urlquery - report: deoseasr.org/acc/news/1462943932-DEO(SE)-Amritsar-Urgent%20Non%20teaching%20Information%20regarding%20Posts%20Reminder-3.docx

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2020-05-02 20:58:10 UTC	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	2020-06-04 20:08:41 UTC	2022-11-27 05:29:56 UTC	34.102.187.140
www.gstatic.com (2)	0	2016-07-26 09:37:06 UTC	2022-11-27 17:16:41 UTC	142.250.74.163	Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (7)	1631	2018-06-21 23:36:00 UTC	2020-02-19 04:43:25 UTC	34.120.237.76
fonts.googleapis.com (1)	8877	2013-06-10 20:14:26 UTC	2022-11-27 23:51:05 UTC	142.250.74.10
www.googletagmanager.com (1)	75	2013-05-22 02:07:37 UTC	2022-11-27 17:49:59 UTC	142.250.74.168
static.trafficjunky.com (1)	13961	2015-03-25 11:36:27 UTC	2020-05-04 07:52:25 UTC	205.185.208.79
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-11-27 05:29:57 UTC	34.117.237.239
linksecurecd.com (2)	175553	2022-02-09 01:56:35 UTC	2022-11-27 13:43:07 UTC	34.243.67.42
tsyndicate.com (1)	13042	2017-03-16 09:04:54 UTC	2022-11-27 18:23:54 UTC	148.251.120.78
stats.g.doubleclick.net (1)	96	2013-06-10 20:21:11 UTC	2022-11-27 19:15:13 UTC	142.251.1.155
statisticresearch.com (1)	584767	2019-05-28 07:17:54 UTC	2022-11-28 01:12:10 UTC	52.204.249.38
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2020-05-03 10:09:39 UTC	54.187.71.185
ocsp.pki.goog (9)	175	2018-07-01 06:43:07 UTC	2020-05-02 20:58:16 UTC	142.250.74.35
cdn.smrt-assets.com (7)	0	No data	No data	23.36.76.144	Unknown ranking
cdn.smrt-content.com (1)	99856	No data	No data	23.36.76.194
www.google-analytics.com (2)	40	2012-10-03 01:04:21 UTC	2022-11-27 15:24:12 UTC	142.250.74.174
region1.google-analytics.com (1)	0	2022-03-17 11:26:33 UTC	2022-11-27 10:13:18 UTC	216.239.32.36	Domain (google-analytics.com) ranked at: 8401
r3.o.lencr.org (9)	344	No data	No data	23.36.77.32
deoseasr.org (2)	0	2015-04-27 04:26:49 UTC	2022-11-27 06:47:14 UTC	67.227.226.240	Unknown ranking
ocsp.sca1b.amazontrust.com (4)	1015	2017-03-03 15:20:51 UTC	2019-03-27 04:05:54 UTC	143.204.42.88
gaut-hil.com (3)	342928	2020-07-09 20:17:47 UTC	2022-11-28 00:09:15 UTC	3.208.247.235
guard.cdtbox.rocks (1)	240008	2020-08-11 05:30:44 UTC	2022-11-27 18:32:03 UTC	54.164.22.60

Scan Date	Severity	Indicator	Comment
2022-11-28	2	linksecurecd.com/service-worker.js	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-04 04:31:59 +0000	0 - 2 - 0	bestgfx.biz/user/kikso	67.227.226.240
2023-02-02 15:19:46 +0000	0 - 2 - 0	hotpornteen.com/	67.227.226.240
2023-02-02 10:26:40 +0000	0 - 0 - 1	www.bigdoqq.com/	67.227.226.240
2023-02-02 05:50:12 +0000	0 - 4 - 0	bestgfx.biz/sitemap/398.html	67.227.226.240
2023-02-02 04:48:00 +0000	0 - 2 - 8	kadyotube.com/lib/thumb/?src=kadyotube.com/th (...)	67.227.226.240

Date	UQ / IDS / BL	URL	IP
2023-02-05 14:12:56 +0000	0 - 0 - 33	maria.susypro.com/	50.28.1.43
2023-02-05 13:46:35 +0000	0 - 0 - 1	gamesrotator.com/	72.52.179.174
2023-02-05 12:24:03 +0000	0 - 0 - 17	russellbedford.com.kw/SUNCOAST%20CU/suncoastc (...)	209.59.140.242
2023-02-05 07:23:35 +0000	0 - 1 - 0	dl.imobie.com/droidkit-en-official-setup.exe	67.225.249.166
2023-02-05 07:23:26 +0000	0 - 1 - 0	dl.imobie.com/anyfix-ios-system-recovery-en-s (...)	67.225.249.166

Date	UQ / IDS / BL	URL	IP
2023-01-22 01:10:05 +0000	0 - 0 - 1	deoseasr.org/dau/news/news/news/news/news/147 (...)	67.227.226.240
2023-01-14 00:44:31 +0000	0 - 0 - 1	deoseasr.org/dau/acc0unt/acc0unt/news/news/14 (...)	67.227.226.240
2023-01-06 04:58:08 +0000	0 - 1 - 0	deoseasr.org/dau/news/news/1477041238-DEO(SE) (...)	67.227.226.240
2023-01-06 04:44:51 +0000	0 - 0 - 3	deoseasr.org/acc/acc0unt/acc0unt/news/1487779 (...)	67.227.226.240
2023-01-06 01:14:26 +0000	0 - 2 - 16	deoseasr.org/dau/acc0unt/acc0unt/news/news/14 (...)	67.227.226.240

Date	UQ / IDS / BL	URL	IP
2023-02-05 07:35:52 +0000	0 - 0 - 2	kqmronhh.cn.wy5532.com/	37.48.65.155
2023-02-04 16:39:17 +0000	0 - 0 - 1	webtrickbd.com/euynss	165.227.109.64
2023-02-03 09:26:04 +0000	0 - 0 - 2	t63lf.hp1001.com/show/8_0584.html	72.52.179.174
2023-02-03 01:58:59 +0000	0 - 1 - 3	ikbg97fpm23j3o.pics/	162.255.119.21
2023-02-02 10:26:40 +0000	0 - 0 - 1	www.bigdoqq.com/	67.227.226.240

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4043 Expires: Mon, 28 Nov 2022 02:19:31 GMT Date: Mon, 28 Nov 2022 01:12:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2164 Cache-Control: max-age=122109 Date: Mon, 28 Nov 2022 01:12:08 GMT Etag: "63833c71-1d7" Expires: Tue, 29 Nov 2022 11:07:17 GMT Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 64b2a23eab6e5ae8c010ec7242be930c Sha1: 0673e4385ba01a5a245711bab96cafc34f765793 Sha256: 64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 28 Nov 2022 00:19:27 GMT cache-control: public,max-age=3600 age: 3161 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 4d7e4eed097b9c4e5d509419f1cfc85a Sha1: 290bb3d428a7c6330e2e3d73a952b16f820896c8 Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7237 Expires: Mon, 28 Nov 2022 03:12:45 GMT Date: Mon, 28 Nov 2022 01:12:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: tZrSNm9gELAjXGTUAhB8PjHwxMPCg29m2x52coIWa3ZKnc8eXL598M3a1bKo7KvbpNDHNMQo+VE= x-amz-request-id: 956DZ543G76VA0YZ content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 28 Nov 2022 00:41:51 GMT age: 1817 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 28 Nov 2022 01:12:08 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 28 Nov 2022 01:08:54 GMT cache-control: public,max-age=3600 age: 195 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /acc/news/1462943932-DEO(SE)-Amritsar-Urgent%20Non%20teaching%20Information%20regarding%20Posts%20Reminder-3.docx HTTP/1.1 Host: deoseasr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: deoseasr.org/acc/news/1462943932-DEO(SE)-Amritsar-Urgen (...) FQDN: deoseasr.org IP: 67.227.226.240 HASH: c0777b4a0207716459d50150a492d739d8b8a239ec7866ffab74c4c5f2e9d27e 67.227.226.240 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 01:12:08 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (642) Size: 2302 Md5: c638710355c369c42bba44302ec3fe4e Sha1: e71d90435eec9a4a1f23cbfe3832eb005c6f13bb Sha256: c0777b4a0207716459d50150a492d739d8b8a239ec7866ffab74c4c5f2e9d27e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3417 Cache-Control: max-age=118300 Date: Mon, 28 Nov 2022 01:12:09 GMT Etag: "638328ac-1d7" Expires: Tue, 29 Nov 2022 10:03:49 GMT Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT Server: ECS (ska/F71B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: a6fee11dfe1b88cd768a0ca3e2bd0c89 Sha1: 59cec9a44a4a92467678afe65f347f68641a2174 Sha256: 50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
GET /page/bouncy.php?&bpae=GbhGtCvmvUx7NYuomHHPRUog2wscgtIgfqA25nmV1sm2VDtiH9aPMsxcprd%2BL85uPGl%2BZSOTISkO%2BDY%2Bqrqd6%2FNM7WKseKCIrVfZFVnDORQGEJrDohuzEzxglbsFOyB%2FLfQInv2A%2BB6Vy6zW501Hth735K3F1ab5WAp6w2loyAO1F2E12x%2FnGM%2FSgJg2%2Fn%2B5IA9QSuTa8m2qTpUwSUUi%2FXVVnrQ07Ca1qheUoq%2BURl2kfNpdN13zgTNnWHFn00NOhnU0vWtnn4yD5W5cvv2tZBq9IOKjtWva9hJorLePzIXYfYhz08%2Bl%2FRpBe67lSkYGOKzzYQUoU1YvA4qM6vvQrn%2FcIBTX2rEr3LChSbPjChtLu%2FD1mraVCg%2BBUIO4pITVmdYW5jaZwUXQSjip4onXNeq5BOuhx%2Bg2yCxJMs8yTYIFONarUyPSB7SXMoTPHV%2FYFdbh94%2Fz33VbiJegWhyj%2B69dqBlXthACwt9311PN1lLqxdtMtjYfk2rRj9TL&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1 Host: deoseasr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://deoseasr.org/acc/news/1462943932-DEO(SE)-Amritsar-Urgent%20Non%20teaching%20Information%20regarding%20Posts%20Reminder-3.docx Upgrade-Insecure-Requests: 1	URL: deoseasr.org/page/bouncy.php?&bpae=GbhGtCvmvUx7NYuomHHP (...) FQDN: deoseasr.org IP: 67.227.226.240 HASH: 5d57cc6e1fc9ffe7e878a00e17f900e1db70031cccff086c1f54deb3b038ac8f 67.227.226.240 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Mon, 28 Nov 2022 01:12:09 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 X-Powered-By: PHP/5.4.16 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 982 Md5: e21f404703d8f32e33df09845fbe01d5 Sha1: e63ad3113d73f1d1583d4add4c6bc8f4810883ed Sha256: 5d57cc6e1fc9ffe7e878a00e17f900e1db70031cccff086c1f54deb3b038ac8f
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: Z1UiHT2evZLYQTxWPHwRXA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.187.71.185 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.187.71.185 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: bJWwcs4lIveZWiJkUzIye+j1N3E= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 5fe8b10ad5b2c28e9ccbee90e7d4a676db1d5ae31f9231fa78c3dceb6182b66a 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: 'max-age=158059' Date: Mon, 28 Nov 2022 01:12:09 GMT Etag: "63834643-1d7" Last-Modified: Mon, 28 Nov 2022 00:00:11 GMT Server: ECS (bsa/EB1B) X-Cache: Miss from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: qhtKqmlvN7It5N21d6-UYsepCdAUIhyHZgSUlR0RsCNVTCNvVOxIXQ== Age: 4318 --- Additional Info --- Magic: data Size: 471 Md5: 0470f1fc510b09912f5195b09a114506 Sha1: c0cf04dbb901bcc7137df9789a2c13bf772ee13d Sha256: 5fe8b10ad5b2c28e9ccbee90e7d4a676db1d5ae31f9231fa78c3dceb6182b66a
GET /favicon.ico HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaut-hil.com/zcredirect?visitid=ae27ea51-6eb9-11ed-979e-0a5536e4a641&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: gaut-hil.com/favicon.ico FQDN: gaut-hil.com IP: 3.208.247.235 HASH: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 3.208.247.235 HTTP/2 404 Not Found content-type: text/html;charset=utf-8 date: Mon, 28 Nov 2022 01:12:10 GMT content-length: 653 cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' content-language: en server: yZqPlqsA X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size: 653 Md5: ba2732b1b2fa2626ffaa15f62f9e7d66 Sha1: 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /zcvisitor/ae27ea51-6eb9-11ed-979e-0a5536e4a641/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://deoseasr.org/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: gaut-hil.com/zcvisitor/ae27ea51-6eb9-11ed-979e-0a5536e4 (...) FQDN: gaut-hil.com IP: 3.208.247.235 HASH: 83fe2932bc053b2191ae6f6613b8ab84f0fd54d95d4dfa3d0d27297ce7568f8d 3.208.247.235 HTTP/2 200 OK content-type: text/html;charset=UTF-8 date: Mon, 28 Nov 2022 01:12:09 GMT cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag server: uAqypyUD X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 1098 Md5: 7fb17d27ea3dd90b44b58d76ae504e66 Sha1: a6d5eb04d475aa2d53214bdd10d32b57652368af Sha256: 83fe2932bc053b2191ae6f6613b8ab84f0fd54d95d4dfa3d0d27297ce7568f8d
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: ec5a4ff0cf4996bd0bec0d003c8ccfb15566c458d5b7d0e41a8d8bc99e75f593 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=132155 Date: Mon, 28 Nov 2022 01:12:10 GMT Etag: "63836c25-1d7" Expires: Tue, 29 Nov 2022 13:54:45 GMT Last-Modified: Sun, 27 Nov 2022 13:54:45 GMT Server: nginx X-Cache: Miss from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: ef5q6W1mgAKHJ0gefhmdTOSZXYSayOkLZymG3xKZ3SFMa0wAnJtqDQ== --- Additional Info --- Magic: data Size: 471 Md5: 4cc63de7c54e5e49af70727bb66dd491 Sha1: 3eb7339049830757e0a1e8192a30d9973e50dd61 Sha256: ec5a4ff0cf4996bd0bec0d003c8ccfb15566c458d5b7d0e41a8d8bc99e75f593
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:10 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-app.js FQDN: www.gstatic.com IP: 142.250.74.163 HASH: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5 142.250.74.163 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 8604 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 23 Nov 2022 18:32:45 GMT expires: Thu, 23 Nov 2023 18:32:45 GMT cache-control: public, max-age=31536000 age: 369565 last-modified: Thu, 10 May 2018 20:35:51 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25088) Size: 8604 Md5: 73069e532b7039778d3a7128c997c61a Sha1: c523bbf1ac7f4e612c8ade75434c42fbca885adc Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js FQDN: www.gstatic.com IP: 142.250.74.163 HASH: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7 142.250.74.163 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 21 Nov 2022 18:29:53 GMT expires: Tue, 21 Nov 2023 18:29:53 GMT cache-control: public, max-age=31536000 age: 542537 last-modified: Thu, 10 May 2018 20:35:52 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (35547) Size: 10017 Md5: fa9987a23f5a9d865766e952511baa30 Sha1: f2e620b99ee61a01671ba6a9e22ca75d58a1b52d Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12327 Expires: Mon, 28 Nov 2022 04:37:37 GMT Date: Mon, 28 Nov 2022 01:12:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eea1f4c4cb29f1a8e5fb6c690601fd Sha1: 86533a47ff8c36ce46c95d931f2e79caffd3156f Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12326 Expires: Mon, 28 Nov 2022 04:37:37 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eea1f4c4cb29f1a8e5fb6c690601fd Sha1: 86533a47ff8c36ce46c95d931f2e79caffd3156f Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
GET /assets/1144/css/main.css HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1144/css/main.css FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: 2c1a4fed0126274ac848bade732edac2023c6389486e5c02cdc0be77548cd093 23.36.76.144 HTTP/1.1 200 OK Content-Type: text/css Last-Modified: Tue, 02 Feb 2021 11:39:55 GMT ETag: "fb41dc3d2a4826c0dd868c64bae7c77c" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK51-C1 X-Amz-Cf-Id: 6T72l0QFrSOjNpG37gHCrWR4JlltkKRjMcmj4QL5H4DRr0wvRi4Ylg== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 2061 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 2061 Md5: 977c6a0b5a9ea85f1861a0e9089a05c1 Sha1: 6a8155cda967fda2a16fc759deca252634aa0c78 Sha256: 2c1a4fed0126274ac848bade732edac2023c6389486e5c02cdc0be77548cd093
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4150 Expires: Mon, 28 Nov 2022 02:21:21 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /prod/push-subscriber.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/prod/push-subscriber.js FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7 23.36.76.144 HTTP/1.1 200 OK Content-Type: application/javascript Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT ETag: "6b5bccad39f7057909ad0660f33cc2fa" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK51-C1 X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 4395 Connection: keep-alive --- Additional Info --- Magic: ASCII text Size: 4395 Md5: d87a44d0aa0b54e75b2eb54c76bcf152 Sha1: f765110fd22c73d181d9a2ea1b20de424b3d9e35 Sha256: 6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /assets/1387/js/backoffer.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1387/js/backoffer.js FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388 23.36.76.144 HTTP/1.1 200 OK Content-Type: text/javascript Content-Length: 660 Last-Modified: Thu, 06 May 2021 12:38:04 GMT ETag: "e7e1dc07852a36f89e4be03aa3787316" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: IAD89-P2 X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA== Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 660 Md5: e7e1dc07852a36f89e4be03aa3787316 Sha1: 0dc3f8e7eb943af093cf8f4600fcf0e421891025 Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4150 Expires: Mon, 28 Nov 2022 02:21:21 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5989 x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR78LHQqIAMF9_g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA== via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:13 GMT age: 12058 etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5989 Md5: fa848cb85e85df184b078fe7aa95ae52 Sha1: 21aa6418f3a0d2b64925b66d5fb9079b7e84a11c Sha256: 37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10813 x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_KG00oAMFpig= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:09 GMT age: 12062 etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10813 Md5: 005e5ba3c9588cf389a58195001b64e3 Sha1: 238a7439d887fb3aa7f1302eeb43fce62f08441a Sha256: d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12326 Expires: Mon, 28 Nov 2022 04:37:37 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eea1f4c4cb29f1a8e5fb6c690601fd Sha1: 86533a47ff8c36ce46c95d931f2e79caffd3156f Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11165 x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_JE2VIAMFYgQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: SFO5-C3, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw== via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:26:45 GMT age: 9926 etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11165 Md5: a8935783026c10470f60033d3a860f7b Sha1: 65941dd34eb1063a3f7fe2b6790a11a484a06b9a Sha256: e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12326 Expires: Mon, 28 Nov 2022 04:37:37 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eea1f4c4cb29f1a8e5fb6c690601fd Sha1: 86533a47ff8c36ce46c95d931f2e79caffd3156f Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4708 x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_JFbXIAMFc_g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:26:43 GMT age: 9928 etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4708 Md5: 4060284252d32701c42e2df4a83970a0 Sha1: a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da Sha256: 53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12555 x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_MHPWIAMFQMg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:09 GMT age: 12062 etag: "c843c5422499736a83a80c2b07475a8dbbb8860f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12555 Md5: f20d5c4b208740dd4c737b9d95c0e1d0 Sha1: c843c5422499736a83a80c2b07475a8dbbb8860f Sha256: f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=12326 Expires: Mon, 28 Nov 2022 04:37:37 GMT Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c8eea1f4c4cb29f1a8e5fb6c690601fd Sha1: 86533a47ff8c36ce46c95d931f2e79caffd3156f Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
GET /assets/1144/js/translatesrules.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1144/js/translatesrules.js FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: 2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e 23.36.76.144 HTTP/1.1 200 OK Content-Type: text/javascript Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT ETag: "f889c7341bca7408551f0da6879237a9" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR53-C1 X-Amz-Cf-Id: o0JI-D14FY46mUFaOurcdIXuAiNK9FRy0hlR2hHzIjPPV_ulUFWuSA== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 9749 Connection: keep-alive --- Additional Info --- Magic: Unicode text, UTF-8 text Size: 9749 Md5: f09a391ba297c3912759882db1a9e38a Sha1: a7866e21b4febbf58a635613ec30608a9dfda386 Sha256: 2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9430 x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR7wyGCIIAMFhgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:46 GMT age: 11425 etag: "075531f525e625b117b2497f31139c9824d0e9c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9430 Md5: 1f434933b5bd6377d299ada22d1ae7ef Sha1: 075531f525e625b117b2497f31139c9824d0e9c5 Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /prod/push-lang-config.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/prod/push-lang-config.js FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11 23.36.76.144 HTTP/1.1 200 OK Content-Type: application/javascript Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT ETag: "7152525f63649929a736f6efb78b58a5" x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR53-C1 X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 2366 Connection: keep-alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (7658), with no line terminators Size: 2366 Md5: 86caa25373c28e4a962df5e15f4c160f Sha1: 7a992cdd21a4074c155ccc7016e7cf836a66dd85 Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /assets/1144/js/jquery.min.js HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1144/js/jquery.min.js FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494 23.36.76.144 HTTP/1.1 200 OK Content-Type: text/javascript Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT ETag: "2f6b11a7e914718e0290410e85366fe9" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: JFK51-C1 X-Amz-Cf-Id: rNAVYdmHMAMpMHYv4HPJBhrAtesAUrOBckV9PxD5uVlG8zkUkRY0ng== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 29855 Connection: keep-alive --- Additional Info --- Magic: ASCII text, with very long lines (32065) Size: 29855 Md5: 2fa28552f1ee4e1382ee43930b53afb8 Sha1: 803670da6a35378bf4eb73acc8e72fe4feb5ca30 Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: e9895464b828d538dc654c678c82b181 Sha1: af5791cd48761cb3f3f979b481c23e1508692823 Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 5af61422c4eaa1b995ec63e463abda26 Sha1: db75634681ed688840773ce828c169ac9da7d131 Sha256: 506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn.smrt-assets.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat:400,500,600, (...) FQDN: fonts.googleapis.com IP: 142.250.74.10 HASH: 8e51f536993217394c9db12da9b6378c67458e5f76a30419732e256eeaf53289 142.250.74.10 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Mon, 28 Nov 2022 01:12:11 GMT date: Mon, 28 Nov 2022 01:12:11 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 127989 Md5: dd11521ff743574a74bc598666feae13 Sha1: dd0e565611f4347090db33af25e1b1a602fecf64 Sha256: 8e51f536993217394c9db12da9b6378c67458e5f76a30419732e256eeaf53289
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: dfc6d93c89faf83ac654cd676c02764d Sha1: ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d Sha256: 83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
GET /smartlink/?a=52677&sm=110&s2=w79nou56at1j7hpk2v5ob4fc HTTP/1.1 Host: linksecurecd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://gaut-hil.com/ Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: linksecurecd.com/smartlink/?a=52677&sm=110&s2=w79nou56a (...) FQDN: linksecurecd.com IP: 34.243.67.42 HASH: c15b4e2701faf0aadb13733cc0964306a925219df779a639544187b331283c39 34.243.67.42 HTTP/2 200 OK content-type: text/html;charset=utf-8 date: Mon, 28 Nov 2022 01:12:10 GMT server: nginx vary: Accept-Encoding, Accept-Encoding set-cookie: gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/ gdm_uid_v1_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/ gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/ gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None gdm_uid_v2_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/ gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None cache-control: no-cache, must-revalidate pragma: no-cache expires: Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 33022 Md5: fbb127e12bced03f43fb283f2d3f6d49 Sha1: 4832e92e0a5a90f2600200de90ed91fa52feaa8e Sha256: c15b4e2701faf0aadb13733cc0964306a925219df779a639544187b331283c39
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0ee1d1a60ec1770ec3e880a25c257f5d Sha1: 015b05feff63bdcf8fae4d1a8c0c83c923a2ca67 Sha256: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: 966add2724a5f45e658f88ecdf3a71983d6bc46ec9447b4bea1357e498ca31f5 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Mon, 28 Nov 2022 01:12:11 GMT expires: Mon, 28 Nov 2022 01:12:11 GMT cache-control: private, max-age=900 last-modified: Mon, 28 Nov 2022 00:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 47292 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1921) Size: 47292 Md5: 5c4baf402458e9da7efdb8fed0bc4c37 Sha1: c8163950e90329c7a1129c2c88334c686af9c082 Sha256: 966add2724a5f45e658f88ecdf3a71983d6bc46ec9447b4bea1357e498ca31f5
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: 147119f2bee5cd63dfb8525daab035ee254213a6bbf9ac23d241e844a3980feb 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=89265 Date: Mon, 28 Nov 2022 01:12:11 GMT Etag: "6382ab7f-1d7" Expires: Tue, 29 Nov 2022 01:59:56 GMT Last-Modified: Sun, 27 Nov 2022 00:12:47 GMT Server: ECS (bsa/EB13) X-Cache: Miss from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: oS9L4KtkRRbgM-_RiA4YPus8uy60C3xJ_pSPzu32F2OhIW6TIedS3w== Age: 6429 --- Additional Info --- Magic: data Size: 471 Md5: 983992445e289f2f69870e0a5188228d Sha1: 8637b0a89a29966fab4388ead7296d6fcf0c1d1b Sha256: 147119f2bee5cd63dfb8525daab035ee254213a6bbf9ac23d241e844a3980feb
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0ee1d1a60ec1770ec3e880a25c257f5d Sha1: 015b05feff63bdcf8fae4d1a8c0c83c923a2ca67 Sha256: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1 Host: tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4ca (...) FQDN: tsyndicate.com IP: 148.251.120.78 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 148.251.120.78 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Mon, 28 Nov 2022 01:12:11 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: 32df78abcbd2d482 set-cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Tue, 28 Nov 2023 01:12:11 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /prod/push-utils.js HTTP/1.1 Host: cdn.smrt-content.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-content.com/prod/push-utils.js FQDN: cdn.smrt-content.com IP: 23.36.76.194 HASH: 7b5ba9e8001cd959f85c8c76eccaf60588909154bac817afb232d7d4a98d2696 23.36.76.194 HTTP/1.1 200 OK Content-Type: application/javascript Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT ETag: "a288177a606a9686132970835b3e572c" x-amz-meta-s3cmd-attrs: atime:1644921893/ctime:1644921893/gid:20/gname:staff/md5:a288177a606a9686132970835b3e572c/mode:33188/mtime:1644921893/uid:501/uname:nimspy Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: EWR53-C1 X-Amz-Cf-Id: TmcfYbpq_e2BMUO-lKBbDZjl7EL4esTxnvZXoiV60ZaJrHN5wRZ8ig== Vary: Accept-Encoding Content-Encoding: gzip Date: Mon, 28 Nov 2022 01:12:11 GMT Content-Length: 3647 Connection: keep-alive --- Additional Info --- Magic: C source, ASCII text, with very long lines (1971) Size: 3647 Md5: 66b8348a97eaecf14cc35f1326f1cf1a Sha1: 0c0c17bebbd46240c30a6b1ed85ccfd3b6053bba Sha256: 7b5ba9e8001cd959f85c8c76eccaf60588909154bac817afb232d7d4a98d2696
GET /assets/1373/other/favicon.ico HTTP/1.1 Host: cdn.smrt-assets.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.smrt-assets.com/assets/1373/other/favicon.ico FQDN: cdn.smrt-assets.com IP: 23.36.76.144 HASH: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97 23.36.76.144 HTTP/1.1 200 OK Content-Type: image/x-icon Content-Length: 1150 Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT ETag: "38722a803b73dd1871a3d8a19db44d2f" Accept-Ranges: bytes Server: AmazonS3 X-Amz-Cf-Pop: IAD66-C1 X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA== Date: Mon, 28 Nov 2022 01:12:11 GMT Connection: keep-alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: 38722a803b73dd1871a3d8a19db44d2f Sha1: 3379960a2c6611bfefcb39e662198d6df322e12d Sha256: 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /js/mp.min.js HTTP/1.1 Host: static.trafficjunky.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: static.trafficjunky.com/js/mp.min.js FQDN: static.trafficjunky.com IP: 205.185.208.79 HASH: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c 205.185.208.79 HTTP/2 200 OK content-type: application/javascript date: Mon, 28 Nov 2022 01:12:11 GMT etag: "1652721327" cache-control: max-age=31536000 content-encoding: gzip content-length: 3628 last-modified: Mon, 16 May 2022 17:15:27 GMT accept-ranges: bytes x-hw: 1669597931.dop225.sk1.t,1669597931.cds217.sk1.hn,1669597931.cds003.sk1.c access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (10690), with no line terminators Size: 3628 Md5: 044c370813dc1ea880f32a5be81384e7 Sha1: 53b0733cfc26f2bc7e83d1da0c087d5513fcf548 Sha256: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /analytics.js HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.google-analytics.com/analytics.js FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e 142.250.74.174 HTTP/2 200 OK content-type: text/javascript strict-transport-security: max-age=10886400; includeSubDomains; preload x-content-type-options: nosniff vary: Accept-Encoding content-encoding: gzip cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 20039 date: Mon, 28 Nov 2022 00:41:08 GMT expires: Mon, 28 Nov 2022 02:41:08 GMT cache-control: public, max-age=7200 age: 1863 last-modified: Tue, 27 Sep 2022 22:01:05 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (1325) Size: 20039 Md5: 47e6f374ca946fddd5b59871b325736c Sha1: baa9282efc8785e84d247c3bff518eaa45f101c4 Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
POST /j/collect?v=1&_v=j98&a=469541988&t=pageview&_s=1&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dw79nou56at1j7hpk2v5ob4fc&dr=https%3A%2F%2Fgaut-hil.com%2F&ul=en-us&de=UTF-8&dt=Best%20dating%20worldwide%20%3C3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1431249437&gjid=1182280657&cid=1874903977.1669597931&tid=UA-179148962-2&_gid=401350975.1669597931&_r=1&gtm=2wgb90TR8VQRX&z=1132538961 HTTP/1.1 Host: www.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: www.google-analytics.com/j/collect?v=1&_v=j98&a=4695419 (...) FQDN: www.google-analytics.com IP: 142.250.74.174 HASH: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af 142.250.74.174 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://linksecurecd.com date: Mon, 28 Nov 2022 01:12:11 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with no line terminators Size: 2 Md5: cc7a1e792bca8ccb1946b7a07f6dbc03 Sha1: 11a2757082428311f587b7664fa9840376137f80 Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:11 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: fb9963af5b3c525d68d5c87f0da8025b Sha1: c8d1f50313dddb0cea04745d762dac01718a026f Sha256: 231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1874903977.1669597931&jid=1431249437&gjid=1182280657&_gid=401350975.1669597931&_u=YADAAEAAAAAAACAAI~&z=1628646559 HTTP/1.1 Host: stats.g.doubleclick.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: text/plain Content-Length: 0 Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_ (...) FQDN: stats.g.doubleclick.net IP: 142.251.1.155 HASH: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b 142.251.1.155 HTTP/2 200 OK content-type: text/plain access-control-allow-origin: https://linksecurecd.com strict-transport-security: max-age=10886400; includeSubDomains; preload date: Mon, 28 Nov 2022 01:12:11 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate last-modified: Sun, 17 May 1998 03:00:00 GMT access-control-allow-credentials: true x-content-type-options: nosniff cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 1 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: very short file (no magic) Size: 1 Md5: c4ca4238a0b923820dcc509a6f75849b Sha1: 356a192b7913b04c54574d18c28d46e6395428ab Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.35 HASH: 6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f 142.250.74.35 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Mon, 28 Nov 2022 01:12:12 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 770555aa8a0a52c611bafb289ca8a650 Sha1: 62504cadc49747f328e3c31ad3aa7a740043072c Sha256: 6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=469541988&cid=1874903977.1669597931&ul=en-us&sr=1280x1024&_s=1&sid=1669597931&sct=1&seg=0&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dw79nou56at1j7hpk2v5ob4fc&dr=https%3A%2F%2Fgaut-hil.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 Host: region1.google-analytics.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Content-Length: 0	URL: region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRP (...) FQDN: region1.google-analytics.com IP: 216.239.32.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 216.239.32.36 HTTP/2 204 No Content content-type: text/plain access-control-allow-origin: https://linksecurecd.com date: Mon, 28 Nov 2022 01:12:12 GMT pragma: no-cache expires: Fri, 01 Jan 1990 00:00:00 GMT cache-control: no-cache, no-store, must-revalidate access-control-allow-credentials: true cross-origin-resource-policy: cross-origin server: Golfe2 content-length: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.sca1b.amazontrust.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.sca1b.amazontrust.com/ FQDN: ocsp.sca1b.amazontrust.com IP: 143.204.42.88 HASH: f435886f7334f9abb6b6bca1f0ebc2245b5985903e2d310e4113e3584efd57f2 143.204.42.88 HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=89968 Date: Mon, 28 Nov 2022 01:12:12 GMT Etag: "6382bc51-1d7" Expires: Tue, 29 Nov 2022 02:11:40 GMT Last-Modified: Sun, 27 Nov 2022 01:24:33 GMT Server: ECS (nyb/1D05) X-Cache: Miss from cloudfront Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-C1 X-Amz-Cf-Id: Vnbe1BendtdW5Z3xghZ4FZYm1SFQubbjj_HaqOIrO8lTNieFs2KTHQ== Age: 2827 --- Additional Info --- Magic: data Size: 471 Md5: 12f60d4c5494726bd184ff8762e35369 Sha1: 4a31aaf4c4efa0eaedc0f2cebabd17e4af3a8a84 Sha256: f435886f7334f9abb6b6bca1f0ebc2245b5985903e2d310e4113e3584efd57f2
GET /color?x=1&forScheme=aHR0cHM6Ly9saW5rc2VjdXJlY2QuY29tL3NtYXJ0bGluay8/YT01MjY3NyZzbT0xMTAmczI9dzc5bm91NTZhdDFqN2hwazJ2NW9iNGZj HTTP/1.1 Host: guard.cdtbox.rocks User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://linksecurecd.com Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: guard.cdtbox.rocks/color?x=1&forScheme=aHR0cHM6Ly9saW5r (...) FQDN: guard.cdtbox.rocks IP: 54.164.22.60 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.164.22.60 HTTP/2 204 No Content date: Mon, 28 Nov 2022 01:12:12 GMT server: nginx vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-allow-origin: * X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8885 x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGDTEFSeIAMF3rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 10:15:53 GMT age: 53784 etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8885 Md5: 3a1a4e00f1f15827cf651f373863c379 Sha1: 70c2a238f06ca7e56ef80c83738e081bf0de3330 Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /user-segments/?pid=TH HTTP/1.1 Host: statisticresearch.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://linksecurecd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: statisticresearch.com/user-segments/?pid=TH FQDN: statisticresearch.com IP: 52.204.249.38 52.204.249.38 HTTP/2 200 OK date: Mon, 28 Nov 2022 01:12:11 GMT server: nginx X-Firefox-Spdy: h2 --- Additional Info ---
GET /zcredirect?visitid=ae27ea51-6eb9-11ed-979e-0a5536e4a641&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: gaut-hil.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://gaut-hil.com/zcvisitor/ae27ea51-6eb9-11ed-979e-0a5536e4a641/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=5fe288d0-1df8-11ed-a07d-12beee04f19b Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin TE: trailers	URL: gaut-hil.com/zcredirect?visitid=ae27ea51-6eb9-11ed-979e (...) FQDN: gaut-hil.com IP: 3.208.247.235 3.208.247.235 HTTP/2 200 OK content-type: text/html;charset=UTF-8 date: Mon, 28 Nov 2022 01:12:10 GMT cache-control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' access-control-allow-origin: * access-control-allow-methods: GET,POST,OPTIONS access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS server: uAqypyUD X-Firefox-Spdy: h2 --- Additional Info ---
GET /service-worker.js HTTP/1.1 Host: linksecurecd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; gdm_uid_v1_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; gdm_uid_v2_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; _ga_C3EPRPS8FB=GS1.1.1669597931.1.0.1669597931.0.0.0; _ga=GA1.1.1874903977.1669597931 Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: linksecurecd.com/service-worker.js FQDN: linksecurecd.com IP: 34.243.67.42 34.243.67.42 HTTP/2 200 OK content-type: text/javascript;charset=utf-8 date: Mon, 28 Nov 2022 01:12:11 GMT server: nginx vary: Accept-Encoding, Accept-Encoding cache-control: no-cache, must-revalidate pragma: no-cache expires: Sat, 1 May 2020 12:00:00 GMT access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4043 

                                        
                                            
Expires: Mon, 28 Nov 2022 02:19:31 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:08 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    150792cfc458af013998f4ef6bdf5f74

                                                Sha1:   d5179b2dcb11d06f82606bf6eb6648319998d63e

                                                Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 00:19:27 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 3161 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    4d7e4eed097b9c4e5d509419f1cfc85a

                                                Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8

                                                Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: tZrSNm9gELAjXGTUAhB8PjHwxMPCg29m2x52coIWa3ZKnc8eXL598M3a1bKo7KvbpNDHNMQo+VE= 

                                        
                                            
x-amz-request-id: 956DZ543G76VA0YZ 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 00:41:51 GMT 

                                        
                                            
age: 1817 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Mon, 28 Nov 2022 01:08:54 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 195 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3417 

                                        
                                            
Cache-Control: max-age=118300 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:09 GMT 

                                        
                                            
Etag: "638328ac-1d7" 

                                        
                                            
Expires: Tue, 29 Nov 2022 10:03:49 GMT 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT 

                                        
                                            
Server: ECS (ska/F71B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    a6fee11dfe1b88cd768a0ca3e2bd0c89

                                                Sha1:   59cec9a44a4a92467678afe65f347f68641a2174

                                                Sha256: 50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: Z1UiHT2evZLYQTxWPHwRXA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.187.71.185

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: bJWwcs4lIveZWiJkUzIye+j1N3E= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: gaut-hil.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://gaut-hil.com/zcredirect?visitid=ae27ea51-6eb9-11ed-979e-0a5536e4a641&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers

                                         3.208.247.235

                                        
                                            HTTP/2 404 Not Found 

                                        
                                            
content-type: text/html;charset=utf-8

                                        

                                        
                                            
date: Mon, 28 Nov 2022 01:12:10 GMT 

                                        
                                            
content-length: 653 

                                        
                                            
cache-control: no-store, no-cache, pre-check=0, post-check=0 

                                        
                                            
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline' 

                                        
                                            
content-language: en 

                                        
                                            
server: yZqPlqsA 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators

                                                Size:   653

                                                Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66

                                                Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe

                                                Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         143.204.42.88

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=132155 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:10 GMT 

                                        
                                            
Etag: "63836c25-1d7" 

                                        
                                            
Expires: Tue, 29 Nov 2022 13:54:45 GMT 

                                        
                                            
Last-Modified: Sun, 27 Nov 2022 13:54:45 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: ef5q6W1mgAKHJ0gefhmdTOSZXYSayOkLZymG3xKZ3SFMa0wAnJtqDQ== 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    4cc63de7c54e5e49af70727bb66dd491

                                                Sha1:   3eb7339049830757e0a1e8192a30d9973e50dd61

                                                Sha256: ec5a4ff0cf4996bd0bec0d003c8ccfb15566c458d5b7d0e41a8d8bc99e75f593

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:10 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e9895464b828d538dc654c678c82b181

                                                Sha1:   af5791cd48761cb3f3f979b481c23e1508692823

                                                Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js" 

                                        
                                            
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} 

                                        
                                            
content-length: 10017 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Mon, 21 Nov 2022 18:29:53 GMT 

                                        
                                            
expires: Tue, 21 Nov 2023 18:29:53 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 542537 

                                        
                                            
last-modified: Thu, 10 May 2018 20:35:52 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (35547)

                                                Size:   10017

                                                Md5:    fa9987a23f5a9d865766e952511baa30

                                                Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d

                                                Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12326 

                                        
                                            
Expires: Mon, 28 Nov 2022 04:37:37 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c8eea1f4c4cb29f1a8e5fb6c690601fd

                                                Sha1:   86533a47ff8c36ce46c95d931f2e79caffd3156f

                                                Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4150 

                                        
                                            
Expires: Mon, 28 Nov 2022 02:21:21 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    8bb181e3f5ca898c6e31a8efc2e28291

                                                Sha1:   eda3a91f8e2cbc5467da08ad85e6f6a30702b66c

                                                Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

                                        
                                            GET /assets/1387/js/backoffer.js HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.144

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
Content-Length: 660 

                                        
                                            
Last-Modified: Thu, 06 May 2021 12:38:04 GMT 

                                        
                                            
ETag: "e7e1dc07852a36f89e4be03aa3787316" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: IAD89-P2 

                                        
                                            
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA== 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   660

                                                Md5:    e7e1dc07852a36f89e4be03aa3787316

                                                Sha1:   0dc3f8e7eb943af093cf8f4600fcf0e421891025

                                                Sha256: 33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5989 

                                        
                                            
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cR78LHQqIAMF9_g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA== 

                                        
                                            
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 21:51:13 GMT 

                                        
                                            
age: 12058 

                                        
                                            
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5989

                                                Md5:    fa848cb85e85df184b078fe7aa95ae52

                                                Sha1:   21aa6418f3a0d2b64925b66d5fb9079b7e84a11c

                                                Sha256: 37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12326 

                                        
                                            
Expires: Mon, 28 Nov 2022 04:37:37 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c8eea1f4c4cb29f1a8e5fb6c690601fd

                                                Sha1:   86533a47ff8c36ce46c95d931f2e79caffd3156f

                                                Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8" 

                                        
                                            
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=12326 

                                        
                                            
Expires: Mon, 28 Nov 2022 04:37:37 GMT 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    c8eea1f4c4cb29f1a8e5fb6c690601fd

                                                Sha1:   86533a47ff8c36ce46c95d931f2e79caffd3156f

                                                Sha256: 30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe1c9b5-b323-496c-a65c-09c1511f882f.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12555 

                                        
                                            
x-amzn-requestid: 2d9827ba-fc88-4deb-9844-f5b42764b2e9 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cR6_MHPWIAMFQMg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6383d861-42986aeb284115943c849306;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: up0DWugUp4S0jAtsA-KBRapBAHtcHCdTwWJock-y22fqyL6_YVFeqg== 

                                        
                                            
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 27 Nov 2022 21:51:09 GMT 

                                        
                                            
age: 12062 

                                        
                                            
etag: "c843c5422499736a83a80c2b07475a8dbbb8860f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12555

                                                Md5:    f20d5c4b208740dd4c737b9d95c0e1d0

                                                Sha1:   c843c5422499736a83a80c2b07475a8dbbb8860f

                                                Sha256: f8d048a2c911aaedfa53b7d6e134638e8c36db0700a874fe99e0d8f847970a1b

                                        
                                            GET /assets/1144/js/translatesrules.js HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.144

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
Last-Modified: Tue, 02 Feb 2021 11:29:28 GMT 

                                        
                                            
ETag: "f889c7341bca7408551f0da6879237a9" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR53-C1 

                                        
                                            
X-Amz-Cf-Id: o0JI-D14FY46mUFaOurcdIXuAiNK9FRy0hlR2hHzIjPPV_ulUFWuSA== 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Content-Length: 9749 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text

                                                Size:   9749

                                                Md5:    f09a391ba297c3912759882db1a9e38a

                                                Sha1:   a7866e21b4febbf58a635613ec30608a9dfda386

                                                Sha256: 2a734d2af14f59cdad75b60742d94cef667bb3271d2a8a2557be99796a840d3e

                                        
                                            GET /prod/push-lang-config.js HTTP/1.1 

                                        
                                            
Host: cdn.smrt-assets.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.144

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT 

                                        
                                            
ETag: "7152525f63649929a736f6efb78b58a5" 

                                        
                                            
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR53-C1 

                                        
                                            
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q== 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Content-Length: 2366 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (7658), with no line terminators

                                                Size:   2366

                                                Md5:    86caa25373c28e4a962df5e15f4c160f

                                                Sha1:   7a992cdd21a4074c155ccc7016e7cf836a66dd85

                                                Sha256: fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    e9895464b828d538dc654c678c82b181

                                                Sha1:   af5791cd48761cb3f3f979b481c23e1508692823

                                                Sha256: c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

                                        
                                            GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://cdn.smrt-assets.com/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   127989

                                                Md5:    dd11521ff743574a74bc598666feae13

                                                Sha1:   dd0e565611f4347090db33af25e1b1a602fecf64

                                                Sha256: 8e51f536993217394c9db12da9b6378c67458e5f76a30419732e256eeaf53289

                                        
                                            GET /smartlink/?a=52677&sm=110&s2=w79nou56at1j7hpk2v5ob4fc HTTP/1.1 

                                        
                                            
Host: linksecurecd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://gaut-hil.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.243.67.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html;charset=utf-8

                                        

                                        
                                            
date: Mon, 28 Nov 2022 01:12:10 GMT 

                                        
                                            
server: nginx 

                                        
                                            
vary: Accept-Encoding, Accept-Encoding 

                                        
                                            
set-cookie: gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/
gdm_uid_v1_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/
gdm_visit_freq_v1_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/
gdm_visit_freq_v2_1_001=CY6kMI1cMWu7B85RwQ9BIFKBT5smmfNOnsnk7f30nVY=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=IiDSWa4TXpaIciTGDU/H/GE3sDy15hqmPbEnk37yLZ8gHTbbLMtoDlFbYKLpURmq; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5fFPXmIZ+zYZL+L9IX4kv/4=; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.linksecurecd.com; Expires=Sun, 26-Feb-2023 01:12:10 GMT; Path=/; Secure; SameSite=None 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Sat, 1 May 2020 12:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS 

                                        
                                            
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   33022

                                                Md5:    fbb127e12bced03f43fb283f2d3f6d49

                                                Sha1:   4832e92e0a5a90f2600200de90ed91fa52feaa8e

                                                Sha256: c15b4e2701faf0aadb13733cc0964306a925219df779a639544187b331283c39

                                        
                                            GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1 

                                        
                                            
Host: www.googletagmanager.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.168

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-headers: Cache-Control 

                                        
                                            
content-encoding: br 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
expires: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
cache-control: private, max-age=900 

                                        
                                            
last-modified: Mon, 28 Nov 2022 00:00:00 GMT 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Google Tag Manager 

                                        
                                            
content-length: 47292 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1921)

                                                Size:   47292

                                                Md5:    5c4baf402458e9da7efdb8fed0bc4c37

                                                Sha1:   c8163950e90329c7a1129c2c88334c686af9c082

                                                Sha256: 966add2724a5f45e658f88ecdf3a71983d6bc46ec9447b4bea1357e498ca31f5

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    0ee1d1a60ec1770ec3e880a25c257f5d

                                                Sha1:   015b05feff63bdcf8fae4d1a8c0c83c923a2ca67

                                                Sha256: b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6

                                        
                                            GET /prod/push-utils.js HTTP/1.1 

                                        
                                            
Host: cdn.smrt-content.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         23.36.76.194

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/javascript

                                        

                                        
                                            
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT 

                                        
                                            
ETag: "a288177a606a9686132970835b3e572c" 

                                        
                                            
x-amz-meta-s3cmd-attrs: atime:1644921893/ctime:1644921893/gid:20/gname:staff/md5:a288177a606a9686132970835b3e572c/mode:33188/mtime:1644921893/uid:501/uname:nimspy 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
X-Amz-Cf-Pop: EWR53-C1 

                                        
                                            
X-Amz-Cf-Id: TmcfYbpq_e2BMUO-lKBbDZjl7EL4esTxnvZXoiV60ZaJrHN5wRZ8ig== 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
Content-Length: 3647 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  C source, ASCII text, with very long lines (1971)

                                                Size:   3647

                                                Md5:    66b8348a97eaecf14cc35f1326f1cf1a

                                                Sha1:   0c0c17bebbd46240c30a6b1ed85ccfd3b6053bba

                                                Sha256: 7b5ba9e8001cd959f85c8c76eccaf60588909154bac817afb232d7d4a98d2696

                                        
                                            GET /js/mp.min.js HTTP/1.1 

                                        
                                            
Host: static.trafficjunky.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         205.185.208.79

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
etag: "1652721327" 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 3628 

                                        
                                            
last-modified: Mon, 16 May 2022 17:15:27 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
x-hw: 1669597931.dop225.sk1.t,1669597931.cds217.sk1.hn,1669597931.cds003.sk1.c 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (10690), with no line terminators

                                                Size:   3628

                                                Md5:    044c370813dc1ea880f32a5be81384e7

                                                Sha1:   53b0733cfc26f2bc7e83d1da0c087d5513fcf548

                                                Sha256: 2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c

                                        
                                            POST /j/collect?v=1&_v=j98&a=469541988&t=pageview&_s=1&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dw79nou56at1j7hpk2v5ob4fc&dr=https%3A%2F%2Fgaut-hil.com%2F&ul=en-us&de=UTF-8&dt=Best%20dating%20worldwide%20%3C3&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAEABAAAAACAAI~&jid=1431249437&gjid=1182280657&cid=1874903977.1669597931&tid=UA-179148962-2&_gid=401350975.1669597931&_r=1&gtm=2wgb90TR8VQRX&z=1132538961 HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://linksecurecd.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers

                                         142.250.74.174

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://linksecurecd.com 

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 2 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with no line terminators

                                                Size:   2

                                                Md5:    cc7a1e792bca8ccb1946b7a07f6dbc03

                                                Sha1:   11a2757082428311f587b7664fa9840376137f80

                                                Sha256: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=1874903977.1669597931&jid=1431249437&gjid=1182280657&_gid=401350975.1669597931&_u=YADAAEAAAAAAACAAI~&z=1628646559 HTTP/1.1 

                                        
                                            
Host: stats.g.doubleclick.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://linksecurecd.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.251.1.155

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://linksecurecd.com 

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  very short file (no magic)

                                                Size:   1

                                                Md5:    c4ca4238a0b923820dcc509a6f75849b

                                                Sha1:   356a192b7913b04c54574d18c28d46e6395428ab

                                                Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

                                        
                                            POST /g/collect?v=2&tid=G-C3EPRPS8FB&gtm=2oeb90&_p=469541988&cid=1874903977.1669597931&ul=en-us&sr=1280x1024&_s=1&sid=1669597931&sct=1&seg=0&dl=https%3A%2F%2Flinksecurecd.com%2Fsmartlink%2F%3Fa%3D52677%26sm%3D110%26s2%3Dw79nou56at1j7hpk2v5ob4fc&dr=https%3A%2F%2Fgaut-hil.com%2F&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 

                                        
                                            
Host: region1.google-analytics.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://linksecurecd.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Content-Length: 0

                                         216.239.32.36

                                        
                                            HTTP/2 204 No Content 

                                        
                                            
content-type: text/plain

                                        

                                        
                                            
access-control-allow-origin: https://linksecurecd.com 

                                        
                                            
date: Mon, 28 Nov 2022 01:12:12 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 0 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /color?x=1&forScheme=aHR0cHM6Ly9saW5rc2VjdXJlY2QuY29tL3NtYXJ0bGluay8/YT01MjY3NyZzbT0xMTAmczI9dzc5bm91NTZhdDFqN2hwazJ2NW9iNGZj HTTP/1.1 

                                        
                                            
Host: guard.cdtbox.rocks

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://linksecurecd.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         54.164.22.60

                                        
                                            HTTP/2 204 No Content

                                        

                                        
                                            
date: Mon, 28 Nov 2022 01:12:12 GMT 

                                        
                                            
server: nginx 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /user-segments/?pid=TH HTTP/1.1 

                                        
                                            
Host: statisticresearch.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://linksecurecd.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         52.204.249.38

                                        
                                            HTTP/2 200 OK

                                        

                                        
                                            
date: Mon, 28 Nov 2022 01:12:11 GMT 

                                        
                                            
server: nginx 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	deoseasr.org/acc/news/1462943932-DEO(SE)-Amritsar-Urgent%20Non%20teaching%20Information%20regarding%20Posts%20Reminder-3.docx
IP	67.227.226.240 (United States)
ASN	#32244 LIQUIDWEB
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-28 01:12:20 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (24)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 67.227.226.240

Last 5 reports on ASN: LIQUIDWEB

Last 5 reports on domain: deoseasr.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (63)

Overview

Domain Summary (24)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 67.227.226.240

Last 5 reports on ASN: LIQUIDWEB

Last 5 reports on domain: deoseasr.org

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (63)

Network Intrusion Detection Systems