respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
104.21.32.66301 Moved Permanently 0 B URL HTTP/1.1 respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 104.21.32.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 20 Dec 2022 04:43:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 20 Dec 2022 05:43:48 GMT
Location: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGb7egVPwVPMm9g18SFMQPC%2FW4wAbRKsxC3rs%2BUCZ0Z1j9kVHb8JaMwOodFjZYu3i5Q8bvhN1uXea3uRoYcKwChtgK8srX6oZSJGqRO2323QDC4TO8EY3qgV2IS9BzfAY5bI9VPQToWQ3%2BA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77c5b81e8ea2b515-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Tue, 20 Dec 2022 05:34:19 GMT
Date: Tue, 20 Dec 2022 04:43:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6602
Expires: Tue, 20 Dec 2022 06:33:51 GMT
Date: Tue, 20 Dec 2022 04:43:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 04:34:24 GMT
content-type: application/json
age: 565
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4746
Expires: Tue, 20 Dec 2022 06:02:55 GMT
Date: Tue, 20 Dec 2022 04:43:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7Wqx2zw0aNSONMO8tG2h6PUQ55yQjXTvAGnqzOyV5w2nyP5YlCDJ148gb1n8nyQbTdQR/OzmNtqgoZCGs8ihAw==
x-amz-request-id: 74S12Y9RYKX7BSER
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 03:54:50 GMT
age: 2939
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e48ae79979e8f12c09cd7e3e19be8483
322eb1b00859827eb3ad3e2fa594e09741f3da5b
cb87c52f953a9dd36ca65ef52c4cb5f901876c29801aadd76fe4238ee32f3bda
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87769
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 04:43:49 GMT
Etag: "639ff15e-117"
Expires: Wed, 21 Dec 2022 05:06:38 GMT
Last-Modified: Mon, 19 Dec 2022 05:06:38 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 04:08:02 GMT
age: 2147
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4df678b16094ceafefdbbd55707f4dbe
39a68e051456a8ab6c782502a94e8b95ccb0a71d
00561de9683c69a89e084b685df25c6ea4d3a38654a40554f127814200aadf6a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 55
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 04:43:49 GMT
Last-Modified: Tue, 20 Dec 2022 04:42:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e48ae79979e8f12c09cd7e3e19be8483
322eb1b00859827eb3ad3e2fa594e09741f3da5b
cb87c52f953a9dd36ca65ef52c4cb5f901876c29801aadd76fe4238ee32f3bda
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=87769
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 04:43:49 GMT
Etag: "639ff15e-117"
Expires: Wed, 21 Dec 2022 05:06:38 GMT
Last-Modified: Mon, 19 Dec 2022 05:06:38 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
respectphonesecurity.xyz/smart-security-0/scripts/main.js
104.21.32.66200 OK 1.4 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/main.js
IP 104.21.32.66:0
File type ASCII text, with very long lines (716)
Hash 2b587ebe5fc031d53c03909b91fc1251
0797cf7a7c430f6eb4a32987623381a344422f6f
01e1652f5f3e40d39a29199c99ecc9897728590427d6263b4fba5ebb3262ad17
GET /smart-security-0/scripts/main.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=2087
etag: W/"62735435-827"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3qcdg5BtCY5EMoUdiJtKBFL67brGZJMacawnC0jmM8jXK470Cznk5%2BwJ18jiBN7rMG8ZbRgAgX%2FebLvBFYQyLsYI8WFls%2B5GIFp9zzqrWvlbB8%2BgiV94JKU0VpTNRydnZLXsjIi%2F83tD3o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf350b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/url.js
104.21.32.66200 OK 1.6 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/url.js
IP 104.21.32.66:0
File type ASCII text, with very long lines (374)
Hash 032f4a0e0e826f07b8b8feea2585940d
b7788e5a0faa7dbda610877bf493fdc18df94a16
e33985a28c99675ab2cc9ebd3a278fbf765eabc56d5d639f31d2fb22f024e1bd
GET /smart-security-0/scripts/url.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=768
etag: W/"638340d2-300"
expires: Sat, 24 Dec 2022 07:56:14 GMT
last-modified: Sun, 27 Nov 2022 10:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 247655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnQKin3SFIuwqoo8ZrKU9lgIsNtKj3v63iczp0S1mfdiJPs9gBb69vQmQm8ve9az9msFhNqMwQCH7JyAnkKXvsXmFce%2BangNfZ0d4Hb2PRXQRtQs1t8662EAMixV9VU5QA2rK6dv1%2FJqSHM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf360b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
139.45.195.8200 OK 697 B URL HTTP/2 my.rtmark.net/p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8
IP 139.45.195.8:0
Hash 7e1da03b7d5254f7b1d93874c8f85ce4
c1ff6bec84dd9b2bf2bbcd11bb8791444f04b2d7
ff9366f794284e39381efd6b8ae4b6273469134c741ca7c3d6a1e1248e1a98d4
GET /p.js?f=sync&lr=1&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:50 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/timer.js
104.21.32.66200 OK 67 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/timer.js
IP 104.21.32.66:0
Hash 75e2903a1bb2b3fac210f52f691da771
41a2a153ba963cb2b1630c3cea80bdb21d8e843a
5da0a536a627d6d8b615714d8315c1ac6741cd9e6739944f322f778713fe19bf
GET /smart-security-0/scripts/timer.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=713
etag: W/"62735438-2c9"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZEqc7lXemCfMwF%2BNMOkWYLkC1tSUwlbf7cw1iUGMU4jwxAX%2BiHD7LVlr9UsdKpK1%2BFMA%2F%2FV8yEDBTk9ep7uEe1H45htSjgj2KeZJ3grOUJOl02kJ%2B0fLX7e%2FkTtBEcCJcKrv%2FRo1mYbiPAk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf3b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.70.68.230101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.68.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VOkiTwzWykFeII7HQAi6Cw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VsjxNSUPN/5kjI7RNZHDqGdISo0=
respectphonesecurity.xyz/smart-security-0/scripts/sendClick.js
104.21.32.66200 OK 32 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/sendClick.js
IP 104.21.32.66:0
File type ASCII text, with very long lines (963)
Hash f13762630973f0b99cd33af2edc4a1e5
e8ac9e9f35a8463f975f7ed514c259a78218897d
7fd80b8446d9d31ea1c7570837a9f831d09b4629dc72923424c82e0ce10950b5
GET /smart-security-0/scripts/sendClick.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=4963
etag: W/"62735437-1363"
expires: Sat, 24 Dec 2022 07:56:14 GMT
last-modified: Thu, 05 May 2022 04:36:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 247655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udjb1OczBSzFsA4K3gih4zcqimDC2FZJXnVUIOmLT7G%2BTYmCrlQAwhTi0Yl8ZJbncUSYc21sk6qVJ45EzsIUpUzYhgZ5s4GCC%2BMQ8gToaD0xSWTs1SBTY%2B5Wu7DSzRsmpDZT9fOIlWamG0Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824cf430b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
analytics.tiktok.com/api/v2/pixel
95.101.10.113200 OK 0 B URL HTTP/2 analytics.tiktok.com/api/v2/pixel
IP 95.101.10.113:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 922
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Cookie: _ttp=2JACJg5uKGGq4oxr4BWOBYjyqpn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022122004435020FD7A7A7F79D3AF3242
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb616c037d177ce59e2a29555d6813ad633e7f69387353b72c3853a79f1d3814f0ec6c93f7fdf93b0cffa95a27285aaa541ce66434ef3a47eac0674c6773b301c60dcf90b23d8bef80594ff5875406b7e66
expires: Tue, 20 Dec 2022 04:43:50 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 20 Dec 2022 04:43:50 GMT
x-cache: TCP_MISS from a95-101-10-109.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=5, origin; dur=113
x-origin-response-time: 114,95.101.10.109
x-akamai-request-id: 13929b02
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc152b6202233178701522d8555f8035
49313f6e165fc6021709df73ec74a8d50f333d5c
69c8b1c182a4d8a75e2b96f272690d001d8213a793cdcc87a89144a1047d3e06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69C8B1C182A4D8A75E2B96F272690D001D8213A793CDCC87A89144A1047D3E06"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=616
Expires: Tue, 20 Dec 2022 04:54:06 GMT
Date: Tue, 20 Dec 2022 04:43:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f0bc735a49ecd78dab98ec7a0fb6c806
a7f392e6bbd0e73ef7f21029e887f96e2565129e
d55e0f53f3386412d602eae6b81d3db790c50cbf584fb408a9d217a26fdee6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D55E0F53F3386412D602EAE6B81D3DB790C50CBF584FB408A9D217A26FDEE6A9"
Last-Modified: Tue, 20 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14616
Expires: Tue, 20 Dec 2022 08:47:26 GMT
Date: Tue, 20 Dec 2022 04:43:50 GMT
Connection: keep-alive
respectphonesecurity.xyz/smart-security-0/scripts/push.js
104.21.32.66200 OK 812 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/push.js
IP 104.21.32.66:0
File type ASCII text, with very long lines (400)
Hash 1d5f377a7963e9a80ffc047ec93c25b5
46371387a48b1cfa1ede7042a6e470a2efa44e4a
223422be5eecb4d8b12a4ac66d6d67f29ddbc31085b6c74418324e2ba624f1e2
GET /smart-security-0/scripts/push.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=2579
etag: W/"62735436-a13"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPEHtP4ajzqoHJJZOKca9AKXXwEylN1kzvhY%2BxaPaAdPQybgUM2sB3vbFLbtlZPkn4OTlw7zyhxaehN9u%2BktH9CaX3keI8rp7vpMZA0H5JUQI79Jhnm0piinv1hDoixMyz4NCIREI6Iox58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf3e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6279e84469fe201666f01530f7a042bd
0ab568fc1fe6ca2ccaf60f8dbe3aadae2f33d528
e84d19937b08c3ebf3bb4e0a53dd658c1217873d9d23c0081777578c01db3870
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 20 Dec 2022 04:43:50 GMT
Last-Modified: Tue, 20 Dec 2022 03:09:51 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZB6DUBUtjs11qVHf-d1q_DPKETXzbH1UgtFS-6Y2hAFyG76QzyR45A==
Age: 5639
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6279e84469fe201666f01530f7a042bd
0ab568fc1fe6ca2ccaf60f8dbe3aadae2f33d528
e84d19937b08c3ebf3bb4e0a53dd658c1217873d9d23c0081777578c01db3870
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144461
Date: Tue, 20 Dec 2022 04:43:50 GMT
Etag: "63a0c1ac-1d7"
Expires: Wed, 21 Dec 2022 20:51:31 GMT
Last-Modified: Mon, 19 Dec 2022 19:55:24 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OUJZLVm-rFu63Acio2jBLaKRY6VajnDZhV5hBsu750Mw_hsJLEOq-A==
Age: 3367
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
54.243.129.215200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP 54.243.129.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://respectphonesecurity.xyz/
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Tue, 20 Dec 2022 04:43:50 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
68.183.98.124200 OK 8 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP 68.183.98.124:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with no line terminators
Hash f30c3a40e9a3e65c868c754a5de95919
65101ff283414b70636ff494d866190a66ed9978
875befe7cefc0715a17dc737f9514dda981f79a3c9f174badcae5bd1cc2425fe
OPTIONS /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://respectphonesecurity.xyz/
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Dec 2022 04:43:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 8
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Allow: GET,HEAD
app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
54.243.129.215301 Moved Permanently 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model?model=x64
IP 54.243.129.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /device_by_model?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Server: gunicorn
Date: Tue, 20 Dec 2022 04:43:50 GMT
Content-Type: text/html; charset=utf-8
Location: /device_by_model/?model=x64
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Content-Length: 0
Via: 1.1 vegur
overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
68.183.98.124200 OK 126 B URL HTTP/1.1 overalltrack.com/api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1
IP 68.183.98.124:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash c8f85db18fe8f89306f6c0819c67036d
7b5c44e4a9fd70e664aa4fe54fc0bd7bb3963a31
a71ab24977d03d440189548647bee7fdbdf0d6dee44478d1f6b44f17699a75ee
GET /api/v3.0/clickapi/otherInstall?clickId={clickid}&aid=1&checkOld=1&medium=restart_push_{offer.name}&source=var1&campaign={trafficsource.name}&publisher={trafficsource.name}&checkUninstall=1 HTTP/1.1
Host: overalltrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 20 Dec 2022 04:43:50 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 126
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=sync&partner=4d524b7a70f9429d3f354097c0083db80c0150ac1699f4b97f6029051cf877c8&ttl=&rurl=https%3A%2F%2Frespectphonesecurity.xyz%2Fsmart-security-0%2Findex.html%3Fclickid%3D%7Bclickid%7D%26utm_source%3D%7Bvar1%7D%26utm_medium%3Drestart_push_%7Boffer.name%7D%26publisher%3D%7Btrafficsource.name%7D%26utm_campaign%3D%7Btrafficsource.name%7D%23 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:50 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=907fe5a2050c4f51814dc2156116483f; expires=Wed, 20 Dec 2023 04:43:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
54.243.129.215200 OK 0 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP 54.243.129.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Origin: https://respectphonesecurity.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Server: gunicorn
Date: Tue, 20 Dec 2022 04:43:50 GMT
Content-Type: text/html; charset=utf-8
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
Access-Control-Allow-Methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
Access-Control-Max-Age: 86400
Content-Length: 0
Via: 1.1 vegur
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b06f86dd092e33b22e5d82ee4f8c8e71
42616371256405bdba2d9f7ef21e755efad1b6ad
4ca35e35ebf683b39ea7c90c549d4d81c1f5a518def2f9462aa068f43c514f8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CA35E35EBF683B39EA7C90C549D4D81C1F5A518DEF2F9462AA068F43C514F8B"
Last-Modified: Mon, 19 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16439
Expires: Tue, 20 Dec 2022 09:17:50 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
54.243.129.215404 Not Found 86 B URL HTTP/1.1 app1-smartsecurity-etl.herokuapp.com/device_by_model/?model=x64
IP 54.243.129.215:0
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 024c203b02c3d88f5e07d125220aa18a
4450bc452d44c05834e068f5341745b2e81ebbe3
a7360add54a81883d7f3e724d07de917a7fcd5cc190db96b7de642d34ceb2787
GET /device_by_model/?model=x64 HTTP/1.1
Host: app1-smartsecurity-etl.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://respectphonesecurity.xyz
Authorization: Basic bGFuZDptb2RlbGJyYW5k
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Connection: keep-alive
Server: gunicorn
Date: Tue, 20 Dec 2022 04:43:51 GMT
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
X-Frame-Options: DENY
Content-Length: 86
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Vary: Origin
Access-Control-Allow-Origin: *
Via: 1.1 vegur
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Tue, 20 Dec 2022 05:40:13 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Tue, 20 Dec 2022 05:40:13 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Tue, 20 Dec 2022 05:40:13 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Tue, 20 Dec 2022 05:40:13 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3382
Expires: Tue, 20 Dec 2022 05:40:13 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49a98c00b1949e152b5f31c588a76a63
1315068dfd111f24e39d14434c719ef10328bfbf
6f67099495261e1114eeca46d2afd3c0bc6921fbc20a6e3e78c4af5d1c9edbc2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7b99ff1-3a90-4792-98d7-d8a29855c0b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9593
x-amzn-requestid: 3a50abdf-4974-4f53-bdc6-5c15a84fea65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da6rNHYQoAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10b14-40a012f068ef226f07b54875;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 01:08:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: vr3KPzYtoXK8ovd6YeEi1sRG-q4ukS9YoGtJeT44Wu5E-yvDTfP5Fg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:28:13 GMT
age: 11738
etag: "1315068dfd111f24e39d14434c719ef10328bfbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd309904d-b04d-4ea5-a08f-18c679152ad0.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd309904d-b04d-4ea5-a08f-18c679152ad0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93c59f175466e2f77cec141a40cf3587
2f3c4bad2a69184f567f74c814b59b53aa777029
974563dd61f2afb6e26bb5516244d16ed1e76124cc6b500a2039e1d255d8945d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd309904d-b04d-4ea5-a08f-18c679152ad0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9893
x-amzn-requestid: b6a76f15-7dc0-43e6-968c-3c228b9aece7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FHXIAMF2tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-7dab8e9d620fa4323a19ebfc;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Aw59TwBhJR-YTBGSg5KqhI-oRTPlj1Y2-a6oQf4NTzAw2NL9_H3Qfw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:54 GMT
age: 25077
etag: "2f3c4bad2a69184f567f74c814b59b53aa777029"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff347c084-6390-44ad-bc9f-386638feccf3.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff347c084-6390-44ad-bc9f-386638feccf3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42198886593c55b1ced896711cf7e9e7
376a27f2ac0455a961ff6db195af04ac226bed25
fc25aab43d42aae8794b2a4deebc9ae74d2e974125f8c0a43cc22adbb6fc5dad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff347c084-6390-44ad-bc9f-386638feccf3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12146
x-amzn-requestid: 47b7682c-6442-468a-b8a7-1835f72cf5ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dYbuzEHkoAMFhXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a00cc4-7a217e2f45edc30e1ea08187;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 07:03:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1pWLX3AeS7V6RqgUZunNGVWJPIf0Ow0BKlana-KGtuDH9tpdSfL1OQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:25:54 GMT
age: 76677
etag: "376a27f2ac0455a961ff6db195af04ac226bed25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
34.120.237.76200 OK 2.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ac396f580b50a626abbeb37c0ec5f005
626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb
3546f7a2be3f578ad9d8b8f57b89a69b6ece9b08da63fb9448e5e6dde4d3332c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee1dbf08-d046-4d26-8221-af352c7c7eba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2054
x-amzn-requestid: 5072b75c-7455-45cc-a35e-be7e0ed77496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabqhHE6IAMFrxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d976-026c95822615b2550edb00e7;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XxmrTTAq667e3H9thY8MDXLqO2QWJXuLKm0YvmyNm96fd8DTs8tvwQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:54 GMT
age: 25077
etag: "626262a7313aeb54bcdbcaf682f73d9ff4a4cfcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _nupdrdRDG-S085FRNoJgzDQVg9Ngb_nYDR5C1AkkterWy8vlXBxGw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 21:45:54 GMT
age: 25077
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c0b328a68846a842022c81d3cc08fa08
d400aa9d94ed7bad420b7dd83a618a538713d86e
76479b700a2ce9b43031a388ecd0d3d321d18c7076127bcdca520c92fa4fefdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68622eb4-6e6a-4d7c-a1e2-e6ad245ebc59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5274
x-amzn-requestid: 9a59baed-48d7-4bd2-ab1f-df0a1be17188
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4QDFqnoAMFytg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10733-704bd1ae555c406e541bd6ae;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:52:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Lsxk9LBqlL9VUpdwu3JFjH2XWt5OdMdK5QUf50ogikAgvAyXb7a6xw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:14:29 GMT
age: 12562
etag: "d400aa9d94ed7bad420b7dd83a618a538713d86e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
18.192.108.151200 OK 724 B URL HTTP/2 track.profitableredirect.com/e69b0e43-f199-496b-87cc-2daa322bb681
IP 18.192.108.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash 1798cc765821346a760564dfac64a95b
49d3d5ae2948534f1c9a9aa53422ecc3f9aba0e4
e47fc2277a104f0b8242c706954a700495afb2b5c9de78e586ebc3ed61b73006
GET /e69b0e43-f199-496b-87cc-2daa322bb681 HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:51 GMT
content-type: text/html;charset=UTF-8
content-length: 724
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=-sWvzrRDyuXLLV8vRjJEWEM_fPwm2JZSRiiu_QI_50U; Max-Age=86400; Expires=Wed, 21-Dec-2022 04:43:51 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=IR3GBdWpq0KML5dodDw2v%2BwiQ%2BfV4JKqc9RDfVpyGYrr%2Fwt34mAsnMZ4RYY5O9C%2FqFBa3eVRjuO2k%2F%2Bdv76hN6CmEKqtfeNzmLpc4jACKXrtKS47tEtg49%2F1JtYtWP4EdXFkHsPbGxpnOBUUDSbWfA%3D%3D; Max-Age=31536000; Expires=Wed, 20-Dec-2023 04:43:51 GMT; Domain=track.profitableredirect.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 052b958c8b3ed0ef450522181248c346
0f804c8d0b94b4a6bdab52169f86469df824c6f9
ef2d91e36bfb16d4f0f54cfa2794f0e55f5d1d1d5ac47da4a48e7f52f963a205
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2D91E36BFB16D4F0F54CFA2794F0E55F5D1D1D5AC47DA4A48E7F52F963A205"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4248
Expires: Tue, 20 Dec 2022 05:54:39 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a208c9f2ba01a6b7934298eac8d0cf71
5d6c4d4e87e270c3b3d2d9830c6f3b7da6659fd0
bcace9bd7f04ac446f144f1a3182f239c8b52a946972a932901d007923d70ff7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCACE9BD7F04AC446F144F1A3182F239C8B52A946972A932901D007923D70FF7"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8184
Expires: Tue, 20 Dec 2022 07:00:15 GMT
Date: Tue, 20 Dec 2022 04:43:51 GMT
Connection: keep-alive
ouhastay.net/favicon.ico
139.45.197.239204 No Content 0 B IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: OAID=aacaf5b8dd524eadbe70333e4e4a2cbd; oaidts=1671511431
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 20 Dec 2022 04:43:52 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
pragma: public
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
ouhastay.net/afu.php?zoneid=3647676
139.45.197.239200 OK 736 B URL HTTP/2 ouhastay.net/afu.php?zoneid=3647676
IP 139.45.197.239:0
Hash bf406e79fd5f77b89184735904c86c0f
b9911b70250b297fe230ee7b27ad837db9e2a204
3638a506b830fa6552c7a3b45de91b090b05d40f8fbf9f6e2bbee82fdb7ce23d
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=3647676 HTTP/1.1
Host: ouhastay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:51 GMT
content-type: text/html; charset=utf8
x-trace-id: 460297ad5e75fc25d8558bb783c5d169
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://comerbia-immesses.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=aacaf5b8dd524eadbe70333e4e4a2cbd; expires=Wed, 20 Dec 2023 04:43:51 GMT; path=/; secure; SameSite=None
oaidts=1671511431; expires=Wed, 20 Dec 2023 04:43:51 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1671511431414&hash=S5tbRska1IRROVUCGVwlBF9tdx-O1VXKLbJxLkbw_M0&rm=DJ
18.192.108.151200 OK 424 B URL HTTP/2 track.profitableredirect.com/redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1671511431414&hash=S5tbRska1IRROVUCGVwlBF9tdx-O1VXKLbJxLkbw_M0&rm=DJ
IP 18.192.108.151:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (424), with no line terminators
Hash 03ab185b43632ca143ad0a05b5ad7c76
d650a7441bef0d8c04f8aaaa2de6be743d757460
72235612e73b145c28b49ac3d247f41c942f81be00a5de5d6ecfb985787e2a4d
GET /redirect?target=BASE64aHR0cHM6Ly9vdWhhc3RheS5uZXQvYWZ1LnBocD96b25laWQ9MzY0NzY3Ng&ts=1671511431414&hash=S5tbRska1IRROVUCGVwlBF9tdx-O1VXKLbJxLkbw_M0&rm=DJ HTTP/1.1
Host: track.profitableredirect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: e69b0e43-f199-496b-87cc-2daa322bb681-v4=-sWvzrRDyuXLLV8vRjJEWEM_fPwm2JZSRiiu_QI_50U; cc-v4=IR3GBdWpq0KML5dodDw2v%2BwiQ%2BfV4JKqc9RDfVpyGYrr%2Fwt34mAsnMZ4RYY5O9C%2FqFBa3eVRjuO2k%2F%2Bdv76hN6CmEKqtfeNzmLpc4jACKXrtKS47tEtg49%2F1JtYtWP4EdXFkHsPbGxpnOBUUDSbWfA%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:51 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/css/style.css
104.21.32.66200 OK 2.2 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/css/style.css
IP 104.21.32.66:0
File type ASCII text, with very long lines (5464), with no line terminators
Hash f0bfe31e45448330b25b40e91557a60d
df9bfd492859aa497de9335c955df2c1be33a24e
d9166905b4e83f904d2866a50434c3b4938b617da367bcc0a55444d07edd0bd2
GET /smart-security-0/css/style.css HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: text/css
cache-control: max-age=604800
cf-bgj: minify
etag: W/"62735432-14eb"
expires: Sat, 24 Dec 2022 07:56:14 GMT
last-modified: Thu, 05 May 2022 04:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 247655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXnSICYV4ILPTvbViySbO6%2FxTSdHHkd9%2B6Ce%2BxbWL6MKiiqSExNBLjB8Vppz6mZWT3X5vc5Xd3kzs4FXgW%2F9QEMJIfiiSDxAGXJfQBXlrs3iYckaBoISa01X5u2V6UYtWiPRQKs7YT1zFpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824af340b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
103.155.93.220200 OK 11 kB URL HTTP/1.1 business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (944)
Hash 89b4972fc17894dcbbb17b67ebd97567
0eec8d89651b8f3b4157d3f90b154738de351a88
34e789a62c56828c9153dfa49a9e5a4f92bd1e313be54bd7fcd91eaf1e5e268f
GET /no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1 HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.5
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 04:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
business.news-reports.net/no4198271919/index_failid/057dd4e.css
103.155.93.220200 OK 35 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/057dd4e.css
IP 103.155.93.220:0
Hash cae2d6f123b7bdaf7dafae5b4135e8f5
4c9a8ec2174df5c05f8eb1b97b9bdc4d55d35409
5683c42a33318856f7f5925c8ee73700a9e67882b421b08d6ed166fe33762554
GET /no4198271919/index_failid/057dd4e.css HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Dec 2022 12:51:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63a05e5e-2f889"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
business.news-reports.net/no4198271919/index_failid/new_style.css
103.155.93.220200 OK 2.0 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/new_style.css
IP 103.155.93.220:0
File type assembler source, ASCII text
Hash 8991f5a2b4d03c34bf1fb980a348a083
c232c16cb0836b9a9a381b19aae87bdaf359a756
a362021a1e8079d9ac271aeb78e990e4d54e13e714ff3c35a0b51db026220254
GET /no4198271919/index_failid/new_style.css HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Dec 2022 12:51:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63a05e67-1e54"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:50:02 GMT
expires: Fri, 15 Dec 2023 20:50:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 374030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
business.news-reports.net/no4198271919/index_failid/logo.png
103.155.93.220200 OK 2.2 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/logo.png
IP 103.155.93.220:0
File type PNG image data, 210 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a666fec47c6ddd2e1fcb4521d05ea7d
433035a8154651301903cc91444b0f8655f1b137
c8763cd9b8f79665004c9a425826394c1c52f13795031ed9841f5f681aa0510f
GET /no4198271919/index_failid/logo.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 2190
Last-Modified: Mon, 19 Dec 2022 12:51:48 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e64-88e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/blank-picture.jpg
103.155.93.220200 OK 987 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/blank-picture.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 267a4ef3568a448572645b0f5d97c36f
c2cddc4dfea572fdaf18b0e8cce77cc73c10bab2
267ded37bff34b6c9c17a119f515d124afd19640a98f0700721a299d3e76584f
GET /no4198271919/index_failid/blank-picture.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 987
Last-Modified: Mon, 19 Dec 2022 12:51:45 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e61-3db"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0dc23a845daadd984dd46924d80efb81
8b6ac466ee633c3a3a2eff65bd60dcb6097e5c75
3f3ebc1214709374a862beef3041aec51861f5fa7377f12710853bf31c772c58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 04:43:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
business.news-reports.net/no4198271919/index_failid/abonnement.png
103.155.93.220200 OK 28 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/abonnement.png
IP 103.155.93.220:0
File type PNG image data, 240 x 104, 8-bit/color RGB, non-interlaced\012- data
Hash 530f35b32926dee2dae506ab46d6126a
ac0cc16832f03442f9b1d7902910ae262ce31dde
a42020105cd36593758ce11cb57b94251efb0c6388b31254a954161f6a13f660
GET /no4198271919/index_failid/abonnement.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 28302
Last-Modified: Mon, 19 Dec 2022 12:51:44 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e60-6e8e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/footer-mobile.png
103.155.93.220200 OK 17 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/footer-mobile.png
IP 103.155.93.220:0
File type PNG image data, 110 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 0119c8b29c3c1171f36f5d9986ff6d42
0e5222566c0911d88c8c94c95d8d34d7147585e8
c53075a7d7aac30d0d0b58ec4bc505e8b25807ba5a43ed9eaa0473649f190d5e
GET /no4198271919/index_failid/footer-mobile.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 17352
Last-Modified: Mon, 19 Dec 2022 12:51:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e62-43c8"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/comment.jpg
103.155.93.220200 OK 4.4 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/comment.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 68x22, components 3\012- data
Hash 10738ce84ddd05eeb9216ed8324225b3
75fe44380c32ec845694ae88d1eff99859898216
d7c2ca7c311f9e7023065ede7eece8325b2f9038ab10d1974b7684f9e410d63a
GET /no4198271919/index_failid/comment.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 4418
Last-Modified: Mon, 19 Dec 2022 12:51:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e62-1142"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/mr-no-1.jpg
103.155.93.220200 OK 27 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/mr-no-1.jpg
IP 103.155.93.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 550x161, components 3\012- data
Hash 24ee5899a438ecbef9ded4c3af61d376
6972979cab392f4817b80e257c81d9b8ee2ce817
ade414be30a18c022f0bf58293916c77993580bc7987d84cede4ff8fbb4645eb
GET /no4198271919/index_failid/mr-no-1.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 26613
Last-Modified: Mon, 19 Dec 2022 12:51:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e66-67f5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
respectphonesecurity.xyz/smart-security-0/scripts/backblock.js
104.21.32.66200 OK 47 kB URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/backblock.js
IP 104.21.32.66:0
Hash c60ca7897059499d7074d4e49c3531bc
f1476ec8c7501d7072f2b1a8b5ab52179b9fe459
3440e5cde69cf93ad37622bcc827b3474bd8ddb8bcfc8aeb3136c406c498ace8
GET /smart-security-0/scripts/backblock.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=436
etag: W/"62735432-1b4"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LOSPj1z211Tl1%2BnpKzKw%2FYOc2Trzp1zQ4BIWkQTidPbnQEj3pGaV1nuvlrmkTBNVFK20eQNdHwwxgNLZOFZ1LMMQFjpYfSjO9ebC%2B%2BeZ03cL8DDLk9ItWRulovybtghSAre30kS3rK%2FnaAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf400b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
business.news-reports.net/no4198271919/index_failid/img-user-asian-new-female02.jpg
103.155.93.220200 OK 6.1 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/img-user-asian-new-female02.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "*", progressive, precision 8, 160x160, components 3\012- data
Hash 719c565612286b72ae91f7fea52c2b63
811f11534dc02dd6c9fb83b728504f880530324d
62bc2909af582a0af35b396be0d6734eba42544ebbdba17dce9b9cd3a1154afb
GET /no4198271919/index_failid/img-user-asian-new-female02.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 6143
Last-Modified: Mon, 19 Dec 2022 12:51:47 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e63-17ff"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/188.css
103.155.93.220200 OK 222 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/188.css
IP 103.155.93.220:0
Hash 998f729afd0cdccdaf1ccd12554fecea
f4cf370e3677272212218de0b65180b44c68f78e
a76670cf1203d5bec66d42d3947653133bb097dfd8e94e23035bc459ab4fec06
GET /no4198271919/index_failid/188.css HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/css
Last-Modified: Mon, 19 Dec 2022 12:51:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"63a05e5f-39d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
business.news-reports.net/no4198271919/index_failid/img-user-white-female11.jpg
103.155.93.220200 OK 4.7 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/img-user-white-female11.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 160x160, components 3\012- data
Hash e20a9fae61afcc755a1d55861b033379
23ec24b5cca839af1b91c3a9fe7a69bfd9b52518
9e6752a96225587259c4ecd16fdba9b9732da1b8619b6f1805146ef8292ce852
GET /no4198271919/index_failid/img-user-white-female11.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 4713
Last-Modified: Mon, 19 Dec 2022 12:51:47 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e63-1269"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/menu-grey.png
103.155.93.220200 OK 146 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/menu-grey.png
IP 103.155.93.220:0
File type PNG image data, 32 x 32, 4-bit colormap, non-interlaced\012- data
Hash ca538cdb819a00adad8cd66a24a71165
794279e984b30a4f4d0314ffc1d15d21c3f244d3
7424ba28237f2ec5c99b92c319303f8ab1efaeaf85c2e33764c0d7dadbb97321
GET /no4198271919/index_failid/menu-grey.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 146
Last-Modified: Mon, 19 Dec 2022 12:51:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e66-92"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/img-user-white-male12.jpg
103.155.93.220200 OK 4.0 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/img-user-white-male12.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "*", progressive, precision 8, 160x160, components 3\012- data
Hash 79a142a80f11ed3402e459417bdb6726
db12b4c96baf8f73696ce30358a01b0d4f31ceb1
3b5cd95d9b6bf7559ded1b0634ea7ca3766bfaef7786b97b301881d8e53947f6
GET /no4198271919/index_failid/img-user-white-male12.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 3993
Last-Modified: Mon, 19 Dec 2022 12:51:47 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e63-f99"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/img-user-white-female07.jpg
103.155.93.220200 OK 7.9 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/img-user-white-female07.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "*", progressive, precision 8, 160x160, components 3\012- data
Hash f175da426ec493d77e4ac202ba84da3e
e57d147d1d86f121c7a11732cc996cefbde00548
8c83b55ddddaad89655437dadba76599ade8230a75408ca1c3b51d6b760f4cf3
GET /no4198271919/index_failid/img-user-white-female07.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 7886
Last-Modified: Mon, 19 Dec 2022 12:51:47 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e63-1ece"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/n4.jpg
103.155.93.220200 OK 2.7 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/n4.jpg
IP 103.155.93.220:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "*", progressive, precision 8, 92x92, components 3\012- data
Hash 8b7e173699a0f46ec497a89c8f0a4d2a
7bef92942e405ba1b2334f0dfa393a94d48916ab
d8b5b036e05cd94256f60eda67c97667cc1d19e6b86fdab14246f8e12abb64eb
GET /no4198271919/index_failid/n4.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 2653
Last-Modified: Mon, 19 Dec 2022 12:51:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e66-a5d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/image-footer-HEBDO.jpg
103.155.93.220200 OK 20 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/image-footer-HEBDO.jpg
IP 103.155.93.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x120, components 3\012- data
Hash 2880417e72c51fb0d7a14856f250720a
f3597193d279b052268d741134d5213816003598
111a5434d0d48559cfb52b25e2a0f80ebd51591b8f8db6822205ef082599c1e8
GET /no4198271919/index_failid/image-footer-HEBDO.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 20390
Last-Modified: Mon, 19 Dec 2022 12:51:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e62-4fa6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/app-android.png
103.155.93.220200 OK 7.3 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/app-android.png
IP 103.155.93.220:0
File type PNG image data, 111 x 123, 8-bit/color RGBA, non-interlaced\012- data
Hash 913bb57bf4fc8768c0f6130fb80e23bb
dea92cf36b3bbea6e3b2f41bdae62ec6a912b135
7a3ab9abfe1a84403ef86c5fde64d8011b26377538694639bb694b74e45b127c
GET /no4198271919/index_failid/app-android.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 7299
Last-Modified: Mon, 19 Dec 2022 12:51:44 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e60-1c83"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/monster_logo.png
103.155.93.220200 OK 2.8 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/monster_logo.png
IP 103.155.93.220:0
File type PNG image data, 112 x 19, 8-bit/color RGB, non-interlaced\012- data
Hash 1d9bc64f16f7c33a68cba7acd54eddb4
2699a2a73b3b768f12d5e014b0707d962336191a
7d1c874361557c08ee52702b5123e649594d289bd69cf45c3efc8fb5177acf9d
GET /no4198271919/index_failid/monster_logo.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 2801
Last-Modified: Mon, 19 Dec 2022 12:51:50 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e66-af1"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/social_icon.png
103.155.93.220200 OK 452 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/social_icon.png
IP 103.155.93.220:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 62c876fc33f3fdd093f62f878115a70b
e6f35806bc75c62842153f05bc5d34024a95e563
974187dcb9304d707f6db80cb0d03cbdb5fd78cc4e1ad7508e4548b4b2c380ec
GET /no4198271919/index_failid/social_icon.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 452
Last-Modified: Mon, 19 Dec 2022 12:51:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e67-1c4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/app-apple.png
103.155.93.220200 OK 7.8 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/app-apple.png
IP 103.155.93.220:0
File type PNG image data, 110 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bea173075bd04035411c27ca4d15a6f
8ad039c46dbdf35cc045129492b17d5527df2296
97184a66205479b831071f32dda3931c0771ba9edcbed0fe647005f0b479122a
GET /no4198271919/index_failid/app-apple.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 7814
Last-Modified: Mon, 19 Dec 2022 12:51:44 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e60-1e86"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/sprite-icons.gif
103.155.93.220404 Not Found 240 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/sprite-icons.gif
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 867b2c5f305b5b93d47b9e314086fee4
6d2dfb7132ebbf445e605532c1fcfbe90a785029
c2627bac6f2dbae5d117c25634da53d147a4d5a2fdfe70e62e1ae7442081a054
GET /no4198271919/index_failid/sprite-icons.gif HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/057dd4e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 240
Connection: keep-alive
Keep-Alive: timeout=60
business.news-reports.net/no4198271919/index_failid/footer-quotidien.jpg
103.155.93.220200 OK 16 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/footer-quotidien.jpg
IP 103.155.93.220:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x120, components 3\012- data
Hash 267738ca3f457b8342791965937d4b58
f3a5d7aa7e34c320516c0eb2d63193f58a20881c
862944516cacb5caf3000f2ea4235f7fdcf8c8d33edcc509bde032a96284bef6
GET /no4198271919/index_failid/footer-quotidien.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/jpeg
Content-Length: 15643
Last-Modified: Mon, 19 Dec 2022 12:51:46 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e62-3d1b"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/sprite-article.png
103.155.93.220200 OK 3.6 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/sprite-article.png
IP 103.155.93.220:0
File type PNG image data, 20 x 440, 8-bit/color RGBA, non-interlaced\012- data
Hash a738e5857d2be22bb0a8dea6a08d9785
0110d46be76cd8ade8de072068f7182b8c5112f5
4a0ed9a107ad5654e45c05379d0c99944f06940b85e0448e0292d48cc60b54fd
GET /no4198271919/index_failid/sprite-article.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/057dd4e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 3636
Last-Modified: Mon, 19 Dec 2022 12:51:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e67-e34"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/sprite-icons.png
103.155.93.220200 OK 11 kB URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/sprite-icons.png
IP 103.155.93.220:0
File type PNG image data, 47 x 1100, 8-bit/color RGBA, non-interlaced\012- data
Hash cd40fb94654aa69bf30f199858b7ccba
80f380deb70a2dd5b4a597b2186f2d3e46aa8e46
44f93e315cbb77ab08ab3f8b31961c1d4cf0371c6328f229ab8f1617ae325def
GET /no4198271919/index_failid/sprite-icons.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/057dd4e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: image/png
Content-Length: 10778
Last-Modified: Mon, 19 Dec 2022 12:51:51 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "63a05e67-2a1a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
business.news-reports.net/no4198271919/index_failid/bundles/download-app.png
103.155.93.220404 Not Found 248 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/bundles/download-app.png
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8412f8abdc0a4c03fbec4e81d9ef5668
e737394f1b1a7ca5d1b16fece7c9f13c02797f83
4e48ef74e51f51c0a0dd31ebc51a0c9473e4f29391c1891db90326022b1abab5
GET /no4198271919/index_failid/bundles/download-app.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/057dd4e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 248
Connection: keep-alive
Keep-Alive: timeout=60
business.news-reports.net/no4198271919/index_failid/like.png
103.155.93.220404 Not Found 232 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/like.png
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 240b9541f6d851774cf9198671cc4541
2a6e9ebd1580f0258036d8833a5fe7fa43e2fe62
b76d2ff8a1d663f560fe26cf62a4f2c05eb311e96ea0aa1dbecdd230937652c3
GET /no4198271919/index_failid/like.png HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/new_style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 232
Connection: keep-alive
Keep-Alive: timeout=60
business.news-reports.net/no4198271919/index_failid/bundles/footer-cta-bg.jpg
103.155.93.220404 Not Found 249 B URL HTTP/1.1 business.news-reports.net/no4198271919/index_failid/bundles/footer-cta-bg.jpg
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a1233933901462cfe06ca35923f18b97
f6f20a3013ff5922cda8d9ec5cc3917c5054f019
96c6d67df6c39f37b696533d3d0d8d76e80463a873466b374e01ac56e454655a
GET /no4198271919/index_failid/bundles/footer-cta-bg.jpg HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/index_failid/057dd4e.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 249
Connection: keep-alive
Keep-Alive: timeout=60
business.news-reports.net/favicon.ico
103.155.93.220404 Not Found 209 B URL HTTP/1.1 business.news-reports.net/favicon.ico
IP 103.155.93.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
GET /favicon.ico HTTP/1.1
Host: business.news-reports.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://business.news-reports.net/no4198271919/?td=comerbia-immesses.com&cep=oilLe7XPPzJ4vayrfSpS4s755VzqatTTcSPUwxzJyhSUcfZ955bwE7DDWy5eifBHrTXKYZWHR4fycNPIicrQKW6QohdsgsAPll4t3XPpQG2x2UkuFrmMkCaIbv3_mPtItoUJ6UsK2K6mzvG6sQK4FnohhzpwNEEGLE_Du5Sd3dzTLEe5XvcEYwHvYhU5kL09G9o7uahE8HMqMm7mnfltn2QiQn68KPav8ICF4dS8pOsL-XIPjrRqdE1QkYfvjMtKk-1q685m7tzqar9iCi_1e6ogh0WzGghg-pYfkXLXzgasWpxW7hoFzSw4f2xJfCj16-9PBmYAJ1bKczfJiw7gaKjZra_pcAVyIoJODNcOYIzpmwBZspHJ9o_D-MArLcv8_qSUZrRAcfwqv7fhHjyMBMObcz22voD9O0YWpFKgWkWL2Bu5ze744y9k1KwmxlN1ws3HcaRqCqEsOGHZSGawMcrSBhe8x7MQB1OMRfZ5ARY&lptoken=16e9718d515e326532ab&zoneid=3647676&campaignid=6444332&ln=en&cs=0.003372&visitor_id=628927126984467245&rdk=rk1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 20 Dec 2022 04:43:52 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 209
Connection: keep-alive
Keep-Alive: timeout=60
respectphonesecurity.xyz/smart-security-0/scripts/onbeforeunload.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/onbeforeunload.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/onbeforeunload.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=808
etag: W/"62735435-328"
expires: Sat, 24 Dec 2022 07:56:14 GMT
last-modified: Thu, 05 May 2022 04:36:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 247655
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLNuS3PGdfI1CX0owJyHI07b%2BeZ0zcNmixVF6ofkh0L04OmMYBQFsXp4OY%2FrZZtZC9Z%2BVISbtouefgHY5009OlDc9iXQtLOp1QtOTGQzxF%2FdvffmEE86KGmFFhX2JUTAFBAMJ1Frwl7lUZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824cf420b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/vibrate.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/vibrate.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/vibrate.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=291
etag: W/"6273543a-123"
expires: Tue, 27 Dec 2022 04:43:50 GMT
last-modified: Thu, 05 May 2022 04:36:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9MaxkLyuIeNuqCd8IRzMAnj0vNacWb7X6BKQv2P5h8KdLWHzfZLZYzbPzK6f9iQaLcNVX6RL7DVXthq5PjVj4oeGGr60D9H8s1fiQFFYV%2FfqOu1H1XE5IkccpJxm4irEb7bv5pslAU8apE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf3c0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/language-set.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/language-set.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/language-set.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:50 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=90601
etag: W/"62735434-161e9"
expires: Tue, 27 Dec 2022 04:43:50 GMT
last-modified: Thu, 05 May 2022 04:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hVmj0%2Fs8E0uZGr2jinWSfEV6L1061de7MqWKNmYm%2FGfwIaicZOSKSyaovUICYWoY5dBR5zX3pGP5qGlUDAqbB6ZICJNe2Nuu8YN9nQmjF%2BzMbaj%2Bs6EF%2FbWfF4RJPkw%2FSZe6W8YGxVWBAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf390b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
IP 104.21.32.66:0
GET /smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name} HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 05 May 2022 04:35:59 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzG3iTO%2Fy66eNPEag2fOul6klCDvculd0OG2%2FuQQxTXOZF%2BCvfuG%2Fkpx4HsHsLeThtzb4sTVT8fOrUQSCikhL8FS23N8%2FTDYbWWBgobhReZAxqY1GSfu6viMezZ3NOilYiy4ZcqEXhXYA9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b821ae750b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/ua-parser.min.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/ua-parser.min.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/ua-parser.min.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 05 May 2022 04:36:09 GMT
vary: Accept-Encoding
etag: W/"62735439-48a9"
expires: Sun, 25 Dec 2022 22:43:53 GMT
cache-control: max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCsVy0kYhNABb2ZPiPjiRYRBO8m57nlvmN5E%2BrCzUFTyIE6Esv1hAxbIJmU6nRwugJMVLBzQqUFPYCMYXZ2QmP9JrNTPtRgOFHnU0zDNh43RGfkSTC9JRm1%2F7I7Q3qO8CJC7kFZyz%2FL3UJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf370b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/onbtnclick.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/onbtnclick.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/onbtnclick.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=233
etag: W/"62735436-e9"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B0srJHV70E2rhGBi3YSRlI431m24gBF7SJzi29vI1OPUfJLr0xePQk08Wv5lNd4475hh6vFw1rJFCqx7LiO01tSlToHdBcrlJIjdV5QxvShds9Gql8smw5ikByoRDviMtOIZkuTp5Rc3OI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf3f0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
139.45.197.251200 OK 0 B URL HTTP/2 redrotou.net/pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js
IP 139.45.197.251:0
GET /pfe/current/micro.tag.min.js?z=4826947&sw=/sw-check-permissions-8b114.js HTTP/1.1
Host: redrotou.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 04:43:51 GMT
content-type: application/javascript
last-modified: Tue, 13 Dec 2022 09:06:10 GMT
etag: W/"63984082-9a87"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/lang.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/lang.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/lang.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=3519
etag: W/"62735434-dbf"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnxN0k8o5xfQv0tsqDEhndJ96PmkgMBftN7LDYOsshtAHboqa7%2ByBP8ecIFiJSuL4eYBSRjuRvsWmu%2Fu7%2Bk2Xrp6uSpRHG7uWAGtaLKEdX64FXBtxO84K0oOUcPyChWgEYEEiHu25UlcKI0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824bf3a0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
respectphonesecurity.xyz/smart-security-0/scripts/speak.js
104.21.32.66200 OK 0 B URL HTTP/2 respectphonesecurity.xyz/smart-security-0/scripts/speak.js
IP 104.21.32.66:0
GET /smart-security-0/scripts/speak.js HTTP/1.1
Host: respectphonesecurity.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://respectphonesecurity.xyz/smart-security-0/index.html?clickid={clickid}&utm_source={var1}&utm_medium=restart_push_{offer.name}&publisher={trafficsource.name}&utm_campaign={trafficsource.name}
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 04:43:49 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
cf-bgj: minify
cf-polished: origSize=285
etag: W/"62735438-11d"
expires: Sun, 25 Dec 2022 22:43:53 GMT
last-modified: Thu, 05 May 2022 04:36:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
age: 107996
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lfj9NNuTWk%2FnpLEZNPcF42QvC6NYX1HFk%2FaqML4PuCDbtCZIXkebUaO0RiYhj4j5RJV1iz3L6lfaswFDJKQQ53DuAbv2NdBNg53zgtll%2BAhvDI2t5Qo49OtFpbupLDvIwmao5MIz%2BLm4SGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77c5b824cf410b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2