r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12674
Expires: Mon, 06 Feb 2023 06:18:41 GMT
Date: Mon, 06 Feb 2023 02:47:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15875
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 02:47:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 02:34:01 GMT
content-type: application/json
age: 806
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2519
Expires: Mon, 06 Feb 2023 03:29:26 GMT
Date: Mon, 06 Feb 2023 02:47:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zTVz6XDenjBozs6KkK0YMMFf4HHfUxZAruKO4xqRPeLyTJDN9sne9j2tTQqX0FLibV76D5nvSD0=
x-amz-request-id: WK1Y0EB1M2MB766M
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 02:24:46 GMT
age: 1361
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 02:47:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bello.flu.cc/ml/vrs/sly5/pny/panel/admin.php
72.52.179.174200 OK 2.3 kB URL HTTP/1.1 bello.flu.cc/ml/vrs/sly5/pny/panel/admin.php
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (634)
Hash 8266dd3724272949bb2a19aefb69b706
ed4694e9ae8cae8963efabf661cf5dfadef4b802
5f9a9eff9a6e6b58dc1b5de877a77585d0cf9403da3e107bb69175787a6c8e22
Analyzer Verdict Alert fortinet Malware
GET /ml/vrs/sly5/pny/panel/admin.php HTTP/1.1
Host: bello.flu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 02:47:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
bello.flu.cc/page/bouncy.php?&bpae=GbhGtLnGtUx7tbvvvfFGZTNNnofsAhHmL9c25qjNsl%2BjpyHFkzWjW4jymm9SpZ1C29RjAyH09KpMKfQYJTYxnbBKfNjqvwWQmUCzYRiTjM9PUbc%2BGhTpJ2AX%2BL74BXxsP9qIVlB0v%2B7aHQbfon2mISYM06%2BlpvYeUABP23Gl9A%2BsK1id3pDfphUO%2FR4%2F8mJqCOkrHHRc3HYbaWVm2uMh01mGpPGzRSWN%2B%2BYrk%2B8hBpnXi2fGU5vffOQHrYXwH%2BK4%2B8MYMoX%2B8NajMA3PifzKL2s%2FSU55TSsd%2Fx5LkKHEtFfoeA5pJEus8zVXTbzC3%2BQ7J3KjC3tw1sOi%2FtU3V5%2FhVP20UqqWuQQsJNCHXubegKeDUF2erhVfnRwae6H2lOKSqcyNqpHxx5qQnOKTnizdaU7gb41wGg1yLvW74YOxoMmW0gyb3bWkr9aj45p%2BoajsEN8W8AM1Haq7nGx3CcmiI6uJN7desN71DfDQanNMmY96F4KesQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
72.52.179.174200 OK 982 B URL HTTP/1.1 bello.flu.cc/page/bouncy.php?&bpae=GbhGtLnGtUx7tbvvvfFGZTNNnofsAhHmL9c25qjNsl%2BjpyHFkzWjW4jymm9SpZ1C29RjAyH09KpMKfQYJTYxnbBKfNjqvwWQmUCzYRiTjM9PUbc%2BGhTpJ2AX%2BL74BXxsP9qIVlB0v%2B7aHQbfon2mISYM06%2BlpvYeUABP23Gl9A%2BsK1id3pDfphUO%2FR4%2F8mJqCOkrHHRc3HYbaWVm2uMh01mGpPGzRSWN%2B%2BYrk%2B8hBpnXi2fGU5vffOQHrYXwH%2BK4%2B8MYMoX%2B8NajMA3PifzKL2s%2FSU55TSsd%2Fx5LkKHEtFfoeA5pJEus8zVXTbzC3%2BQ7J3KjC3tw1sOi%2FtU3V5%2FhVP20UqqWuQQsJNCHXubegKeDUF2erhVfnRwae6H2lOKSqcyNqpHxx5qQnOKTnizdaU7gb41wGg1yLvW74YOxoMmW0gyb3bWkr9aj45p%2BoajsEN8W8AM1Haq7nGx3CcmiI6uJN7desN71DfDQanNMmY96F4KesQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false
IP 72.52.179.174:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2d31aba73c4252273e7f8e0a5dcda853
1b33e9e56c2ec97b894377410cadfe839ca6de50
7b17ca0b962ae5104618b4968fb9a848eaa8fe14412f7335c8a7735433180fde
GET /page/bouncy.php?&bpae=GbhGtLnGtUx7tbvvvfFGZTNNnofsAhHmL9c25qjNsl%2BjpyHFkzWjW4jymm9SpZ1C29RjAyH09KpMKfQYJTYxnbBKfNjqvwWQmUCzYRiTjM9PUbc%2BGhTpJ2AX%2BL74BXxsP9qIVlB0v%2B7aHQbfon2mISYM06%2BlpvYeUABP23Gl9A%2BsK1id3pDfphUO%2FR4%2F8mJqCOkrHHRc3HYbaWVm2uMh01mGpPGzRSWN%2B%2BYrk%2B8hBpnXi2fGU5vffOQHrYXwH%2BK4%2B8MYMoX%2B8NajMA3PifzKL2s%2FSU55TSsd%2Fx5LkKHEtFfoeA5pJEus8zVXTbzC3%2BQ7J3KjC3tw1sOi%2FtU3V5%2FhVP20UqqWuQQsJNCHXubegKeDUF2erhVfnRwae6H2lOKSqcyNqpHxx5qQnOKTnizdaU7gb41wGg1yLvW74YOxoMmW0gyb3bWkr9aj45p%2BoajsEN8W8AM1Haq7nGx3CcmiI6uJN7desN71DfDQanNMmY96F4KesQ%3D%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: bello.flu.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bello.flu.cc/ml/vrs/sly5/pny/panel/admin.php
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 02:47:27 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
X-Powered-By: PHP/5.4.16
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 01:51:17 GMT
age: 3370
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6499
Expires: Mon, 06 Feb 2023 04:35:47 GMT
Date: Mon, 06 Feb 2023 02:47:28 GMT
Connection: keep-alive
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash bb5dc1efef8411ccb1e863268431cdde
ca29eaa530b4af6384b814d7c959a03442df4829
af97534df8f38fd674bda6f15d4692fa19eb13aa7918caec309a48a38300f6a1
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 06 Feb 2023 02:47:28 GMT
Last-Modified: Mon, 06 Feb 2023 02:08:17 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x0lk2ei5T09z5JjicIKEW5EcOB2n1EqbgqOG4XIv1vfeslOCK5-sjw==
Age: 2351
push.services.mozilla.com/
52.43.31.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.31.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eA0sg2LCej2trW6JKuSndA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mPAAlliCr3ZE+g+7cOU5j+2+ahw=
alia-iso.com/favicon.ico
54.237.193.255404 Not Found 653 B IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcredirect?visitid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 02:47:28 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: KWrYbzvS
X-Firefox-Spdy: h2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dwflhshipo704g2em2i8j7rdg&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&cid=wflhshipo704g2em2i8j7rdg&rt=R
18.197.36.77302 Found 0 B URL HTTP/2 cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dwflhshipo704g2em2i8j7rdg&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&cid=wflhshipo704g2em2i8j7rdg&rt=R
IP 18.197.36.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fwinnersailor.com%2Fapi%2Fv3%2Foffer%2F7%3Faffiliate_id%3D477%26url_id%3D89%26aff_sub2%3Dwflhshipo704g2em2i8j7rdg&caid=4d02b807-8e18-45a2-be63-5d40ac7a88cf&zpid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&cid=wflhshipo704g2em2i8j7rdg&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 06 Feb 2023 02:47:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=wflhshipo704g2em2i8j7rdg
pragma: no-cache
set-cookie: cc-v4=KJ3HqmlTj1NyOS%2BiFGTjJvlB%2F4MjFeFqNDE2aSOwlHezi0AOHycxH4aUfaGgu%2BGd%2FVzwcFP8SEWpvZkHkClkMS1vScdeMaqbUalZyL4dpakd1hVMsUvS2UU9AJ6TI%2B1NYfgkhzJwrOS3XI%2FDdfk0OA%3D%3D; Max-Age=31536000; Expires=Tue, 06-Feb-2024 02:47:28 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/AIbas-Y1NAw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/AIbas-Y1NAw
IP 142.250.74.131:0
Hash db098aced59a8b436d6a38590b304d1d
90d8454046bc7c8cb5ffafa26e43b08f21364627
86b8361ee27783347528189757ac258876a8b532a41c4e7eec2d22cd4b3c3deb
POST /s/gts1p5/AIbas-Y1NAw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/AIbas-Y1NAw
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/AIbas-Y1NAw
IP 142.250.74.131:0
Hash db098aced59a8b436d6a38590b304d1d
90d8454046bc7c8cb5ffafa26e43b08f21364627
86b8361ee27783347528189757ac258876a8b532a41c4e7eec2d22cd4b3c3deb
POST /s/gts1p5/AIbas-Y1NAw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:47:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7223
Expires: Mon, 06 Feb 2023 04:47:52 GMT
Date: Mon, 06 Feb 2023 02:47:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 000cb25b2cb4fa30ce745582dafbab99
a5227f79e64bcab8d8f03822e6d408400a03a23e
7f6a2a99bff95672d34b41489d0dd1132ab8654b745e728e15ed95e987b7ed62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b68c1a-7013-4183-b5b4-d006c6f9e7a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10582
x-amzn-requestid: e18bacd8-6d0e-4957-93ab-97def7442f8c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4okSFKKIAMFlUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0214e-05486d9b283cedc008cba781;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: p1ToWLG__PFWEMRxlPZcouvOTijPoUcMr7ubDCNcy2wMwgusbBjGPA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:04:24 GMT
age: 16985
etag: "a5227f79e64bcab8d8f03822e6d408400a03a23e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 17846
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2e321721a636309ac45c6722f71a5d5
8f4224824571577109bf32b1fa7646dbfb88e818
a52611068a9694594dec4dddb1bd29afdbba897a2e1f61dcf3ceb81e262912e8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24980299-b46f-4879-99f8-3d6a5bcd2153.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12459
x-amzn-requestid: 5dd251ba-30e6-47aa-846a-9cefa9aa4928
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPHlWIAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-402585d71ebd0ebf75af210d;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dMwyfVFayhAjpMMOiE96N2N5TwdvJ52UvscJ6miuz4W3qNKXVS9jaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:11 GMT
age: 17838
etag: "8f4224824571577109bf32b1fa7646dbfb88e818"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tNp3KhwtaSjchn-VAo1VellQ63I1W9uIbkQ_84Y7z_4z--vGfz8PGA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:53:56 GMT
age: 17613
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13572f84ad268caedcc897f2ad7b9baf
afb91ab43953e8915a2169618d2ab5e330cde0a1
0fb8b09608dc293b2084953b948cc7d8a7aa7bcb525090a7e44d5cb2a725fab3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8827daad-7b04-4c60-a6f6-c1b923025413.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7851
x-amzn-requestid: 11d3fe95-844b-4e5d-b31c-f99e96e2b608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHeEIAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-602b91422dff88a750b8e3e9;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7LXNdWi5iKCUI61c2z3spsg5_DGu1jnZ4cIACc3MCmqWP57RveBMGw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 17846
etag: "afb91ab43953e8915a2169618d2ab5e330cde0a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
alia-iso.com/zcvisitor/97751b75-a5c8-11ed-8efb-0a37a389d0bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97
54.237.193.255200 OK 12 kB URL HTTP/2 alia-iso.com/zcvisitor/97751b75-a5c8-11ed-8efb-0a37a389d0bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97
IP 54.237.193.255:0
Hash 087f9364d2dabadb3a1cf043165604ca
79e40f3d7e6c9ddf900b4f39efc33e1776851cad
f97e3972a91a6ab7700b30a516b2efe60ac1bfb7fd7936f96ecc750463b97c39
GET /zcvisitor/97751b75-a5c8-11ed-8efb-0a37a389d0bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97 HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bello.flu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:28 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: KWrYbzvS
X-Firefox-Spdy: h2
winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=wflhshipo704g2em2i8j7rdg
104.21.6.16302 Found 1.7 kB URL HTTP/2 winnersailor.com/api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=wflhshipo704g2em2i8j7rdg
IP 104.21.6.16:0
Hash e60690712b77154660ad813865ce67f1
9b4ee9ec21917aa2bcdf310ded87fd305cc8351c
79ca0f85e643b4356ff2d053e5a0872e2c1f476c21729381e773a010123a6b78
GET /api/v3/offer/7?affiliate_id=477&url_id=89&aff_sub2=wflhshipo704g2em2i8j7rdg HTTP/1.1
Host: winnersailor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 02:47:29 GMT
content-type: text/html; charset=UTF-8
location: https://swordsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=627103c1bd1e0a859c597c564f521cf2&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=wflhshipo704g2em2i8j7rdg&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
expires: -1
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnkMHGH%2FcGc9gZXWAd2aptiE81Hdt0nPxg1RlRTEaUBDqpw4BuK%2FttUslontlRx8WQpDEVpnFtJZdJLvlBMM9oNln1mI7hP%2BIG2Q%2Bf8kvCZ0n6qpYhttZmH52CDpj9CDiY7N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fb5dc3d1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 852a3a8c156bbde1cae43b5583608af6
9b7df1666faabbe1094513d0a2719a79522b7d61
bd8a124e023c30115edbe21a51faa40cba851129b5264c42d2f9917407d4d327
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:30 GMT
Last-Modified: Mon, 06 Feb 2023 02:47:29 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/zzpHcv2MH60
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zzpHcv2MH60
IP 142.250.74.131:0
Hash 011553e644af76c918b8a9ad5e6e9fd0
886b831fb9a8b8bc50a530def7596019278cb537
73aa9691a6b30a8047c9306cd66b20f8663392fb891564285b0dcde36133ecbd
POST /s/gts1p5/zzpHcv2MH60 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
table-offers.com/bitcoin-era/images/bitgo.png
188.114.96.1200 OK 2.8 kB URL HTTP/2 table-offers.com/bitcoin-era/images/bitgo.png
IP 188.114.96.1:0
File type PNG image data, 92 x 38, 8-bit colormap, non-interlaced\012- data
Hash f27ed5020bef246b6728d680daad1ea2
537c501fce1aa89ab44ea482a656fcecb502449b
5a5e7bf9024b3136afba904d490c1242c2593ec628fcc1cd7ab6a84d75e59890
GET /bitcoin-era/images/bitgo.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 2781
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-add"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6%2FI%2B1WT225X%2BSi%2F0v0W2bOwwrrvxJS3bOZ2KJK5tc%2Fb4ZpgrNW%2B5lwD7C123UMaNMeIx2F3cHXQd2GfpDIPkRYiGTRxT09VLwjT72SrzwpQtGhTUt4Kpet6cSdMFQ%2F8sP%2Ft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc219a0b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/norton.png
188.114.96.1200 OK 2.7 kB URL HTTP/2 table-offers.com/bitcoin-era/images/norton.png
IP 188.114.96.1:0
File type PNG image data, 80 x 43, 8-bit colormap, non-interlaced\012- data
Hash f09134a25691a53add6186a1ca3faa2f
557b926d4927ad7e518076d7e9c6f46a2efd205e
1990f2515957f87343bd3044ddbdb7aa8c5043bdc2697c089c617aa520a7450b
GET /bitcoin-era/images/norton.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 2675
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-a73"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eb4u506tQ840TcsQb8edSg8llhhcpARlWZHnjpJde5PfMEFHSUcH1nz%2F%2BUWOYD6qCGx57gvgK8x%2Funj%2BU98SV228GcoJPSDZ4xIg7fYWDnupeT09unMhRHE0Z1vb3NnULog%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc219a1b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/secure-trading.png
188.114.96.1200 OK 2.5 kB URL HTTP/2 table-offers.com/bitcoin-era/images/secure-trading.png
IP 188.114.96.1:0
File type PNG image data, 138 x 30, 8-bit colormap, non-interlaced\012- data
Hash c795f6fc54767559c4018d8c74b7f2eb
c691d967252493621453fda45178495dd3cd7b64
ffe1197077cb1181b5661a8ea78fe28c1062ad81f2ebb8074dc885a220fceb88
GET /bitcoin-era/images/secure-trading.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 2543
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-9ef"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WgyDlWwA6hxFnNR6BMJNXcmTphxcuFupZ58pHJen%2FvVYMAgsbgztqa4FGXaPgaQ8i29256iZIFO%2BWza%2FQyaWBRdrvFXxdnHEQmG5VSxAYyywSKiiJOzDooUcQxOvxy3nvWwp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc219a2b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/logo.png
188.114.96.1200 OK 22 kB URL HTTP/2 table-offers.com/bitcoin-era/images/logo.png
IP 188.114.96.1:0
File type PNG image data, 1408 x 249, 8-bit colormap, non-interlaced\012- data
Hash 753d2ce47e70ab63c1429c25a4ad2627
993cd648075740fb18501fcb2a73b023e2988242
b8d10960a3b95d49ee478c3961b904afeca854eb6e827d087b552297f6891b63
GET /bitcoin-era/images/logo.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 21482
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-53ea"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJzHIC%2F1TK7zOvNnQLbuLsQjPeOJQykRh1RTv5ErM04JVus6rL2Q21fANW0945Oh6kKPrBANIfhPKjf1xQTx%2FMCCUpli88p6BNAQT90TpYjaofnAJT0vN7Yrsx1DhXnI1fao"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc2199eb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/mcafee.png
188.114.96.1200 OK 2.6 kB URL HTTP/2 table-offers.com/bitcoin-era/images/mcafee.png
IP 188.114.96.1:0
File type PNG image data, 130 x 31, 8-bit colormap, non-interlaced\012- data
Hash fd28ea855b811945fc60e39ff58ce160
d89372b47b316955bf8b33165007ff6f1d26f6af
84889440b1d26f213285dad200ddbea59b97c62c7b74b7c416b6c420c2cd553c
GET /bitcoin-era/images/mcafee.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 2631
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-a47"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdPmWYcNhxMWPcUDCtxmQO1NRSvQ7WpOQopWNYh7T%2FcmVn3WLFXYE1rqq%2Bkv8xMaCaXmZ7UnVs1tpWIpfl7kHFTf3ppSX8NA8uTppnBDfVuNUlx4yUZGrAAOQDrFZ42mUuV8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc229a8b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/seenon.png
188.114.96.1200 OK 51 kB URL HTTP/2 table-offers.com/bitcoin-era/images/seenon.png
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:06:22 23:29:56], baseline, precision 8, 644x51, components 3\012- data
Hash d75dfb0c1fb21a65165840140d0058af
1222a2c54386439e0f2ea1bb017da264fc430ae7
084f732f8a7b4b6ae833e14ad630860328b775e38b094e4c71940c040d85a7d6
GET /bitcoin-era/images/seenon.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 50693
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-c605"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08GYOnCZ4OHzMnARgt2r4gU6WNCY5STEfSxmaEesXOrBRsXYSSTMgM1bOyedqKHy2kwum1DlsCkpBUWiaWuxm4uCHiUgzEieVvCHzOnQgY1sQ4ANJG7vHzehg5NzJhLvrKzR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc229aab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/zzpHcv2MH60
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/zzpHcv2MH60
IP 142.250.74.131:0
Hash 011553e644af76c918b8a9ad5e6e9fd0
886b831fb9a8b8bc50a530def7596019278cb537
73aa9691a6b30a8047c9306cd66b20f8663392fb891564285b0dcde36133ecbd
POST /s/gts1p5/zzpHcv2MH60 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:30 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
table-offers.com/bitcoin-era/images/feature-img-1.png
188.114.96.1200 OK 6.3 kB URL HTTP/2 table-offers.com/bitcoin-era/images/feature-img-1.png
IP 188.114.96.1:0
File type PNG image data, 119 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash 1154b770c07a0cfb1e6697f10a08c576
57b6bf5d5691145bbbed588149a97c992704d415
5d325681a72685121ef7e8fe39b06e0555dc991be8135006a26c026fcca08916
GET /bitcoin-era/images/feature-img-1.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 6278
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-1886"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2B%2B0%2FPHQyKt%2FmmagPzAdOFUP%2B6dpn1HdSD7z2oyXHvZUChGsY8wcWxF2OC4yYV6LJPeLRCePwzEOBrYzRRGDenh9oADCVp5YD3zOL1TQ0a1X7m9bflWZ%2BHTyYsuAj09L9R3i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc229acb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/feature-img-2.png
188.114.96.1200 OK 2.4 kB URL HTTP/2 table-offers.com/bitcoin-era/images/feature-img-2.png
IP 188.114.96.1:0
File type PNG image data, 120 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d17ad723f8e42bf27c576cf31272dc2
a08a4a3b59845fdf8104034d58381150ea513a84
63590b41f1d94048485847ceaf28dfe9943cce476b14ffad878889d1b25749ed
GET /bitcoin-era/images/feature-img-2.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 2422
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-976"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQIVqVzUxSAdsWm9ouaAtNTSgXlfCPzPyTLXAypnR0yOfA2izKmQHZBMK6W9BQlb0t16WLkeDgR3eo8vUqd4kqh56rp2tvAPcaa1P3fIPOZB6eu4HrM%2FUgNUP76KtbfbLJrz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc229afb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/feature-img-3.png
188.114.96.1200 OK 3.9 kB URL HTTP/2 table-offers.com/bitcoin-era/images/feature-img-3.png
IP 188.114.96.1:0
File type PNG image data, 124 x 112, 8-bit/color RGBA, non-interlaced\012- data
Hash c8cdd536e2a491281e7007964f820c8d
41ab5674c7a378d8549d5f2f2fa5ad413a057aa0
6ba7555d46ebf8b8611af1a70bf62d0cb22155efc3bb835fbdd953930349467a
GET /bitcoin-era/images/feature-img-3.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 3865
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-f19"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJgfha87R3iLPhxaF3GBA0qXub%2FDtfqsbNAiK5hWxISLqti7kLpY1yaO96Jc26Xkfd%2FE%2F9uPNGXdQlzfWaNAOYQRkg0gDlbJHMWAAsNIGM8GiMDJv4e6uCtiq7pGDOj5agSI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc239b5b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/tick.png
188.114.96.1200 OK 752 B URL HTTP/2 table-offers.com/bitcoin-era/images/tick.png
IP 188.114.96.1:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 277e80270a763ab29b5534172bd78bb5
48736e4e9d0aacfa13c951f075b958a2d607bbc9
20fb2dc2107e319efc88a760cd8d02fc326923afa8d300eacd94f814b67c0c32
GET /bitcoin-era/images/tick.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 752
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-2f0"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kOnrFaM0VsqM2KRIJCCmxPT1txZyXeUjtz%2FtZRccK01Ywaw%2FAOSF67WnsL%2B03jgzljLk97BFf%2FkybHQwjOaSqrw2cEqpUwr0AO8vCiR5cKyHpWxc4n7sTN%2BAN5U7hoX4y1f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc239b6b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/step-img-1.png
188.114.96.1200 OK 4.5 kB URL HTTP/2 table-offers.com/bitcoin-era/images/step-img-1.png
IP 188.114.96.1:0
File type PNG image data, 117 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 4eea47e521ec56ea089eb23bbfa3830b
c8e78677e343713d62d1ed8f4fa9909c7130e77f
97e3436ec9589857a11c9e645a460f394ca417e4328c757148dae39078ba5535
GET /bitcoin-era/images/step-img-1.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 4479
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-117f"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlwYDCm%2FariuqI5IAIVqbX1EJnlqpSv9yZKSKJAl7OPdrg4a9vDaZr%2FusCE5wBfcwh24tsmwo6erv%2BW92X3R8usdYd2YVoNAtu8Uv1MFEMsya%2F%2BsifwYlEEsxCXFPFn61PaM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc239b7b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/step-img-2.png
188.114.96.1200 OK 4.6 kB URL HTTP/2 table-offers.com/bitcoin-era/images/step-img-2.png
IP 188.114.96.1:0
File type PNG image data, 110 x 97, 8-bit/color RGBA, non-interlaced\012- data
Hash 0299d90afa219e62449349aaae16d05e
1cf5515dc3ec693bfca2b71d03a9d23c581867d7
14c5c8721392664e30296129a0ff5375c0869162ee6cec8592f0d59a5d2f05bb
GET /bitcoin-era/images/step-img-2.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 4550
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-11c6"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTU4cBgrNXMhnUd%2F1UUoY4Nzkg7sKQ%2F5Yh46UTW0%2FHTln0L0o2hZBayWVaU5QFyP11nzbOa6f2qivE1xUiCfaO%2BZy7o6qRQ2osmyjBWc1EMV0FQfdz%2FMSg7ea7LbANiy8A%2Bc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc249b9b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/images/girl-holding-bitcoin.png
188.114.96.1200 OK 236 kB URL HTTP/2 table-offers.com/bitcoin-era/images/girl-holding-bitcoin.png
IP 188.114.96.1:0
File type PNG image data, 822 x 988, 8-bit colormap, non-interlaced\012- data
Size 236 kB (235560 bytes)
Hash 94f9942eb689071506c0aa022d09fe96
a3da10bd76a59354875db8b293aab942cd58900c
22e17735962c4db70746d5180aa1936c6f3c14dc65a648541cb3a9ccfeaa4757
GET /bitcoin-era/images/girl-holding-bitcoin.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 235560
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-39828"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bf7XKV2%2BPGRoo89wyGOy0xoRLKUYAuFhqsM10CkhofJCOjapSlQ0u9MaxBEvOn0vFzb2bqY2bJkDAfKB1fIWpOfxgmmknyHXwFp6xqS6U6b7PbgGXFbp3QVAau2bRGjUagts"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc229abb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.7
188.114.96.1200 OK 90 kB URL HTTP/2 table-offers.com/static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.7
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (26993)
Hash 0b8b4cc4bd716c432349c23014b5dbd0
806cb12f26fe528576036eb0374dfe25b92cb6a5
a6c604277b2e1b27559405e2cfc9d04255cf351d1fdf7ca4e499f31eeaf594fa
GET /static/funnels-sdk/v6/dist/assets/js/main.min.js?v=6.1.7 HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: application/javascript
last-modified: Fri, 20 Jan 2023 08:30:21 GMT
vary: Accept-Encoding
etag: W/"63ca511d-57a04"
expires: Sat, 11 Feb 2023 13:25:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 134502
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yj2ZU%2F5DBrCbfTPAhtCGDRmw0cgJ693ZWQAwbKF6n4d1rzbI9i30bRbrNBl5X9cgSb%2BuXZWp24jekctYyY1gG5fp55RrBnIYRfWkJ67PRqleAE5wNschx52SDEsXn3KNSGIe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc21998b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
table-offers.com/bitcoin-era/images/step-img-3.png
188.114.96.1200 OK 4.2 kB URL HTTP/2 table-offers.com/bitcoin-era/images/step-img-3.png
IP 188.114.96.1:0
File type PNG image data, 114 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash 32c386a9c9d10ec807e0db9b1114ca14
e9007cb61d82c7681cbe76f79d505fa542cf1292
f35940578816ce8edd85a61096cfd032fb0ce32ece251380309eec42effd7511
GET /bitcoin-era/images/step-img-3.png HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: image/png
content-length: 4182
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
etag: "637bc9ba-1056"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4rEC%2F%2Bgi6Xv1I9Pprr%2BHfc9qwHDqKGJFQGj8i75BalhpFcujH3wh72iabX0frBqRfQBwcZzp4qraSL%2BTnMWi%2BREESKjhA0SCG5VLk6VBLNIV3INs5YFJPIL8d39Jf4ewdvp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc249bfb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
polyfill.io/v3/polyfill.min.js
151.101.65.26200 OK 94 B URL HTTP/2 polyfill.io/v3/polyfill.min.js
IP 151.101.65.26:0
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /v3/polyfill.min.js HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://table-offers.com
Connection: keep-alive
Referer: https://table-offers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=UTF-8
last-modified: Wed, 01 Feb 2023 20:44:29 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Mon, 06 Feb 2023 02:47:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: User-Agent, Accept-Encoding
server-timing: PASS, fastly;desc="Edge time";dur=15
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
104.17.24.14200 OK 30 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32077)
Hash 5e4764d3c94d1a1db8c3d0890278b6d1
e5171f2f46e16d32df5f634ba21e47256fa9689c
5077e8927721a6a3ae5d78b456b7041230d627774a0a319beebacc88290b8328
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 30360
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-17b8b"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1498691
expires: Sat, 27 Jan 2024 02:47:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5aBSRPP6L%2B%2B%2BnScl%2Fg3afwzYHxtdQWKUwVMxAlfKIsAweqtCCrCpEMGoCkV4K%2B3AKnlY5uN30O%2BUbyiHxLp6ITJ%2FWbuFiF%2FFg1nWY3P8Mn%2BZrDCh2uLSJegPUf%2FhoysnQntMC4v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79508fc2bef7b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css
104.17.24.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (33688), with no line terminators
Hash 6005cbb851a11d96e671ddf9d436c8bf
1382edddadb6c772a690af96e42c300716faeb61
9fe48f40dcfcf138c0990c952b1a3caab503373452a39a49c2cd0ebdbd86448a
GET /ajax/libs/flag-icon-css/3.1.0/css/flag-icon.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: text/css; charset=utf-8
content-length: 1478
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5d-8398"
last-modified: Mon, 04 May 2020 16:10:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 182588
expires: Sat, 27 Jan 2024 02:47:31 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePVAhtPThiMxOHWauhtdhKe2PxQOc7ehwQv5jdXyBzXwLYbRUyBMdTzGcurQbcirVqxlaGVgZ1LZ2TXlJ7A70IvmHAy0mq4MiucMi2f5xQRR8NhrZnH7eQ%2FYUUp%2FAbGylezIUR6F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79508fc2befab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 370e74ead61664d84985db7a9087c0e4
7c55daf6c9231e1586a0c9d48375766e7f02405f
ddc18509904868cb8e31ad5cbbd27245fc163eaac44d40a7e95fb795c6e248db
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:31 GMT
Last-Modified: Mon, 06 Feb 2023 01:04:37 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc
142.250.74.164200 OK 610 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc
IP 142.250.74.164:0
File type ASCII text, with very long lines (947), with no line terminators
Hash e66c0207cfb56fff7bed146d9343c5ba
47b36e5a82c6643393a90f8d4b1277a8a0897ee8
ceeb0abb459dfd2ead906a9811e4c2446fc2f60f400a737fef333404f8035d58
GET /recaptcha/api.js?onload=f1tRecaptchaCallback&render=6LcUjmoaAAAAADy6tjOg7FafQwMLUFEx4xw-lhHc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Feb 2023 02:47:31 GMT
date: Mon, 06 Feb 2023 02:47:31 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 610
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash baa9390f2f5935c98fa86b83ed27ee5f
b015cc4f547a4d46b57ccfd7a42b24159f2b81d6
b4d1b69eb56d329fc6bc928ae02915e1b60972bede54c65d4d00199ca8a528aa
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Feb 2023 02:47:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8EECF21DA4B649B39F443D62DB7027E33B083701"
Expires: Mon, 06 Feb 2023 13:00:00 GMT
Last-Modified: Mon, 06 Feb 2023 01:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 584
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79508fc2e92a0b69-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 04f0c04bc866a74f62881ddf5a0fda0e
55fe7db7763b05a9b81d895e685198e5ac972c02
6c754b86202cb7f56eccb8de09a74a9ddb273e974613914d652071cb19f644f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6451
Cache-Control: max-age=119244
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:31 GMT
Etag: "63df7fdd-116"
Expires: Tue, 07 Feb 2023 11:54:55 GMT
Last-Modified: Sun, 05 Feb 2023 10:07:25 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 278
table-offers.com/bitcoin-era/css/bootstrap.min.css
188.114.96.1200 OK 51 kB URL HTTP/2 table-offers.com/bitcoin-era/css/bootstrap.min.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (65371)
Hash b2e33810d346f71e9f790b11eae9e6b4
1e8c719a2a32a1ac03ef4e075c97b18338dde8fd
4525a8865457e7d0a002acc7332a38722357b005df5deafd0d1ecf893a786246
GET /bitcoin-era/css/bootstrap.min.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-1c591"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCFd5jsuboZDdHkeGzoAZ04g0ocxs9YTQ5xlPBGGdrJetmQ2GSb9RmnALroN513Bq%2B0EHNA0b%2BANeIOXARcg7Btbn6DCXcpAC9vmzDhxef2bGQXWluUe3QHLxj0860h8R59R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc2098cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iframe.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no
104.16.94.114200 OK 548 B URL HTTP/2 iframe.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no
IP 104.16.94.114:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c29b2048441edc8f72dfef4d29d586a4
7857bd1f204e2512219e14c9931ae73204c0318b
9b7abd0437ac5d3a739d82544ceb76353e040f0aa8d2af13365fe565cc8f33a2
GET /3b52b4f7fc368dfabd2a8e562b76bdfa?muted=true&autoplay=true&loop=true&defaultTextTrack=no HTTP/1.1
Host: iframe.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: text/html; charset=utf-8
vary: origin, referer, Accept-Encoding
access-control-expose-header: cf-ray
stream-dw-version: 2023.2.1
server: cloudflare
cf-ray: 79508fc39991b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480
104.16.94.114200 OK 48 kB URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480
IP 104.16.94.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1280x1281, segment length 16, comment: "Lavc58.134.100", progressive, precision 8, 854x480, components 3\012- data
Hash 48717c2ad95edd81c2f5c4f403bd0cb7
e95af46ef9cbf385785acffc47ef62bfd36a82e8
ca8faa1d39352ecdc2bae8d4b4d3138dab9037ea4fd09e459243ffa92bf41689
GET /3b52b4f7fc368dfabd2a8e562b76bdfa/thumbnails/thumbnail.jpg?height=480 HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframe.cloudflarestream.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: image/jpeg
content-length: 47589
cf-ray: 79508fc65a8eb518-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1620633
cache-control: public, max-age=864000
last-modified: Mon, 12 Dec 2022 21:10:08 GMT
strict-transport-security: max-age=31536000
vary: origin, referer, Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: range
access-control-expose-header: cf-ray
core-cache-status: MISS
served-in-seconds: 1.220
stream-dw-version: 2023.2.1
server: cloudflare
X-Firefox-Spdy: h2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json
104.16.94.114200 OK 67 kB URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json
IP 104.16.94.114:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2668), with no line terminators
Hash 200192d80dc90f15e9bda232c33d65a3
c3b6627f3b97af021804c01f7250e212bbec1ca0
73ac1be76d011528c147b884c5201bd0e82628edef0c73a850ddf9c684dc275d
GET /3b52b4f7fc368dfabd2a8e562b76bdfa/metadata/playerEnhancementInfo.json HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Origin: https://iframe.cloudflarestream.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
stream-dw-version: 2023.2.1
server: cloudflare
cf-ray: 79508fc61a74b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 792 B IP 142.250.74.131:0
Hash cdbf6c9b0a92e3f1bc055848773ed572
0c008ed50800d82d4e733ee375782bbcaf5ff36f
08b7df572db2aeec968c1d37e2e8cf130d5de8caa174937f6e24e2a460356044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 02:47:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/manifest/video.mpd?parentOrigin=https%3A%2F%2Ftable-offers.com
104.16.94.114200 OK 187 kB URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/manifest/video.mpd?parentOrigin=https%3A%2F%2Ftable-offers.com
IP 104.16.94.114:0
Size 187 kB (186762 bytes)
Hash ada18e51fb4bb9dd944f3272985c4fc7
51d0d23c362c1fc216d2fd8aeed0713f670c8ada
a8be1c7489b71bb8334c428bc34907dfc1be8c8889e567ca78531fcc311a5fe6
GET /3b52b4f7fc368dfabd2a8e562b76bdfa/manifest/video.mpd?parentOrigin=https%3A%2F%2Ftable-offers.com HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Origin: https://iframe.cloudflarestream.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: application/dash+xml
access-control-allow-origin: *
cache-control: public, max-age=600
vary: origin, referer, Accept-Encoding
access-control-allow-headers: range
access-control-expose-header: cf-ray
stream-dw-version: 2023.2.1
server: cloudflare
cf-ray: 79508fc63a84b518-OSL
X-Firefox-Spdy: h2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
104.16.94.114200 OK 707 kB URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/sdk-iframe-integration.fla9.latest.js
IP 104.16.94.114:0
File type Unicode text, UTF-8 text, with very long lines (65431)
Size 707 kB (707352 bytes)
Hash f20367f667ed1d13fda1c3ba1132884f
1b053b698e41794a7147c7eea82afebc82f10e29
186844a883de9172669b5b54972020edac9d1440deef2f5a5f41c0b028cc581b
GET /embed/sdk-iframe-integration.fla9.latest.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: application/javascript
cf-ray: 79508fc489d9b518-OSL
age: 21
cache-control: max-age=180
etag: W/"f0706de51bb79f0fcd66dd783c9fe443"
expires: Mon, 06 Feb 2023 02:47:36 GMT
last-modified: Thu, 10 Nov 2022 21:36:22 GMT
cf-cache-status: HIT
access-control-expose-header: cf-ray
stream-dw-version: 2023.2.1
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
swordsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=627103c1bd1e0a859c597c564f521cf2&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=wflhshipo704g2em2i8j7rdg&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=
104.21.67.82302 Found 34 kB URL HTTP/2 swordsailor.com/api/v1/leads-workflow/funnel/1/7?tp_hash=627103c1bd1e0a859c597c564f521cf2&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=wflhshipo704g2em2i8j7rdg&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5=
IP 104.21.67.82:0
Hash af6a4c7def6959642429b20008e6c2c9
b7452d781170c341e9c5e8954725183f95dce6aa
87a38ab6cc30d38c42a94a1cc57eab81bcb15a12966da0e7791bfcb03c78a3a0
GET /api/v1/leads-workflow/funnel/1/7?tp_hash=627103c1bd1e0a859c597c564f521cf2&tp_offer_id=7&tp_affiliate_id=477&tp_advertiser_id=1&tp_source=&tp_aff_sub=&tp_aff_sub2=wflhshipo704g2em2i8j7rdg&tp_aff_sub3=&tp_aff_sub4=&tp_aff_sub5= HTTP/1.1
Host: swordsailor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://alia-iso.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/html; charset=UTF-8
location: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials,Authorization,sentry-trace
access-control-allow-methods: GET, POST, OPTIONS, PUT, DELETE
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,Access-Control-Allow-Credentials
cache-control: private, must-revalidate
expires: -1
pragma: no-cache
set-cookie: laravel_session=eyJpdiI6ImdvR2sxOWY0ZHVabWlMM1FPMU92bWc9PSIsInZhbHVlIjoiNE52VWd6ZzJSRG1URGxWako4QUlrKzhremxpcGNFN2p6bitScE5xc0RtQlRzdTduUzFtSEtCb3U1dFp0anZleHo5cmFiUE5ycDZVOElqRjkxME1rM1E9PSIsIm1hYyI6Ijk4OTc2ZDdmMTdhMzllZGJmMzI0NzRkZmQyMTVmMmUwMzZlZTRkMmUwYmNlYzMyMjQ3ZjBkNzMxOWRhMjEwZWMifQ%3D%3D; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6D5RbYnPqq0nzKgK2eOxawpL8KV2s%2Frur7wLayghh8%2BtSuPmfbP0kUWLEJVvl62esB5BSj2igT8N9mgk5pbhfYmz9l96DGYEtLBVnHIlkcHYszKz44SwhED6hyguM8SeyBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fb98fa3b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash edb1f4c9d95304ec8f873d7835638757
aaf840018bad682ca3cc47ca7d467a3b20d24a19
c3f5f593ab98cddf278172ee6bab65a4b227e558ee75bbeb50bdd12b495487ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3F5F593AB98CDDF278172EE6BAB65A4B227E558EE75BBEB50BDD12B495487CA"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12136
Expires: Mon, 06 Feb 2023 06:09:48 GMT
Date: Mon, 06 Feb 2023 02:47:32 GMT
Connection: keep-alive
o445185.ingest.sentry.io/api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7
34.120.195.249200 OK 41 B URL HTTP/2 o445185.ingest.sentry.io/api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c882c5d42230cd92cb5c51e567bba911
59ce4bb73c74a184257a6e61ba1734438fc25a8c
ba5b025f783cf95d53645735e23ae138487047948e024c0e7dee86b83fd8cfd2
POST /api/5421136/envelope/?sentry_key=a37bd96361a84a13aec68cc8fc230f3c&sentry_version=7 HTTP/1.1
Host: o445185.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://table-offers.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://table-offers.com
Content-Length: 24485
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 02:47:32 GMT
content-type: application/json
content-length: 41
access-control-allow-origin: https://table-offers.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash edb1f4c9d95304ec8f873d7835638757
aaf840018bad682ca3cc47ca7d467a3b20d24a19
c3f5f593ab98cddf278172ee6bab65a4b227e558ee75bbeb50bdd12b495487ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3F5F593AB98CDDF278172EE6BAB65A4B227E558EE75BBEB50BDD12B495487CA"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12135
Expires: Mon, 06 Feb 2023 06:09:48 GMT
Date: Mon, 06 Feb 2023 02:47:33 GMT
Connection: keep-alive
table-offers.com/bitcoin-era/css/index.css
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/css/index.css
IP 188.114.96.1:0
GET /bitcoin-era/css/index.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-8671"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1lrtevA37yqx4DQin%2FS%2FdD70%2Byr3SD5pLDypl8PJrhWIrC%2BzCR2r9ZABy%2B4Nr%2BouW8PKXaoB4icMupLssmLtencCMPknlP9oyKTjiTfm1VBF7%2B4vJpiFRUyAFraIvozYl0I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc20993b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.7
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.7
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /static/funnels-sdk/v6/dist/assets/css/main.min.css?v=6.1.7 HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Thu, 15 Dec 2022 14:00:14 GMT
vary: Accept-Encoding
etag: W/"639b286e-9034"
expires: Sat, 11 Feb 2023 13:25:47 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 134503
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLO1eBr%2BrNg2jpd8LReH7dvyd6WzC%2FEjWSfJySsnmiBcEuSWAJNX59p85ielyvyaMETLShT%2F0ctTn867TRBsC%2FevxxSJcFs%2FOerYPuzoSTlhQtcvGD8c8EJfldgfNT21ZSHP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc21999b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/lifecycle
104.16.94.114200 OK 0 B URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/3b52b4f7fc368dfabd2a8e562b76bdfa/lifecycle
IP 104.16.94.114:0
GET /3b52b4f7fc368dfabd2a8e562b76bdfa/lifecycle HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iframe.cloudflarestream.com/
Origin: https://iframe.cloudflarestream.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
server: cloudflare
cf-ray: 79508fc61a75b518-OSL
content-encoding: br
X-Firefox-Spdy: h2
alia-iso.com/zcredirect?visitid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 OK 0 B URL HTTP/2 alia-iso.com/zcredirect?visitid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
GET /zcredirect?visitid=97751b75-a5c8-11ed-8efb-0a37a389d0bf&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: alia-iso.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alia-iso.com/zcvisitor/97751b75-a5c8-11ed-8efb-0a37a389d0bf/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=e7573180-76db-11ed-9544-0a918cbcbb97
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:28 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: gBxVRXsz
X-Firefox-Spdy: h2
table-offers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /static/funnels-sdk/v6/dist/assets/vendor/sentry.min.js HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: application/javascript
last-modified: Fri, 25 Nov 2022 08:50:18 GMT
vary: Accept-Encoding
etag: W/"638081ca-17684"
expires: Sat, 11 Feb 2023 13:25:46 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 134504
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UR4aDikVGFO55fyDxMiJBDG2JCnVwNfcIEZ1u6H%2FHRrKa%2BN4XBypyLMaHM4OVmtYVwcheMM0lQow26xWqVnPnpUuYoVENHLFabLT4OQ2APYB6kYarIKYjyhilDg%2Bp2xUgrYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc1f98ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/css/pers-sprite.css
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/css/pers-sprite.css
IP 188.114.96.1:0
GET /bitcoin-era/css/pers-sprite.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-37e9"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFDhlGVzcAmyFzc6y3a7xtjwkiwNGfer9dwaDLFHRH7fneOqV%2FBbiKax28Nhbz2lmJhguRMb2A2D9bpUce130B67vHQp1%2FHFLP6Zsm56zwG5gKWwtlGoGxHd5aRFgVBe37sx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc21996b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/css/popup.css
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/css/popup.css
IP 188.114.96.1:0
GET /bitcoin-era/css/popup.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-57f"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NKfkmaRhCGlJF%2FyuwAYRWME%2BcP9OQ9koGenVcaqT2W3OCXk6Z1DGOA49SfKg%2BrfwemLtA%2F6560SJ7Kj%2BoO5Oxdym%2FrP3RsQyOJtDZIc5I754mMAykD%2B4JTIJTJBlPFNRL8Lx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc21997b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/css/custom-alt-2.css
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/css/custom-alt-2.css
IP 188.114.96.1:0
GET /bitcoin-era/css/custom-alt-2.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-bb1"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHhzNEnZqX7PviFzhA8UokiDwDBsiR8%2FPl0pWZMYYjNIrQpAfBR0VPpFpgwiNSHyYtIwhSxXD7t29Hamv%2BlNLOOMXmMICsVDMov2qqhsguLEogoFMB0bmhVPv89VEClIwFBA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc2199db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/js/custom.js
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/js/custom.js
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /bitcoin-era/js/custom.js HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-407"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQzurlO6LOUPcXj4bn%2BG6QoksOuXRB6k6twD%2F2Fz0irqQVIuV9U3QZI95yf6%2Fsvo%2BpRneWPs1XX3lL6jvOjNLkwytw%2BVE2ALRx0k%2B%2BgOxkwYWqKb%2Fd1V6xH1GI25dzVMcyKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc259c6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js
104.16.94.114200 OK 0 B URL HTTP/2 customer-tqjuowcwyvj09sgh.cloudflarestream.com/embed/887.fb639d1f.chunk.js
IP 104.16.94.114:0
GET /embed/887.fb639d1f.chunk.js HTTP/1.1
Host: customer-tqjuowcwyvj09sgh.cloudflarestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iframe.cloudflarestream.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:31 GMT
content-type: application/javascript
cf-ray: 79508fc5fa61b518-OSL
age: 7
cache-control: max-age=180
etag: W/"7166a8708d577019d90495202e7dd78b"
expires: Mon, 06 Feb 2023 02:45:37 GMT
last-modified: Wed, 28 Dec 2022 09:24:43 GMT
cf-cache-status: HIT
access-control-expose-header: cf-ray
stream-dw-version: 2023.2.1
timing-add-origin: *
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/css/build.min.css
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/css/build.min.css
IP 188.114.96.1:0
GET /bitcoin-era/css/build.min.css HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: text/css
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-117a"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oU8pZGDe%2By%2B5Fib7Pwip1aUQoG4MxO3iovsLuVme6y%2Bt221qRnvYACaNikzoIqKQfllgTONeCpctpXlQMMqF9Bpr3YmRWwQuzOfnHDvMYhmFA60AhJYKxpMvloHUsJ0BdaYq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc2098db515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
table-offers.com/bitcoin-era/js/index.js
188.114.96.1200 OK 0 B URL HTTP/2 table-offers.com/bitcoin-era/js/index.js
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /bitcoin-era/js/index.js HTTP/1.1
Host: table-offers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/bitcoin-era/index-no.html?d=eyJpZCI6MTYyNjM4OSwic2VjcmV0IjoiMjJlY2NiYzYyMzJjMzVkOSIsImRvbWFpbiI6InN3b3Jkc2FpbG9yLmNvbSIsImFwaSI6Im9wdGltdXMtbGQifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 02:47:30 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 18:55:54 GMT
vary: Accept-Encoding
etag: W/"637bc9ba-2e7c"
expires: Sat, 11 Feb 2023 13:51:48 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 132942
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGIzmeCMdNK8DNCUioM0NbntSBEQcpgDQ7pZe0J28fdVMervmEOKSfaIJY1VrLLtOZGBqfoSKmIBuMO%2FOmYCSpYbyxO%2FcdYAKdbewM%2B2smf2Lwyy6wV5Rd5t%2ByIp%2Ft1FdtLj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79508fc259c5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Lato:wght@300;400;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Lato:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://table-offers.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 02:47:31 GMT
date: Mon, 06 Feb 2023 02:47:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2