| tr.watchcpm.com/aff_c?offer_id=4177&aff_id=35929&aff_sub5=push&click_id=wppor6thjl11001jim19g5ih&payout=&aff_sub=&aff_sub2=750542e4-ba58-4915-8088-b4ae45c05036&aff_sub3=&aff_sub4= | 172.255.248.105 | 302 Found | 444 B |
URL HTTP/1.1tr.watchcpm.com/aff_c?offer_id=4177&aff_id=35929&aff_sub5=push&click_id=wppor6thjl11001jim19g5ih&payout=&aff_sub=&aff_sub2=750542e4-ba58-4915-8088-b4ae45c05036&aff_sub3=&aff_sub4= IP172.255.248.105:0
File typeHTML document, ASCII text, with very long lines (444), with no line terminators Hashf23706a7450a6907f4c8d808a38c45b3 bcbe9085980c0ce0954ba6d20f839090e3a44c6c e4448aec1d185a6feb69c78ce78999b466d3f37b308023d507cb3c93a43d36a7
GET /aff_c?offer_id=4177&aff_id=35929&aff_sub5=push&click_id=wppor6thjl11001jim19g5ih&payout=&aff_sub=&aff_sub2=750542e4-ba58-4915-8088-b4ae45c05036&aff_sub3=&aff_sub4= HTTP/1.1
Host: tr.watchcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 444
Connection: keep-alive
X-DNS-Prefetch-Control: off
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Download-Options: noopen
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 13 Oct 2022 16:27:54 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
4177=37_35929_4177_d21324be800fd4f304ae506351edce11; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 13 Oct 2022 16:27:54 GMT
op_4177=0; Domain=go.gkrtmc.com; Path=/; Expires=Thu, 13 Oct 2022 16:27:54 GMT
user_id=bd05bf43-52fe-46d0-b4f8-971c561cafa9_b56e0cc71f08069b4e7859ccecb12a45; Domain=go.gkrtmc.com; Path=/; Expires=Sun, 12 Sep 2027 16:27:54 GMT; Secure; SameSite=None
Location: /rd.html?go=https%3A%2F%2Fodzrea.speciaidates.com%2Fc%2F1e3a4e532f1c7040%3Fs1%3D116914%26s2%3D1419167%26s3%3D35929%26s5%3D%26click_id%3D37_35929_4177_d21324be800fd4f304ae506351edce11%26j1%3D1%26j8%3D1
Vary: Accept
Cache-Control: no-store, no-cache
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.35 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash99b7d23c1748d0526782b9ff9ea45f09 eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f 48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 16:08:47 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: N3l9uX3Vee3FG4x21b92oBtpSBwX4dM6H3237rWQvKlsXdfp3_8_5w==
Age: 1147
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashbe88d3e043e3b95b52e41812e50fb634 0318ba1ce487817ea7cba61dd9413bed29213800 b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5475
Expires: Tue, 13 Sep 2022 17:59:09 GMT
Date: Tue, 13 Sep 2022 16:27:54 GMT
Connection: keep-alive
|
|
| tr.watchcpm.com/rd.html?go=https%3A%2F%2Fodzrea.speciaidates.com%2Fc%2F1e3a4e532f1c7040%3Fs1%3D116914%26s2%3D1419167%26s3%3D35929%26s5%3D%26click_id%3D37_35929_4177_d21324be800fd4f304ae506351edce11%26j1%3D1%26j8%3D1 | 172.255.248.105 | 200 OK | 255 B |
URL HTTP/1.1tr.watchcpm.com/rd.html?go=https%3A%2F%2Fodzrea.speciaidates.com%2Fc%2F1e3a4e532f1c7040%3Fs1%3D116914%26s2%3D1419167%26s3%3D35929%26s5%3D%26click_id%3D37_35929_4177_d21324be800fd4f304ae506351edce11%26j1%3D1%26j8%3D1 IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash997bfcab4e7a51023ff8da026ed4374a 35d15ad133e52c1b9dea0b3696a8719521387a9e 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3
GET /rd.html?go=https%3A%2F%2Fodzrea.speciaidates.com%2Fc%2F1e3a4e532f1c7040%3Fs1%3D116914%26s2%3D1419167%26s3%3D35929%26s5%3D%26click_id%3D37_35929_4177_d21324be800fd4f304ae506351edce11%26j1%3D1%26j8%3D1 HTTP/1.1
Host: tr.watchcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 16:27:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| tr.watchcpm.com/favicon.ico | 172.255.248.105 | 404 Not Found | 123 B |
URL HTTP/1.1tr.watchcpm.com/favicon.ico IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashc728bf241d9141b8d3100ae5140e09c5 07f0da1bdfadd0354b090781f1e3264ac22b6c39 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /favicon.ico HTTP/1.1
Host: tr.watchcpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tr.watchcpm.com/rd.html?go=https%3A%2F%2Fodzrea.speciaidates.com%2Fc%2F1e3a4e532f1c7040%3Fs1%3D116914%26s2%3D1419167%26s3%3D35929%26s5%3D%26click_id%3D37_35929_4177_d21324be800fd4f304ae506351edce11%26j1%3D1%26j8%3D1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash0ca5ed24486b800b8f97f46662a77b4e 1aaf60b4aa407e8c389f5341ddec2997081d4058 5d17921303daf05f4e28661aa686c2403569a6b04c8a4fd760914647d1f4be9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D17921303DAF05F4E28661AA686C2403569A6B04C8A4FD760914647D1F4BE9B"
Last-Modified: Mon, 12 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21492
Expires: Tue, 13 Sep 2022 22:26:06 GMT
Date: Tue, 13 Sep 2022 16:27:54 GMT
Connection: keep-alive
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/css/popup.css?1662542858 | 184.31.15.107 | 200 OK | 635 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/css/popup.css?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeassembler source, ASCII text Hash4ed05a608a8ec589e8aa5b040f7bb878 c58649a707ba64aed8b285d3be9f6b06a85ea6cb bcc5d06c7b102eed1477b062020dc4414e4f6c4f9e390e3e67fa675a5f0fa363
GET /landings/274421/1662542857/css/popup.css?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: ddOYh3YdFDGiVPOjyqGBM6wAh8Ol6RMtsu1ZgKmNI3cqdW76VZ2rZo3ZhQD9e+O7IK8l7DK9suA=
x-amz-request-id: GWA5KF29YZYFYQCZ
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "5a61d45142ce5764a2b36dc75343fcd5"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 635
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/js/vegas.js?1662542858 | 184.31.15.107 | 200 OK | 3.4 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/js/vegas.js?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (11568), with CRLF line terminators Hash156c4046496d16408b06eb605ce1ab09 0dde2c6bbb3cf64132989866bdc1161be62474e3 657aac4fd9cd122e452b9da290c486d115af6b8fe8d409f39ab1d1d3dff44144
GET /landings/274421/1662542857/js/vegas.js?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: j9fj9K0jAAlbi56A174AmiFHUnflBNGxqrEYLu8/WE2AKbCcXvAeF8VTGeLt4pQxT5T1Vj5ron0=
x-amz-request-id: GWA0AQA1GBZP5Z67
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "9acc66fdf18dea05bd75165eb5a96259"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 3401
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/js/translates.js?1662542858 | 184.31.15.107 | 200 OK | 10 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/js/translates.js?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
Hashf54e5331f7d782d475a884cce1db33fd d5145e3ebcab1a21d4cdff8632c9901db93b962f 73c4aa8abb0450fbb7eef37c3afc3d6f11f0c2bc3f0a101323364b59298e4e2f
GET /landings/274421/1662542857/js/translates.js?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OXFYZHT4YvUk+KUMr0N0CI8d2yUOUNvt3MAP3XcTOYbm6pr57SAq1+qbQbaoEwU/jwUIaqSBp88=
x-amz-request-id: GWAAPT6A8SYRBME3
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "07cee83d1be10af1ca991d1c60abd6e2"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 10048
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/css/style.css?1662542858 | 184.31.15.107 | 200 OK | 3.0 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/css/style.css?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
Hasha996d284700fdfc5eec5573149941366 14e500aad09e7a9124c1dfe35bc9aa1cbc469db8 c469f18bd2ee010417fc8d74c3386b48ff52ce6fc8716111b9f4e806fa50da83
GET /landings/274421/1662542857/css/style.css?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: jRQUbZtkMUyhDbYqjNe0xjQIn+ZkZZbLIUFODBYrdDARj4X2b1NrBW/webgZB2Ub5VPSyK4uRZw=
x-amz-request-id: GWA5JVC61R1BBDKY
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "62e4fcadb228731d5cec4c0f22c1f3ee"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 2983
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/js/function.js?1662542858 | 184.31.15.107 | 200 OK | 688 B |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/js/function.js?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
Hashba7deda1bcbc1e2d5c127678e05b71a1 4707fef7ab43a522b3cf7f5c0db4c148c5a43701 303187afb2cbbbf6095724df7eaf8c7967bb019dc17e1224d9e2366ac7f381c5
GET /landings/274421/1662542857/js/function.js?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: liab8UeBT3W3AT/bneG+cvmNHhaVKJM92+VcsIgMdpVEokY4a37n6tu+RBvFC1t05GVMs62UBbc=
x-amz-request-id: GWA0T25S86MZ70A0
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "5da2c51949f2a873bf0091a104658e72"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 688
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/js/jquery-2.2.4.min.js?1662542858 | 184.31.15.107 | 200 OK | 30 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/js/jquery-2.2.4.min.js?1662542858 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (32065) Hash2fa28552f1ee4e1382ee43930b53afb8 803670da6a35378bf4eb73acc8e72fe4feb5ca30 ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /landings/274421/1662542857/js/jquery-2.2.4.min.js?1662542858 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 2YGXjoH4O0SzJO8ipW8pW5dOv8o7vBZojiso6G5E2cu1zHAGdd603sH0z22bBUeCcNmNx4XY5MU=
x-amz-request-id: GWABPP633F2RBPQG
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "2f6b11a7e914718e0290410e85366fe9"
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 13 Sep 2022 16:27:54 GMT
Content-Length: 29855
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| odzrea.speciaidates.com/c/1e3a4e532f1c7040?s1=116914&s2=1419167&s3=35929&s5=&click_id=37_35929_4177_d21324be800fd4f304ae506351edce11&j1=1&j8=1 | 52.19.101.114 | 200 OK | 5.9 kB |
URL HTTP/2odzrea.speciaidates.com/c/1e3a4e532f1c7040?s1=116914&s2=1419167&s3=35929&s5=&click_id=37_35929_4177_d21324be800fd4f304ae506351edce11&j1=1&j8=1 IP52.19.101.114:0
Hashbc8d31d380f7ce51180634b5fffdf1b3 afd915a0b0a4101edf5bb2884edc066de58a5e0a 76716342e410d88b8d5c500c5084d47400044849d0b83c64e558988655e5b923
GET /c/1e3a4e532f1c7040?s1=116914&s2=1419167&s3=35929&s5=&click_id=37_35929_4177_d21324be800fd4f304ae506351edce11&j1=1&j8=1 HTTP/1.1
Host: odzrea.speciaidates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://tr.watchcpm.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 16:27:54 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6320af8a0003eaeb; Path=/; Expires=Sat, 12 Nov 2022 16:27:54 GMT; Secure; SameSite=None
unique_id2=6320af8a00057260; Path=/; Expires=Mon, 12 Dec 2022 16:27:54 GMT; Secure; SameSite=None
6320af8a00057260_c=1; Path=/; Expires=Mon, 12 Dec 2022 16:27:54 GMT; Secure; SameSite=None
ref_token=116914; Path=/; Expires=Thu, 13 Oct 2022 16:27:54 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Tue, 13 Sep 2022 16:27:54 GMT; Secure; SameSite=None
6320af8a00057260_sl=[274421]; Path=/; Expires=Tue, 27 Sep 2022 16:27:54 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo-white.png | 184.31.15.107 | 200 OK | 9.5 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo-white.png IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typePNG image data, 300 x 124, 8-bit colormap, non-interlaced\012- data Hash27a8fdccc08741c52422bd4852f87c3a b103730d95829f64c0746b97a85e0ada4f6c18a2 7afbc6f7cb728a9b4dfd7791a8207c60bdd255ea2f00ba12880bee15f7fbdff0
GET /landings/274421/1662542857/images/logo-white.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7ZAH5KV1T5E4tllgJ/I7XKq9d8Ul4Vvef6udhyYU5AwFMnU34q779ftJ47G7tZ/bHU40y4JvOWo=
x-amz-request-id: K9QTE3PTCDQ46836
Last-Modified: Wed, 07 Sep 2022 09:27:40 GMT
ETag: "27a8fdccc08741c52422bd4852f87c3a"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 9461
Date: Tue, 13 Sep 2022 16:27:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/1.jpg | 184.31.15.107 | 200 OK | 62 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/1.jpg IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 900x1280, components 3\012- data Hash765620bf3d6dcdb5495b70409b6b4ba8 f4a00a38ca93130e5e0398deea0ba2f928e2172b e0d65a21b743f7fe6de2f4bd57316546e7f30c7810740d68322a44dfe3004373
GET /landings/274421/1662542857/images/1.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: eUWyLc+8ziViZADtTw5rDVrJAaa2gq6hlK5ZrSo1BYSaq/2wKs9UbaP5dOL+wQYn18/YA8Jlsqg=
x-amz-request-id: K9QS8XCHQASQKRWN
Last-Modified: Wed, 07 Sep 2022 09:27:40 GMT
ETag: "765620bf3d6dcdb5495b70409b6b4ba8"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 62164
Date: Tue, 13 Sep 2022 16:27:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo.png | 184.31.15.107 | 200 OK | 41 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo.png IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typePNG image data, 1024 x 256, 8-bit/color RGBA, non-interlaced\012- data Hashc0647e470e90e4e76c886ef3f4c651ac fe1dd72ac0432bd8f261672c7c336cf902503d3c 1d4ad487984a8f689c904f3c2532f034b03d361c081dae581752cdc20d983037
GET /landings/274421/1662542857/images/logo.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: y5+W6JBLF5ERrCXStCeSvM58T01De+0SVzHIvtibwnxEd495AjCOpG1+CYnL6946WhRtSzfVfytUCcU7lKdTJg==
x-amz-request-id: P885R6HYKNRYW5DN
Last-Modified: Wed, 07 Sep 2022 09:27:40 GMT
ETag: "c0647e470e90e4e76c886ef3f4c651ac"
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 40774
Date: Tue, 13 Sep 2022 16:27:54 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.35 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.35:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 16:03:22 GMT
Expires: Tue, 13 Sep 2022 16:14:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cN2Q1sbzVoFomSpCQ0k_ETJ8fNqKGKdU-Fxf56DlLCO20UnCvm2N7g==
Age: 1472
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 472 B |
IP142.250.74.3:0
Hash4a68e0856575d52f7778bc821b5c881b 0956533f660fd0e7096540292f9b60451f60f148 0fde07586af73476634e76ed5badfce43d8b4ec078fd0f172d80c28ad98e3d27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap | 142.250.74.10 | 200 OK | 1.1 kB |
URL HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap IP142.250.74.10:0
Hash7ae85e0c1bc3fa7ab7ec1af8f82a74a5 f1ec50849e26cb4d2bbdd19f675fa4c3b260ff5e 653bf67dfaad3423db0de28b8f5c0ef2ab4a528668f818c6d289897a1c471441
GET /css2?family=Roboto:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 16:27:55 GMT
date: Tue, 13 Sep 2022 16:27:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odzrea.speciaidates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 507227
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.163 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://odzrea.speciaidates.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:34:08 GMT
expires: Thu, 07 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 507227
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| cdn-dimi.akamaized.net/images/favicon.ico | 184.31.15.107 | 200 OK | 4.1 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/images/favicon.ico IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Hash4cdf3256cd7b8ec3917adb79d6bf457e bc615337e9223183a126c8fb649774866fb53e69 fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /images/favicon.ico HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10=
x-amz-request-id: 2XWP9N688THY1C8H
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e"
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 4103
Date: Tue, 13 Sep 2022 16:27:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb7e665b6b70fa840ee6a1417da402132 658fa05afcf7752e8cb02979c28874efb0f4ddd8 9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashe96dbe1b54932c8f447bbbfc9d31cfb0 b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd 427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 123
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 16:27:55 GMT
Last-Modified: Tue, 13 Sep 2022 16:25:52 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
|
|
| odzrea.speciaidates.com/js/pushjs/1.0.0/utils.js | 52.19.101.114 | 200 OK | 12 kB |
URL HTTP/2odzrea.speciaidates.com/js/pushjs/1.0.0/utils.js IP52.19.101.114:0
File typeC source, ASCII text, with very long lines (32159) Hash262c195b66413b88c5fa395ffad05796 d2a9689d861d63c9f6e6857be9f53aa292e43462 33a8085f0dfed0a9f9046173aa24aa4b0c0f25051a0461a2045479904d508815
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: odzrea.speciaidates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/c/1e3a4e532f1c7040?s1=116914&s2=1419167&s3=35929&s5=backuser&click_id=37_35929_4177_d21324be800fd4f304ae506351edce11&iexpp=1&j1=1&j8=1
Cookie: unique_id=6320af8a0003eaeb; unique_id2=6320af8a00057260; 6320af8a00057260_c=1; ref_token=116914; impression=; 6320af8a00057260_sl=[274421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 16:27:55 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 16:27:55 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.149.83.187 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.83.187:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q9U9qskt28AeDsUmCsFl4w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DB/K30UPhNyWXEcKr+1XIqsDKIc=
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/2.jpg | 184.31.15.107 | 200 OK | 103 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/2.jpg IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 960x1280, components 3\012- data Size103 kB (102832 bytes) Hash3b8b455b24c71ae1f928266241e9517e 8b98ca60c92b83e039c3b996f090883ed8b7ca75 c8d05f7eda85f68f0a08307eeee4e481282fda95570dd53f300b8aadd4f504f6
GET /landings/274421/1662542857/images/2.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gp+KW+XsF1eQMR6ru1ICTiI9NPOyrlTud/NqgB36ZFfadebh4ucJpcBIoPjYE07UBAv8h11Qnhg=
x-amz-request-id: S7YEGPE37SG28KHD
Last-Modified: Wed, 07 Sep 2022 09:27:40 GMT
ETag: "3b8b455b24c71ae1f928266241e9517e"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 102832
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/3.jpg | 184.31.15.107 | 200 OK | 150 kB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/3.jpg IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1108x1280, components 3\012- data Size150 kB (149812 bytes) Hash8ff03d86c53d978e5527374b5bcd5114 2b63b0853d74e24d74d26dbf9622c407e3c74ea9 10dedae19a11a0cf1cea2db4646bde720e63e35140f38ae3453fa2a4e4649e1c
GET /landings/274421/1662542857/images/3.jpg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PJXEaesO2MayljWdvNJCu5HeZAYazV9pENLftMzTFMSpLWEOktW+X5+JBuKRPWn8dQz7TyzRX1g=
x-amz-request-id: S7YCNA1EH6Q0J77N
Last-Modified: Wed, 07 Sep 2022 09:27:41 GMT
ETag: "8ff03d86c53d978e5527374b5bcd5114"
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 149812
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| cdn-dimi.akamaized.net/landings/274421/1662542857/images/1.mp4 | 184.31.15.107 | 206 Partial Content | 1.6 MB |
URL HTTP/1.1cdn-dimi.akamaized.net/landings/274421/1662542857/images/1.mp4 IP184.31.15.107:0 ASN#20940 Akamai International B.V.
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data Size1.6 MB (1560164 bytes) Hash379ddec6d7d6e118bd7565d1c83dbb90 16becb1b44f3f35b0fa239668901338cba6eff06 5635dd2c6c23dfdc3e4eb82afc4231a27e8522ec332b8568a3fc7ae8755fec94
GET /landings/274421/1662542857/images/1.mp4 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
x-amz-id-2: GbYGyun+5RA0M2MnBCzcNmNAY0OKRDXOfebKxarP9zvd0eRe3feVuwlHbyhcFSd2aPFHcgzRBqA=
x-amz-request-id: FWGFKQ02G78VHADJ
Last-Modified: Wed, 07 Sep 2022 09:27:40 GMT
ETag: "379ddec6d7d6e118bd7565d1c83dbb90"
Accept-Ranges: bytes
Content-Type: video/mp4
Server: AmazonS3
Date: Tue, 13 Sep 2022 16:27:56 GMT
Content-Range: bytes 0-1560163/1560164
Content-Length: 1560164
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Tue, 13 Sep 2022 17:38:10 GMT
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Tue, 13 Sep 2022 17:38:10 GMT
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Tue, 13 Sep 2022 17:38:10 GMT
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashfe792a43fbfd72d158215bb5fa087c19 5b28cebdebfdd33871fa4982f39a89f5ce3cbf99 ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4214
Expires: Tue, 13 Sep 2022 17:38:10 GMT
Date: Tue, 13 Sep 2022 16:27:56 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9d97e56f75165efcc71ae54952ded405 28d47359e70789115b2954b6c94711bb783b3c8c 564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 13:36:17 GMT
age: 10299
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6174529fff57758e958da5432344962f 05ec2076b32398d60ee77fab8c14345bc7dfe647 65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 47452
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash838f709437b2dfbede4ee15307afe217 2ab2ee20e720b78be6deb55f967ac0d8b7dad048 a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 66637
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc14088c4ca0d576e087feed41b7f1565 172b23f2ef39b6c3fdebb5441b10a95712206d0a 2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 67564
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg | 34.120.237.76 | 200 OK | 9.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc9ab2ec10c79b91d15edb1d1e3dc763c 744fee4a0baa22ba3aa352d60620a916972b47dd f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 66742
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash239262b6ab17cb19414c35cd4f761092 48eddcf9838e980e67cc8f9cbb05b475df2f0331 cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 66735
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain | 143.204.55.35 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain IP143.204.55.35:0
File typePEM certificate\012- , ASCII text Hash742edb4038f38bc533514982f3d2e861 cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1 b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0j0g7aG9iBUm8VuMSX1zcS5bhGI9VTv1I5eOf160jQhSybBKU43HjA==
age: 42765
X-Firefox-Spdy: h2
|
|
| odzrea.speciaidates.com/js/service-worker.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2odzrea.speciaidates.com/js/service-worker.js IP52.19.101.114:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/service-worker.js HTTP/1.1
Host: odzrea.speciaidates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: unique_id=6320af8a0003eaeb; unique_id2=6320af8a00057260; 6320af8a00057260_c=1; ref_token=116914; impression=; 6320af8a00057260_sl=[274421]
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 16:27:55 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 16:27:55 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| odzrea.speciaidates.com/js/pushjs/1.0.0/subscriber.js | 52.19.101.114 | 200 OK | 0 B |
URL HTTP/2odzrea.speciaidates.com/js/pushjs/1.0.0/subscriber.js IP52.19.101.114:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: odzrea.speciaidates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://odzrea.speciaidates.com/c/1e3a4e532f1c7040?s1=116914&s2=1419167&s3=35929&s5=backuser&click_id=37_35929_4177_d21324be800fd4f304ae506351edce11&iexpp=1&j1=1&j8=1
Cookie: unique_id=6320af8a0003eaeb; unique_id2=6320af8a00057260; 6320af8a00057260_c=1; ref_token=116914; impression=; 6320af8a00057260_sl=[274421]
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 16:27:55 GMT
content-type: application/javascript
expires: Tue, 20 Sep 2022 16:27:55 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Ubuntu:wght@400;700&display=swap IP142.250.74.10:0
GET /css2?family=Ubuntu:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 16:27:55 GMT
date: Tue, 13 Sep 2022 16:27:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|