195.192200 OK 28 kB URL HTTP/2 smoothreward.com/assets/img/campaign/798_icon.png
IP 54.144.195.192:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 71db29ebc3d2f6c30844ecff3f07db06
e295e0b4d3aa0ba15a471d888a1fa74fd29e7f5b
63932a0501a93b83a5d53b07673b1de700bf6f2df9ffe8fefae4bab14637769a
GET /assets/img/campaign/798_icon.png HTTP/1.1
Host: smoothreward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/go/to/f388f2/key/3aed0a157642b8da8a4bf8e1b49edf2d/aid/16944/s1/4700663
Cookie: ci_session=u8b93gk2jdsv77nj90krmklb8ufd668e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:53 GMT
content-type: image/png
content-length: 28045
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:29:33 GMT
etag: "6d8d-5d7afcee01d60"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f1619e65eeac4c79d93deb418bb1b740
b1c592a47ab71569364b05c87362caef4dea7c67
7c83a70b21133bb49f5e0f8e9abd1fecb1a814b754d6d26e598e7e4589564c04
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
create.leadid.com/2.11.9/SaveDom?msn=2&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781542
52.6.30.198200 OK 24 B URL HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781542
IP 52.6.30.198:0
Hash 7751bc2473122c778009f3a8ff3f991f
5180b100e1b7ffa7a2d03bd7ad25002ec6032862
60f5b22a55f8dfde4ae3b0e150862de962d18ba7250baee5c13dfb92aba207c3
POST /2.11.9/SaveDom?msn=2&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781542 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:53 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rguserid=d4649354-bdbf-4a5e-917c-fc208385211f; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1033155314.1679271293&jid=46394181&gjid=1864573783&_gid=763217284.1679271293&_u=IEBAAEAAAAAAACAAI~&z=144940254
108.177.14.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1033155314.1679271293&jid=46394181&gjid=1864573783&_gid=763217284.1679271293&_u=IEBAAEAAAAAAACAAI~&z=144940254
IP 108.177.14.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=1033155314.1679271293&jid=46394181&gjid=1864573783&_gid=763217284.1679271293&_u=IEBAAEAAAAAAACAAI~&z=144940254 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://smoothreward.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Mar 2023 00:14:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash db7e8ec26e256ce82b87b425e11e4e1f
e0ca54ac030f772c42323f6fad1243c00383397e
716ef6673a685c7358b75c8c971887495e37b4a93aabab832bb8856c5911de13
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 20 Mar 2023 00:14:53 GMT
Last-Modified: Sun, 19 Mar 2023 23:53:49 GMT
Server: ECAcc (nya/78BE)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KKH27t8Ep6BWuX4Fed132ke4f4BeBtcBAgxy8o5292LeE7hpW6LsDA==
Age: 1265
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2e64fc6f9ae4228dd2fc48d61e1d8841
ae781abd01bae215d2ccc65fe308aaa4e3df6706
f8f424b8de4cb7cea5608432bbad1786f02cbc7e3c111f5d395288065f134fa0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 20 Mar 2023 00:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
deviceid.trueleadid.com/iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
35.169.79.47200 OK 2.2 kB URL HTTP/2 deviceid.trueleadid.com/iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 35.169.79.47:0
Hash b9715293d165aec8ef8b2e950599e96b
b0ff0871e6e48ec80df8150aec44a79b7660deb9
66aca9d75b171b49679c68b4c9b148c93e50b8a11873e2d1cfdfe8c3f7920369
GET /iframe.html?token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:53 GMT
content-type: text/html
server: nginx
last-modified: Wed, 08 Mar 2023 19:45:51 GMT
etag: W/"6408e5ef-1049"
expires: Tue, 21 Mar 2023 00:14:53 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/c84e7ef84360fdd3560134f7b92384bb0df71aa9/fingerprints
54.209.198.209204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/c84e7ef84360fdd3560134f7b92384bb0df71aa9/fingerprints
IP 54.209.198.209:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/c84e7ef84360fdd3560134f7b92384bb0df71aa9/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 219
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 20 Mar 2023 00:14:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.38.js
54.230.111.91200 OK 38 kB URL HTTP/2 cdn.trustedform.com/trustedform-1.8.38.js
IP 54.230.111.91:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c840839357b6e3ca873148e101971abb
71f06777a887e8c65a86f72b3fc59e8a1dbc3cf6
0b9c20129840bafdb61418028977123560fd766d23367dcf211ac48ce4bae1fe
GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Mon, 20 Mar 2023 00:14:55 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6-r6IUOG7gSQ-H4dC6gK1kUMEKr70EqLand7in2kq2mLlNekbr7YIg==
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/bootstrap-combined.no-icons.min.css
104.18.11.207200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/twitter-bootstrap/2.3.2/css/bootstrap-combined.no-icons.min.css
IP 104.18.11.207:0
GET /twitter-bootstrap/2.3.2/css/bootstrap-combined.no-icons.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:05:01 GMT
cdn-cachedat: 08/03/2021 13:26:07
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: b6ea5ef779bb3c6d58c6f87bad8a05ce
cdn-cache: HIT
cf-cache-status: HIT
age: 24717405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa9c1e68b02b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781543
52.6.30.198200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781543
IP 52.6.30.198:0
POST /2.11.9/InitFormData?msn=3&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781543 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1238
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:53 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rguserid=087ba42d-b03e-4618-8224-7616514f2936; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 00:14:53 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/3.2.1/css/font-awesome.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
cdn-cachedat: 08/03/2021 16:46:11
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 0a8c57b841d86b22613591e267b8dfd1
cdn-cache: HIT
cf-cache-status: HIT
age: 24717613
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa9c1e68affb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome-ie7.min.css
104.18.11.207200 OK 0 B URL HTTP/2 netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome-ie7.min.css
IP 104.18.11.207:0
GET /font-awesome/3.2.1/css/font-awesome-ie7.min.css HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4efc20143a3957f447ceeaa53695ceb6"
last-modified: Mon, 25 Jan 2021 22:04:51 GMT
cdn-cachedat: 01/13/2023 02:30:37
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 05635be0def1161d8a441b8721c5c921
cdn-cache: HIT
cf-cache-status: HIT
age: 3762912
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa9c1e68b03b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/4.0.0-beta.2/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:03 GMT
cdn-cachedat: 2021-04-23 06:28:09
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9ac53c2137aaf1cc3a74aff1812514f
cdn-cache: HIT
cf-cache-status: HIT
age: 27381558
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aa9c1e6ab19b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
104.22.39.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 104.22.39.182:0
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:52 GMT
content-type: text/javascript
x-amz-id-2: O16CHRgGP5PihEF6nbQMyzYUo2yjcYHKCJoHpgMRz3egG7UQr8Elj3zIBIXEWymzIsVgADWWYog=
x-amz-request-id: 22Q20MNJ14S59VZ5
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 70
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aa9c1ebc844992d-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=tufgaham52qd;kw=wqj2%20%20zqol%20cbz4;rnd=(1679271292610)
107.178.240.89200 OK 0 B URL HTTP/2 pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=tufgaham52qd;kw=wqj2%20%20zqol%20cbz4;rnd=(1679271292610)
IP 107.178.240.89:0
GET /engine?site=141028;size=1x1;e=0;dt=0;category=tufgaham52qd;kw=wqj2%20%20zqol%20cbz4;rnd=(1679271292610) HTTP/1.1
Host: pbid.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://smoothreward.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+4=21x+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s0=(26)+s2=(rrsm0s)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 20 Mar 2023 00:14:52 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false
54.230.111.91200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false
IP 54.230.111.91:0
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16792712926160.6601954702002761&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://smoothreward.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 20 Mar 2023 00:14:54 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vJWe0yKuJ1ExIX4I22aZ6LX-aq4ubJtsbSn8CIEb7FnJIC39qs7Fkg==
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781545
52.6.30.198200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781545
IP 52.6.30.198:0
POST /2.11.9/InitFormData?msn=5&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781545 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1062
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:54 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rguserid=5296bac3-93b8-4a7e-9383-1f666ec24ea7; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=4&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781544
52.6.30.198200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/Snap?msn=4&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781544
IP 52.6.30.198:0
POST /2.11.9/Snap?msn=4&pid=4b637f21-2e1a-463c-b915-0cc115a4b86f&token=914636D8-8C10-0340-8BD3-C0A0EA2F70B5&_=636781544 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 101437
Origin: https://smoothreward.com
Connection: keep-alive
Referer: https://smoothreward.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 20 Mar 2023 00:14:54 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rguserid=9433bb21-d721-46dc-8c18-b18734863dad; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Wed, 19-Apr-2023 00:14:54 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2