urlquery - report: go.gkrtmc.com/aff_c?offer_id=5493&aff_id=61686&aff_sub5=push&source=propellerads.com&click

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (9)	344	No data	No data	23.36.77.32
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
rkkmj.prodlglousdate.net (4)	0	2022-10-23 17:15:50 UTC	2022-12-06 15:37:49 UTC	52.19.101.114	Unknown ranking
cdn-dimi.akamaized.net (9)	0	No data	No data	184.31.15.67	Domain (akamaized.net) ranked at: 280
ocsp.digicert.com (2)	86	2012-05-21 07:02:23 UTC	2015-05-08 15:27:43 UTC	93.184.220.29
www.gstatic.com (2)	0	2015-06-20 09:50:55 UTC	2015-11-29 15:55:55 UTC	142.250.74.35	Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (5)	1631	No data	No data	34.120.237.76
firefox.settings.services.mozilla.com (2)	867	No data	No data	35.241.9.150
contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
go.gkrtmc.com (4)	0	2022-01-24 12:45:18 UTC	2022-12-07 16:36:55 UTC	172.255.248.105	Unknown ranking
ocsp.pki.goog (5)	175	2017-06-14 17:41:42 UTC	2019-01-23 06:35:32 UTC	142.250.74.131
www.googletagmanager.com (1)	75	No data	No data	142.250.74.168
tsyndicate.com (1)	13042	No data	No data	136.243.43.25
push.services.mozilla.com (1)	2140	2015-08-03 07:36:16 UTC	2015-10-22 06:43:00 UTC	54.148.70.121
ctrack.trafficjunky.net (1)	27301	2014-03-23 22:43:38 UTC	2018-05-24 13:46:09 UTC	66.254.114.89
fonts.googleapis.com (1)	8877	No data	No data	142.250.74.106

Scan Date	Severity	Indicator	Comment
2022-12-08	2	go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_sourc (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-04 09:15:23 +0000	0 - 0 - 1	go.gkrtmc.com/aff_c?offer_id=7303&aff_id=6483 (...)	172.255.248.105
2023-02-01 17:43:35 +0000	0 - 0 - 1	go.gkrtmc.com/rd.html	172.255.248.105
2023-01-31 16:51:12 +0000	0 - 0 - 2	go.trklinkcm.com/rd.html?go=slutsaga.com/2?pu (...)	172.255.248.105
2023-01-30 17:33:20 +0000	0 - 1 - 0	go.gkrtmc.com/aff_nl?offer_id=8390&aff_id=597 (...)	172.255.248.105
2023-01-28 16:49:18 +0000	0 - 0 - 2	go.trklinkcm.com/rd.html?go=slutsaga.com/2?pu (...)	172.255.248.105

Date	UQ / IDS / BL	URL	IP
2023-02-05 03:14:51 +0000	0 - 0 - 1	pl18020758.highcpmrevenuenetwork.com/	173.233.137.52
2023-02-05 03:07:01 +0000	0 - 0 - 3	188.42.218.249/123ebcbd77cb7fbd08e85ecc8384e8c1	188.42.218.249
2023-02-04 23:02:56 +0000	0 - 2 - 0	m.jucydate.com/entry?param=1&hash=265b9bbf669 (...)	23.111.80.246
2023-02-04 22:17:11 +0000	0 - 0 - 1	discretionrochesterowen.com/	173.233.137.60
2023-02-04 22:00:59 +0000	0 - 0 - 3	188.42.218.249/902cb7bc0655a00ac80cff88c667996d	188.42.218.249

Date	UQ / IDS / BL	URL	IP
2023-02-04 09:15:23 +0000	0 - 0 - 1	go.gkrtmc.com/aff_c?offer_id=7303&aff_id=6483 (...)	172.255.248.105
2023-02-01 17:43:35 +0000	0 - 0 - 1	go.gkrtmc.com/rd.html	172.255.248.105
2023-01-30 17:33:20 +0000	0 - 1 - 0	go.gkrtmc.com/aff_nl?offer_id=8390&aff_id=597 (...)	172.255.248.105
2023-01-28 16:04:27 +0000	0 - 0 - 1	go.gkrtmc.com/rd.html	172.255.248.105
2023-01-26 10:59:11 +0000	0 - 1 - 0	go.gkrtmc.com/aff_c?offer_id=8000&aff_id=1655 (...)	172.255.248.105

Date	UQ / IDS / BL	URL	IP
2023-01-28 05:29:39 +0000	0 - 0 - 2	ea2102049.srtrak.com/promo-tools/direct-offer (...)	91.132.60.212
2023-01-28 05:18:11 +0000	0 - 0 - 3	833fsd3b8c2.srtrak.com/promo.php?id=106&page= (...)	91.132.60.212
2022-12-14 13:43:07 +0000	0 - 0 - 1	go.gkrtmc.com/aff_c?offer_id=8326&aff_id=5304 (...)	172.255.248.105
2022-12-13 05:53:47 +0000	0 - 0 - 1	go.gkrtmc.com/aff_c?offer_id=8522&aff_id=6238 (...)	172.255.248.105
2022-12-06 15:37:59 +0000	0 - 0 - 3	lonely-girls.com/hKsQkK	162.55.131.227

Request	Response
GET /aff_c?offer_id=5493&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 HTTP/1.1 Host: go.gkrtmc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: go.gkrtmc.com/aff_c?offer_id=5493&aff_id=61686&aff_sub5 (...) FQDN: go.gkrtmc.com IP: 172.255.248.105 HASH: 36caeb05eb55034e147636bb81b4868fc842f3acf9eaad74775fc9fd03a74772 172.255.248.105 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Server: nginx Date: Thu, 08 Dec 2022 03:00:59 GMT Content-Length: 280 Connection: keep-alive X-DNS-Prefetch-Control: off X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT Location: aff_c?offer_id=4178&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 Vary: Accept Cache-Control: no-store, no-cache --- Additional Info --- Magic: HTML document, ASCII text, with no line terminators Size: 280 Md5: c743e341367df527574575822dd1d9d6 Sha1: ffeaf2a3596e6cc40ca4f2dfbc16a072bc54117b Sha256: 36caeb05eb55034e147636bb81b4868fc842f3acf9eaad74775fc9fd03a74772
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=17677 Expires: Thu, 08 Dec 2022 07:55:36 GMT Date: Thu, 08 Dec 2022 03:00:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 388f6fea5bafa378266622b72311a6ee Sha1: 447f102dc12172ce1ba44c5e94e1d7bb49d43372 Sha256: a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15179 Expires: Thu, 08 Dec 2022 07:13:58 GMT Date: Thu, 08 Dec 2022 03:00:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 7181eff9c60e83eb0004ece591e47dca Sha1: 0fd8cd0c9d10b0547938982e57d2c43e2d98679f Sha256: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 08 Dec 2022 02:08:07 GMT age: 3172 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2280 Expires: Thu, 08 Dec 2022 03:38:59 GMT Date: Thu, 08 Dec 2022 03:00:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 00e7703bd74975689fc9050356aaca6b Sha1: 9788fe6a36d6f278e8da329ebc5dd87bcd212317 Sha256: 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: tnI2pk/KznwdRDwewwRPTFr8wndALhP0HPsEk1E5Ly9iKYM41S6uvlKvj9IvEUF/md+yIZs/YPY= x-amz-request-id: NDBH9W4A8445XKG2 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 08 Dec 2022 02:49:36 GMT age: 683 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /aff_c?offer_id=4178&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 HTTP/1.1 Host: go.gkrtmc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: language=en Upgrade-Insecure-Requests: 1	URL: go.gkrtmc.com/aff_c?offer_id=4178&aff_id=61686&aff_sub5 (...) FQDN: go.gkrtmc.com IP: 172.255.248.105 HASH: c9c9049ce43c13de7b43f25f926d8c6d0b3c360d3d57296fca8d5a0c8ab7677e 172.255.248.105 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Server: nginx Date: Thu, 08 Dec 2022 03:00:59 GMT Content-Length: 494 Connection: keep-alive X-DNS-Prefetch-Control: off X-Frame-Options: SAMEORIGIN Strict-Transport-Security: max-age=15552000; includeSubDomains X-Download-Options: noopen X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT 4178=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT op_4178=0; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT user_id=3980a30f-4bd4-4a00-b5bc-e126bd89e0a8_c89c511108b3bcd34bd275f32d52d3fd; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 07 Dec 2027 03:00:59 GMT; Secure; SameSite=None Location: /rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D61686%26s5%3Dpropellerads.com%26click_id%3D37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0%26j1%3D1%26j8%3D1 Vary: Accept Cache-Control: no-store, no-cache --- Additional Info --- Magic: HTML document, ASCII text, with very long lines (494), with no line terminators Size: 494 Md5: e55a7600a20d8f174fe40624b1f50a4a Sha1: a194f9378b1f7e7b98fc60d199979d7d8f357d6b Sha256: c9c9049ce43c13de7b43f25f926d8c6d0b3c360d3d57296fca8d5a0c8ab7677e
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Thu, 08 Dec 2022 03:00:59 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D61686%26s5%3Dpropellerads.com%26click_id%3D37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0%26j1%3D1%26j8%3D1 HTTP/1.1 Host: go.gkrtmc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: language=en; 4178=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0; op_4178=0 Upgrade-Insecure-Requests: 1	URL: go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglous (...) FQDN: go.gkrtmc.com IP: 172.255.248.105 HASH: 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3 172.255.248.105 HTTP/1.1 200 OK Content-Type: text/html Server: nginx Date: Thu, 08 Dec 2022 03:00:59 GMT Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding ETag: W/"61168831-149" Cache-Control: no-store, no-cache Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 255 Md5: 997bfcab4e7a51023ff8da026ed4374a Sha1: 35d15ad133e52c1b9dea0b3696a8719521387a9e Sha256: 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: e1369e40ca688556eb12edd7f5148c5ddebacabf7708893f597583c6074e3388 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E1369E40CA688556EB12EDD7F5148C5DDEBACABF7708893F597583C6074E3388" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21528 Expires: Thu, 08 Dec 2022 08:59:47 GMT Date: Thu, 08 Dec 2022 03:00:59 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9518e1d7d1d2d11949adb7851866b13 Sha1: ff812600873297ddeb7ee9622d9a895c0a1b8e1b Sha256: e1369e40ca688556eb12edd7f5148c5ddebacabf7708893f597583c6074e3388
GET /favicon.ico HTTP/1.1 Host: go.gkrtmc.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D61686%26s5%3Dpropellerads.com%26click_id%3D37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0%26j1%3D1%26j8%3D1 Cookie: language=en; 4178=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0; op_4178=0	URL: go.gkrtmc.com/favicon.ico FQDN: go.gkrtmc.com IP: 172.255.248.105 HASH: 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a 172.255.248.105 HTTP/1.1 404 Not Found Content-Type: text/html Server: nginx Date: Thu, 08 Dec 2022 03:00:59 GMT Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 123 Md5: c728bf241d9141b8d3100ae5140e09c5 Sha1: 07f0da1bdfadd0354b090781f1e3264ac22b6c39 Sha256: 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /?utm_source=c44213fa2bf7a303&s1=20904&s2=1656360&s3=61686&s5=propellerads.com&click_id=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0&j1=1&j8=1 HTTP/1.1 Host: rkkmj.prodlglousdate.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://go.gkrtmc.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site	URL: rkkmj.prodlglousdate.net/?utm_source=c44213fa2bf7a303&s (...) FQDN: rkkmj.prodlglousdate.net IP: 52.19.101.114 HASH: fa9fe0a4afd0c20c0177046ed8097b69be7bb4a38f69df8d0c5dd2a6e5e49746 52.19.101.114 HTTP/2 200 OK content-type: text/html; charset=utf-8 server: nginx date: Thu, 08 Dec 2022 03:00:59 GMT set-cookie: unique_id=639122af0001a08c; Path=/; Expires=Mon, 06 Feb 2023 03:00:59 GMT; Secure; SameSite=None unique_id2=639122af00033ee6; Path=/; Expires=Wed, 08 Mar 2023 03:00:59 GMT; Secure; SameSite=None 639122af00033ee6_c=1; Path=/; Expires=Wed, 08 Mar 2023 03:00:59 GMT; Secure; SameSite=None ref_token=21635_20904; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT; Secure; SameSite=None impression=; Path=/; Expires=Thu, 08 Dec 2022 03:00:59 GMT; Secure; SameSite=None 639122af00033ee6_sl=[188579]; Path=/; Expires=Thu, 22 Dec 2022 03:00:59 GMT; Secure; SameSite=None content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9726) Size: 7371 Md5: 9c3687d8855226ec0614035171155329 Sha1: 9e89eb95152ada818fc2d3eda8ad0fbe4dd02545 Sha256: fa9fe0a4afd0c20c0177046ed8097b69be7bb4a38f69df8d0c5dd2a6e5e49746
GET /landings/188579/1612535270/js/translate.js?1612535271 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/js/tr (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: ef9c21f71a5a14c04e7d5ab7526c134ba6e8310e9c2eb2e388da364e1361a473 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: 45IpnQffMjxIgygxi3DCYCfpuLwIYagIsxaEiYe0yADelYolfY6QUD9PImtbqu3/NfkKc/tefYo= x-amz-request-id: Y0J1GMX1F9J7BDTY Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "637b970eb3da7972f6d558bbda47e43b" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 08 Dec 2022 03:00:59 GMT Content-Length: 16633 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 16633 Md5: 1a0068cb0735c55c54b466c972c6e4cc Sha1: 610f4151f82c886efdedea6aa09ad8f6dafef33e Sha256: ef9c21f71a5a14c04e7d5ab7526c134ba6e8310e9c2eb2e388da364e1361a473
GET /landings/188579/1612535270/js/jquery-2.2.4.min.js?1612535271 HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/js/jq (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494 184.31.15.67 HTTP/1.1 200 OK Content-Type: text/javascript x-amz-id-2: BmXcEH5q+A6InkKEinUnh67hazWZASfM7ijf7d9UdOJ7FujX5tXqpaxodPez4zh+8PlfVcSkyyk= x-amz-request-id: XZRPCREQRX32T3AW Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "2f6b11a7e914718e0290410e85366fe9" Accept-Ranges: bytes Server: AmazonS3 Vary: Accept-Encoding Content-Encoding: gzip Date: Thu, 08 Dec 2022 03:00:59 GMT Content-Length: 29855 Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: ASCII text, with very long lines (32065) Size: 29855 Md5: 2fa28552f1ee4e1382ee43930b53afb8 Sha1: 803670da6a35378bf4eb73acc8e72fe4feb5ca30 Sha256: ecfddf7d1e798dd2778c071bea24c70b650ef990fc09793fce25f2f094b35494
GET /landings/188579/1612535270/images/m3.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: f8b80e146c78ef0c4d7f5b4cc52d50fd91d0d938c2c23ebfe27f67ba2e9d50f4 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: ABV4/nTL3+GFoKJ8h6rMudhQnM3EQt3vOaShnwR6jEnNRpFegZf0j2RU5boRFQSEZtAxHkxmz/c= x-amz-request-id: 2XWQ0QFCAVKP6KK6 Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "284ef1acd6e4b97a1300b484e8bbb351" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 66564 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data Size: 66564 Md5: 284ef1acd6e4b97a1300b484e8bbb351 Sha1: 4a628276784cd5d19aca90cc1130435bcd191eb1 Sha256: f8b80e146c78ef0c4d7f5b4cc52d50fd91d0d938c2c23ebfe27f67ba2e9d50f4
GET /landings/188579/1612535270/images/m1.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: ff421106287d50adb0a3eae0ebde99ed23df1729e6bf63c33abf232e1f605a5a 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: e+ZTvMdG5wpM6MuYaEmdaRobsfTP3i38CQ1Tn60iFNE2oGxni3yJKvFEHcEVKUeg/YZ66DgorY8= x-amz-request-id: 2XWT0NZA674AMHR3 Last-Modified: Fri, 05 Feb 2021 14:27:52 GMT ETag: "52d0fc78a5699b1020e33ebb8d2a2681" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 49743 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data Size: 49743 Md5: 52d0fc78a5699b1020e33ebb8d2a2681 Sha1: ba4db64ad8c97554c625f7378c370c40a61aa48f Sha256: ff421106287d50adb0a3eae0ebde99ed23df1729e6bf63c33abf232e1f605a5a
GET /landings/188579/1612535270/images/m6.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: fd8cfef314a6286c65f6859d8a30f9ace29998a29c5002df3de66e9b3becb45e 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: /biBGaIaBDP0O+XgtJKOVxCHQBYt/4UO2qOBYKa8DHeyRzVx3siPhApLRoKenqGCOFitizEPR4o= x-amz-request-id: 321G7KC65BQECW8A Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "faff29be89942a70690077f34b492a76" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 69133 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data Size: 69133 Md5: faff29be89942a70690077f34b492a76 Sha1: d76f347af48b6344fd689308e2a14d500d9d0f59 Sha256: fd8cfef314a6286c65f6859d8a30f9ace29998a29c5002df3de66e9b3becb45e
GET /landings/188579/1612535270/images/m4.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 6177ac5d7ba7ea01833304d4bb1ca45d177a7365308af3b85d158a047d0ec7e3 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: 6mrm/5J9gjq9uROhiWWP53aU1cx8VprE1ygtwF2fvoq5ahLqsOcjauayG31R3IsahlOBwwirCvY= x-amz-request-id: 2XWYVYZGW5Q9PC3Z Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "c79d5e186c2e37a07a2110f28207af39" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 66740 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data Size: 66740 Md5: c79d5e186c2e37a07a2110f28207af39 Sha1: c64cf2b1814093e4de514e17957a3742ed0a7c9e Sha256: 6177ac5d7ba7ea01833304d4bb1ca45d177a7365308af3b85d158a047d0ec7e3
GET /landings/188579/1612535270/images/m5.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 0be6e29ee0258c4be07c7f6682ab2497f1f7261c62539b34b419fd0beb951cdc 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: BfqDFwWhXJCG/7a+czJ/IjP0VkRg0W5Fb+JHofilrx8PBUHO/opDShFJM6sGcavMOr+Rut4q+sA= x-amz-request-id: 2XWKE9V5YNE51KB9 Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT ETag: "4bd0e0cf6f5f88bbe2cc0208374de87f" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 88182 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data Size: 88182 Md5: 4bd0e0cf6f5f88bbe2cc0208374de87f Sha1: c7f4c3ba767085c35c8f3d245cb81e48b689ee39 Sha256: 0be6e29ee0258c4be07c7f6682ab2497f1f7261c62539b34b419fd0beb951cdc
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 08 Dec 2022 03:01:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 3074a66f6d9b2e2af9b41ec0e2f4e2db Sha1: 942e2c49b3848f11da966937f5914c62aed24bce Sha256: 7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 08 Dec 2022 02:07:55 GMT age: 3185 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 08 Dec 2022 03:01:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 6ec5f6261a8262e9f94b29627f54cefe Sha1: 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 Sha256: 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 08 Dec 2022 03:01:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 30aec170d58f580f2ed4da4b92d72cc7 Sha1: 3b11a98ba9563f7f266e7a935e3b78bd0c0712aa Sha256: 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
GET /gtm.js?id=GTM-PPJGZHL HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL FQDN: www.googletagmanager.com IP: 142.250.74.168 HASH: c96d50077583af1cebf7b3fade34133964adc18045f5b6b6e87653bb3af935b3 142.250.74.168 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Thu, 08 Dec 2022 03:01:00 GMT expires: Thu, 08 Dec 2022 03:01:00 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 39618 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (3014) Size: 39618 Md5: 82c5bc84d62b1f2b715db268454331f5 Sha1: e235973ad7e05f197e95a8ae3943eaf69ef5957d Sha256: c96d50077583af1cebf7b3fade34133964adc18045f5b6b6e87653bb3af935b3
GET /images/favicon.ico HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/images/favicon.ico FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/x-icon x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10= x-amz-request-id: 2XWP9N688THY1C8H Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT ETag: "4cdf3256cd7b8ec3917adb79d6bf457e" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 4103 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data Size: 4103 Md5: 4cdf3256cd7b8ec3917adb79d6bf457e Sha1: bc615337e9223183a126c8fb649774866fb53e69 Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0
GET /landings/188579/1612535270/images/m2.jpg HTTP/1.1 Host: cdn-dimi.akamaized.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn-dimi.akamaized.net/landings/188579/1612535270/image (...) FQDN: cdn-dimi.akamaized.net IP: 184.31.15.67 HASH: 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312 184.31.15.67 HTTP/1.1 200 OK Content-Type: image/jpeg x-amz-id-2: u+IP5dSg2OZw4BcZILe+Mn7FR6YUOvaohocscJFPnPCnEF/SkOvTVB+WyWuoWhQ0JQGQ8MSAc+E= x-amz-request-id: 321TDDHFDQCZXW86 Last-Modified: Fri, 05 Feb 2021 14:27:52 GMT ETag: "a82a26f595d158682268d0969c796a89" Accept-Ranges: bytes Server: AmazonS3 Content-Length: 60737 Date: Thu, 08 Dec 2022 03:01:00 GMT Connection: keep-alive Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" --- Additional Info --- Magic: data Size: 472 Md5: 30aec170d58f580f2ed4da4b92d72cc7 Sha1: 3b11a98ba9563f7f266e7a935e3b78bd0c0712aa Sha256: 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6531 Cache-Control: max-age=114881 Date: Thu, 08 Dec 2022 03:01:00 GMT Etag: "639057aa-1d7" Expires: Fri, 09 Dec 2022 10:55:41 GMT Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 053aff7451e55d4269dd9610ab070f3f Sha1: b3376256d11d159b0c7280ba1515b78d7d9e12ca Sha256: 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 08 Dec 2022 03:01:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: ec6ece82a7cb8faa3ba171efae3a9eda Sha1: 7ee75fba9a9d1078960f7834d71961c38f514b82 Sha256: 301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-app.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 8604 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Dec 2022 21:48:07 GMT expires: Fri, 01 Dec 2023 21:48:07 GMT cache-control: public, max-age=31536000 age: 537173 last-modified: Thu, 10 May 2018 20:35:51 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (25088) Size: 8604 Md5: 73069e532b7039778d3a7128c997c61a Sha1: c523bbf1ac7f4e612c8ade75434c42fbca885adc Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1 Host: rkkmj.prodlglousdate.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/?s1=20904&s2=1656360&s3=61686&s5=backuser&click_id=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0&iexpp=1&j1=1&utm_source=c44213fa2bf7a303&j8=1 Cookie: unique_id=639122af0001a08c; unique_id2=639122af00033ee6; 639122af00033ee6_c=1; ref_token=21635_20904; 639122af00033ee6_sl=[188579] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rkkmj.prodlglousdate.net/js/pushjs/1.0.0/subscriber.js FQDN: rkkmj.prodlglousdate.net IP: 52.19.101.114 HASH: f731cabb20e746a12e49a4571a42b37b1c2f999f9eae1755eeb14a2c47439d83 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 08 Dec 2022 03:01:00 GMT expires: Thu, 15 Dec 2022 03:01:00 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 3769 Md5: 1ecad85d9d95a4bec7a59b068ff2b95c Sha1: b41e782ef077df99dd5f1607e498270f29509b7c Sha256: f731cabb20e746a12e49a4571a42b37b1c2f999f9eae1755eeb14a2c47439d83
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js FQDN: www.gstatic.com IP: 142.250.74.35 HASH: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7 142.250.74.35 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes vary: Accept-Encoding content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} content-length: 10017 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Wed, 07 Dec 2022 10:16:35 GMT expires: Thu, 07 Dec 2023 10:16:35 GMT cache-control: public, max-age=31536000 age: 60265 last-modified: Thu, 10 May 2018 20:35:52 GMT alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (35547) Size: 10017 Md5: fa9987a23f5a9d865766e952511baa30 Sha1: f2e620b99ee61a01671ba6a9e22ca75d58a1b52d Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/gts1c3 FQDN: ocsp.pki.goog IP: 142.250.74.131 HASH: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Thu, 08 Dec 2022 03:01:00 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 0e9eef4ed41ef94e9ea175ad243e294e Sha1: b6f83e508270413dabe55e2884b5409ca7978e24 Sha256: 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
GET /api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 HTTP/1.1 Host: tsyndicate.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: tsyndicate.com/api/v1/retargeting/set/a29e4033-f1e9-424 (...) FQDN: tsyndicate.com IP: 136.243.43.25 HASH: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 136.243.43.25 HTTP/2 200 OK content-type: text/plain; charset=utf-8 server: nginx date: Thu, 08 Dec 2022 03:01:00 GMT content-length: 35 pragma: no-cache expires: 0 vary: * x-api-version: 1 x-request-id: 4dfa022f33593387 set-cookie: ts_rt_a29e4033-f1e9-4244-ad9b-e100f20a3cc4=AAMC; expires=Fri, 08 Dec 2023 03:01:00 GMT; path=/; HttpOnly; secure; SameSite=None cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform x-robots-tag: none, noindex, nofollow report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } X-Firefox-Spdy: h2 --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: c2196de8ba412c60c22ab491af7b1409 Sha1: 5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b913c7129859a61ccfcb2d4afc60130c328748d082ad3edb25b4b44a032e028e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2968 Cache-Control: max-age=130787 Date: Thu, 08 Dec 2022 03:01:00 GMT Etag: "6390a3b7-139" Expires: Fri, 09 Dec 2022 15:20:47 GMT Last-Modified: Wed, 07 Dec 2022 14:31:19 GMT Server: ECS (ska/F6FE) X-Cache: HIT Content-Length: 313 --- Additional Info --- Magic: data Size: 313 Md5: 2650ce0434f03e9a7466eb7bf850e542 Sha1: 8d766a21c18e3cdceb28846548900a2e2b4e438a Sha256: b913c7129859a61ccfcb2d4afc60130c328748d082ad3edb25b4b44a032e028e
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: amDPwYNwHbSr5aYRYVAmuQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.148.70.121 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.148.70.121 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 3/WVbipWCh/cCZHMDzNs4o7Nw8c= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ctrack?action=list&type=add&id=1&context=im&cookiename=start&age=545600&maxcookiecount=10 HTTP/1.1 Host: ctrack.trafficjunky.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: ctrack.trafficjunky.net/ctrack?action=list&type=add&id= (...) FQDN: ctrack.trafficjunky.net IP: 66.254.114.89 HASH: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 66.254.114.89 HTTP/1.1 200 OK content-type: image/gif server: openresty date: Thu, 08 Dec 2022 03:01:00 GMT content-length: 35 cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires: Sun, 22 Jan 1984 03:00:00 GMT p3p: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA" pragma: no-cache set-cookie: tj_UUID=631cd2ee2b4f4cf89a98c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Sat, 07 Jan 2023 03:01:00 GMT; Secure; SameSite=None tj_UUID_v2=631cd2ee-2b4f-4cf8-9a98-c513c08d9583; Path=/; Domain=trafficjunky.net; Expires=Sat, 07 Jan 2023 03:01:00 GMT; Secure; SameSite=None 57aadc60fe7671fefe86bb04bced801a=1; Path=/; Domain=trafficjunky.net; Expires=Fri, 22 Dec 2023 00:21:00 GMT; Secure; SameSite=None access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-methods: GET,POST access-control-allow-headers: Content-Type access-control-max-age: 86400 x-request-id: 6391536C-42FE725901BB0C33-6E1BC4B --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 35 Md5: 28d6814f309ea289f847c69cf91194c6 Sha1: 0f4e929dd5bb2564f7ab9c76338e04e292a42ace Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5092 Expires: Thu, 08 Dec 2022 04:25:53 GMT Date: Thu, 08 Dec 2022 03:01:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5092 Expires: Thu, 08 Dec 2022 04:25:53 GMT Date: Thu, 08 Dec 2022 03:01:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5092 Expires: Thu, 08 Dec 2022 04:25:53 GMT Date: Thu, 08 Dec 2022 03:01:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5092 Expires: Thu, 08 Dec 2022 04:25:53 GMT Date: Thu, 08 Dec 2022 03:01:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=5092 Expires: Thu, 08 Dec 2022 04:25:53 GMT Date: Thu, 08 Dec 2022 03:01:01 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10164 x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cnAPOGSnoAMFUUQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0 x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA== via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 12:11:17 GMT age: 53384 etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10164 Md5: 3d44d17585c9a536c8da0e75ed90d175 Sha1: 9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1 Sha256: 6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6110 x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEQAH2doAMFljA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 5fxuPjC35VBDaymSCPY_iBxDnQY4CFHgolHSmnDhCRUjzw5UzY7ovA== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 04:14:32 GMT age: 81989 etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6110 Md5: fb1ea0161d261518c99909aff49e6f58 Sha1: c3b915cb579b651db25442fea0bbedd0d292c0fc Sha256: d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385
GET /js/pushjs/1.0.0/utils.js HTTP/1.1 Host: rkkmj.prodlglousdate.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://rkkmj.prodlglousdate.net/?s1=20904&s2=1656360&s3=61686&s5=backuser&click_id=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0&iexpp=1&j1=1&utm_source=c44213fa2bf7a303&j8=1 Cookie: unique_id=639122af0001a08c; unique_id2=639122af00033ee6; 639122af00033ee6_c=1; ref_token=21635_20904; 639122af00033ee6_sl=[188579] Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	URL: rkkmj.prodlglousdate.net/js/pushjs/1.0.0/utils.js FQDN: rkkmj.prodlglousdate.net IP: 52.19.101.114 HASH: 5a68b6d2a238494896934d15e79609874104c5ca9a9ec9a2f39c7990710025e9 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 08 Dec 2022 03:01:00 GMT expires: Thu, 15 Dec 2022 03:01:00 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 10313 Md5: d5a27d6d7aedd1f7763b82bd14ee31ae Sha1: ba2a07be6e18fd68962f658af15b60f1f3a1fa71 Sha256: 5a68b6d2a238494896934d15e79609874104c5ca9a9ec9a2f39c7990710025e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8659 x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: czFSYFArIAMF46w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 23:35:32 GMT age: 12329 etag: "c4f26846b8b72293368ff16915d49297cf12bbb9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8659 Md5: b87d6543345f73653ed4a49b37d7c959 Sha1: c4f26846b8b72293368ff16915d49297cf12bbb9 Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5620 x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cy4gHGIMIAMFy_g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: MWB80hrfUMDjexNsySVGMXtm6Wva4t1gkJXaesFKRaGSkFS1r1zIrw== via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 22:13:24 GMT age: 17257 etag: "aadf97d040e3577599581e892ee20f88d191bf91" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5620 Md5: ce35df4fe4f77c950e40dc44b311bab4 Sha1: aadf97d040e3577599581e892ee20f88d191bf91 Sha256: f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9596 x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cy3_qH63oAMFfLg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google date: Wed, 07 Dec 2022 22:13:24 GMT etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391" age: 17257 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9596 Md5: c408efaa98ac2ce63bb1618368d10c15 Sha1: a51bbb49ebd862d04eaee465d0a35b22dcd21391 Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /css?family=Montserrat\|Open+Sans:300,400,700,800&display=swap&subset=cyrillic,greek,vietnamese HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://cdn-dimi.akamaized.net/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: fonts.googleapis.com/css?family=Montserrat\|Open+Sans:30 (...) FQDN: fonts.googleapis.com IP: 142.250.74.106 142.250.74.106 HTTP/2 200 OK content-type: text/css; charset=utf-8 access-control-allow-origin: * timing-allow-origin: * link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin strict-transport-security: max-age=31536000 expires: Thu, 08 Dec 2022 03:01:00 GMT date: Thu, 08 Dec 2022 03:01:00 GMT cache-control: private, max-age=86400 cross-origin-opener-policy: same-origin-allow-popups cross-origin-resource-policy: cross-origin content-encoding: gzip server: ESF x-xss-protection: 0 x-frame-options: SAMEORIGIN x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" X-Firefox-Spdy: h2 --- Additional Info ---
GET /js/service-worker.js HTTP/1.1 Host: rkkmj.prodlglousdate.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Service-Worker: script Connection: keep-alive Cookie: unique_id=639122af0001a08c; unique_id2=639122af00033ee6; 639122af00033ee6_c=1; ref_token=21635_20904; 639122af00033ee6_sl=[188579] Sec-Fetch-Dest: serviceworker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers	URL: rkkmj.prodlglousdate.net/js/service-worker.js FQDN: rkkmj.prodlglousdate.net IP: 52.19.101.114 52.19.101.114 HTTP/2 200 OK content-type: application/javascript server: nginx date: Thu, 08 Dec 2022 03:01:00 GMT expires: Thu, 15 Dec 2022 03:01:00 GMT cache-control: max-age=604800 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /aff_c?offer_id=5493&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 HTTP/1.1 

                                        
                                            
Host: go.gkrtmc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         172.255.248.105

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Content-Length: 280 

                                        
                                            
Connection: keep-alive 

                                        
                                            
X-DNS-Prefetch-Control: off 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Strict-Transport-Security: max-age=15552000; includeSubDomains 

                                        
                                            
X-Download-Options: noopen 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT 

                                        
                                            
Location: aff_c?offer_id=4178&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 

                                        
                                            
Vary: Accept 

                                        
                                            
Cache-Control: no-store, no-cache 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with no line terminators

                                                Size:   280

                                                Md5:    c743e341367df527574575822dd1d9d6

                                                Sha1:   ffeaf2a3596e6cc40ca4f2dfbc16a072bc54117b

                                                Sha256: 36caeb05eb55034e147636bb81b4868fc842f3acf9eaad74775fc9fd03a74772

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=15179 

                                        
                                            
Expires: Thu, 08 Dec 2022 07:13:58 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    7181eff9c60e83eb0004ece591e47dca

                                                Sha1:   0fd8cd0c9d10b0547938982e57d2c43e2d98679f

                                                Sha256: 89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2280 

                                        
                                            
Expires: Thu, 08 Dec 2022 03:38:59 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    00e7703bd74975689fc9050356aaca6b

                                                Sha1:   9788fe6a36d6f278e8da329ebc5dd87bcd212317

                                                Sha256: 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

                                        
                                            GET /aff_c?offer_id=4178&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6 HTTP/1.1 

                                        
                                            
Host: go.gkrtmc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: language=en 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         172.255.248.105

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Content-Length: 494 

                                        
                                            
Connection: keep-alive 

                                        
                                            
X-DNS-Prefetch-Control: off 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
Strict-Transport-Security: max-age=15552000; includeSubDomains 

                                        
                                            
X-Download-Options: noopen 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-XSS-Protection: 1; mode=block 

                                        
                                            
Set-Cookie: language=en; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT
test=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT
4178=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT
op_4178=0; Domain=go.gkrtmc.com; Path=/; Expires=Sat, 07 Jan 2023 03:00:59 GMT
user_id=3980a30f-4bd4-4a00-b5bc-e126bd89e0a8_c89c511108b3bcd34bd275f32d52d3fd; Domain=go.gkrtmc.com; Path=/; Expires=Tue, 07 Dec 2027 03:00:59 GMT; Secure; SameSite=None 

                                        
                                            
Location: /rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D61686%26s5%3Dpropellerads.com%26click_id%3D37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0%26j1%3D1%26j8%3D1 

                                        
                                            
Vary: Accept 

                                        
                                            
Cache-Control: no-store, no-cache 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (494), with no line terminators

                                                Size:   494

                                                Md5:    e55a7600a20d8f174fe40624b1f50a4a

                                                Sha1:   a194f9378b1f7e7b98fc60d199979d7d8f357d6b

                                                Sha256: c9c9049ce43c13de7b43f25f926d8c6d0b3c360d3d57296fca8d5a0c8ab7677e

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: go.gkrtmc.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://go.gkrtmc.com/rd.html?go=https%3A%2F%2Frkkmj.prodlglousdate.net%3Futm_source%3Dc44213fa2bf7a303%26s1%3D20904%26s2%3D1656360%26s3%3D61686%26s5%3Dpropellerads.com%26click_id%3D37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0%26j1%3D1%26j8%3D1 

                                        
                                            
Cookie: language=en; 4178=37_61686_4178_e27f80b5b55566785bcf9b6a0e1acdf0; op_4178=0

                                         172.255.248.105

                                        
                                            HTTP/1.1 404 Not Found 

                                        
                                            
Content-Type: text/html

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   123

                                                Md5:    c728bf241d9141b8d3100ae5140e09c5

                                                Sha1:   07f0da1bdfadd0354b090781f1e3264ac22b6c39

                                                Sha256: 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a

                                        
                                            GET /landings/188579/1612535270/js/translate.js?1612535271 HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/javascript

                                        

                                        
                                            
x-amz-id-2: 45IpnQffMjxIgygxi3DCYCfpuLwIYagIsxaEiYe0yADelYolfY6QUD9PImtbqu3/NfkKc/tefYo= 

                                        
                                            
x-amz-request-id: Y0J1GMX1F9J7BDTY 

                                        
                                            
Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT 

                                        
                                            
ETag: "637b970eb3da7972f6d558bbda47e43b" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Thu, 08 Dec 2022 03:00:59 GMT 

                                        
                                            
Content-Length: 16633 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with CRLF line terminators

                                                Size:   16633

                                                Md5:    1a0068cb0735c55c54b466c972c6e4cc

                                                Sha1:   610f4151f82c886efdedea6aa09ad8f6dafef33e

                                                Sha256: ef9c21f71a5a14c04e7d5ab7526c134ba6e8310e9c2eb2e388da364e1361a473

                                        
                                            GET /landings/188579/1612535270/images/m3.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: ABV4/nTL3+GFoKJ8h6rMudhQnM3EQt3vOaShnwR6jEnNRpFegZf0j2RU5boRFQSEZtAxHkxmz/c= 

                                        
                                            
x-amz-request-id: 2XWQ0QFCAVKP6KK6 

                                        
                                            
Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT 

                                        
                                            
ETag: "284ef1acd6e4b97a1300b484e8bbb351" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 66564 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data

                                                Size:   66564

                                                Md5:    284ef1acd6e4b97a1300b484e8bbb351

                                                Sha1:   4a628276784cd5d19aca90cc1130435bcd191eb1

                                                Sha256: f8b80e146c78ef0c4d7f5b4cc52d50fd91d0d938c2c23ebfe27f67ba2e9d50f4

                                        
                                            GET /landings/188579/1612535270/images/m6.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: /biBGaIaBDP0O+XgtJKOVxCHQBYt/4UO2qOBYKa8DHeyRzVx3siPhApLRoKenqGCOFitizEPR4o= 

                                        
                                            
x-amz-request-id: 321G7KC65BQECW8A 

                                        
                                            
Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT 

                                        
                                            
ETag: "faff29be89942a70690077f34b492a76" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 69133 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data

                                                Size:   69133

                                                Md5:    faff29be89942a70690077f34b492a76

                                                Sha1:   d76f347af48b6344fd689308e2a14d500d9d0f59

                                                Sha256: fd8cfef314a6286c65f6859d8a30f9ace29998a29c5002df3de66e9b3becb45e

                                        
                                            GET /landings/188579/1612535270/images/m5.jpg HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
x-amz-id-2: BfqDFwWhXJCG/7a+czJ/IjP0VkRg0W5Fb+JHofilrx8PBUHO/opDShFJM6sGcavMOr+Rut4q+sA= 

                                        
                                            
x-amz-request-id: 2XWKE9V5YNE51KB9 

                                        
                                            
Last-Modified: Fri, 05 Feb 2021 14:27:53 GMT 

                                        
                                            
ETag: "4bd0e0cf6f5f88bbe2cc0208374de87f" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 88182 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x667, components 3\012- data

                                                Size:   88182

                                                Md5:    4bd0e0cf6f5f88bbe2cc0208374de87f

                                                Sha1:   c7f4c3ba767085c35c8f3d245cb81e48b689ee39

                                                Sha256: 0be6e29ee0258c4be07c7f6682ab2497f1f7261c62539b34b419fd0beb951cdc

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 02:07:55 GMT 

                                        
                                            
age: 3185 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    30aec170d58f580f2ed4da4b92d72cc7

                                                Sha1:   3b11a98ba9563f7f266e7a935e3b78bd0c0712aa

                                                Sha256: 7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

                                        
                                            GET /images/favicon.ico HTTP/1.1 

                                        
                                            
Host: cdn-dimi.akamaized.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         184.31.15.67

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
x-amz-id-2: 3PLd1JbxzMUZnvLfJ08LlqJVa0X1bm3g8lDKKuDaPcpHRGpUOyvL763tb+Zgy/zeSb8kMvb/P10= 

                                        
                                            
x-amz-request-id: 2XWP9N688THY1C8H 

                                        
                                            
Last-Modified: Wed, 07 Nov 2018 08:41:38 GMT 

                                        
                                            
ETag: "4cdf3256cd7b8ec3917adb79d6bf457e" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Server: AmazonS3 

                                        
                                            
Content-Length: 4103 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   4103

                                                Md5:    4cdf3256cd7b8ec3917adb79d6bf457e

                                                Sha1:   bc615337e9223183a126c8fb649774866fb53e69

                                                Sha256: fbfff44a653dc193b93620f1035d221d3aaddf3238742270b3385482986ef7f0

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 6531 

                                        
                                            
Cache-Control: max-age=114881 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
Etag: "639057aa-1d7" 

                                        
                                            
Expires: Fri, 09 Dec 2022 10:55:41 GMT 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT 

                                        
                                            
Server: ECS (ska/F6FE) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    053aff7451e55d4269dd9610ab070f3f

                                                Sha1:   b3376256d11d159b0c7280ba1515b78d7d9e12ca

                                                Sha256: 24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

                                        
                                            GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" 

                                        
                                            
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} 

                                        
                                            
content-length: 8604 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Thu, 01 Dec 2022 21:48:07 GMT 

                                        
                                            
expires: Fri, 01 Dec 2023 21:48:07 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 537173 

                                        
                                            
last-modified: Thu, 10 May 2018 20:35:51 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (25088)

                                                Size:   8604

                                                Md5:    73069e532b7039778d3a7128c997c61a

                                                Sha1:   c523bbf1ac7f4e612c8ade75434c42fbca885adc

                                                Sha256: b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5

                                        
                                            GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         142.250.74.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8

                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js" 

                                        
                                            
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]} 

                                        
                                            
content-length: 10017 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Wed, 07 Dec 2022 10:16:35 GMT 

                                        
                                            
expires: Thu, 07 Dec 2023 10:16:35 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 60265 

                                        
                                            
last-modified: Thu, 10 May 2018 20:35:52 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (35547)

                                                Size:   10017

                                                Md5:    fa9987a23f5a9d865766e952511baa30

                                                Sha1:   f2e620b99ee61a01671ba6a9e22ca75d58a1b52d

                                                Sha256: 655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7

                                        
                                            GET /api/v1/retargeting/set/a29e4033-f1e9-4244-ad9b-e100f20a3cc4 HTTP/1.1 

                                        
                                            
Host: tsyndicate.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://rkkmj.prodlglousdate.net/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         136.243.43.25

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain; charset=utf-8

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
content-length: 35 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: 0 

                                        
                                            
vary: * 

                                        
                                            
x-api-version: 1 

                                        
                                            
x-request-id: 4dfa022f33593387 

                                        
                                            
set-cookie: ts_rt_a29e4033-f1e9-4244-ad9b-e100f20a3cc4=AAMC; expires=Fri, 08 Dec 2023 03:01:00 GMT; path=/; HttpOnly; secure; SameSite=None 

                                        
                                            
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform 

                                        
                                            
x-robots-tag: none, noindex, nofollow 

                                        
                                            
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 } 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   35

                                                Md5:    c2196de8ba412c60c22ab491af7b1409

                                                Sha1:   5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b

                                                Sha256: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: amDPwYNwHbSr5aYRYVAmuQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.148.70.121

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 3/WVbipWCh/cCZHMDzNs4o7Nw8c= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5092 

                                        
                                            
Expires: Thu, 08 Dec 2022 04:25:53 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5092 

                                        
                                            
Expires: Thu, 08 Dec 2022 04:25:53 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=5092 

                                        
                                            
Expires: Thu, 08 Dec 2022 04:25:53 GMT 

                                        
                                            
Date: Thu, 08 Dec 2022 03:01:01 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6110 

                                        
                                            
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ctEQAH2doAMFljA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 5fxuPjC35VBDaymSCPY_iBxDnQY4CFHgolHSmnDhCRUjzw5UzY7ovA== 

                                        
                                            
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Dec 2022 04:14:32 GMT 

                                        
                                            
age: 81989 

                                        
                                            
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6110

                                                Md5:    fb1ea0161d261518c99909aff49e6f58

                                                Sha1:   c3b915cb579b651db25442fea0bbedd0d292c0fc

                                                Sha256: d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8659 

                                        
                                            
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: czFSYFArIAMF46w= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA== 

                                        
                                            
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Dec 2022 23:35:32 GMT 

                                        
                                            
age: 12329 

                                        
                                            
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8659

                                                Md5:    b87d6543345f73653ed4a49b37d7c959

                                                Sha1:   c4f26846b8b72293368ff16915d49297cf12bbb9

                                                Sha256: aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9596 

                                        
                                            
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cy3_qH63oAMFfLg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: dcHU93cetsY4-vWHpT2xXozH1T7J3_1X8n6Yjd6lOuF8HbkpTQDerg== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Wed, 07 Dec 2022 22:13:24 GMT 

                                        
                                            
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391" 

                                        
                                            
age: 17257 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9596

                                                Md5:    c408efaa98ac2ce63bb1618368d10c15

                                                Sha1:   a51bbb49ebd862d04eaee465d0a35b22dcd21391

                                                Sha256: 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec

                                        
                                            GET /js/service-worker.js HTTP/1.1 

                                        
                                            
Host: rkkmj.prodlglousdate.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Service-Worker: script 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: unique_id=639122af0001a08c; unique_id2=639122af00033ee6; 639122af00033ee6_c=1; ref_token=21635_20904; 639122af00033ee6_sl=[188579] 

                                        
                                            
Sec-Fetch-Dest: serviceworker 

                                        
                                            
Sec-Fetch-Mode: same-origin 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
TE: trailers

                                         52.19.101.114

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript

                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Thu, 08 Dec 2022 03:01:00 GMT 

                                        
                                            
expires: Thu, 15 Dec 2022 03:01:00 GMT 

                                        
                                            
cache-control: max-age=604800 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	go.gkrtmc.com/aff_c?offer_id=5493&aff_id=61686&aff_sub5=push&source=propellerads.com&click_id=GfXS6DmJqRrMkBU9QQvnv6
IP	172.255.248.105 (Luxembourg)
ASN	#7979 SERVERS-COM
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-08 03:01:10 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (16)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.255.248.105

Last 5 reports on ASN: SERVERS-COM

Last 5 reports on domain: gkrtmc.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (49)

Overview

Domain Summary (16)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.255.248.105

Last 5 reports on ASN: SERVERS-COM

Last 5 reports on domain: gkrtmc.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (16)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (49)

Network Intrusion Detection Systems