iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4=
301 Moved Permanently 162 B URL HTTP/1.1 iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4=
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4= HTTP/1.1
Host: iwin.rewardsadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: keycdn-engine
Date: Thu, 23 Feb 2023 13:37:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4=
X-Edge-Location: noos
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17131
Expires: Thu, 23 Feb 2023 18:22:31 GMT
Date: Thu, 23 Feb 2023 13:37:00 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Thu, 23 Feb 2023 15:03:10 GMT
Date: Thu, 23 Feb 2023 13:37:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 12:38:21 GMT
content-type: application/json
age: 3519
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11782
Expires: Thu, 23 Feb 2023 16:53:22 GMT
Date: Thu, 23 Feb 2023 13:37:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: og+L+9mIsHPMUGLfF77hmHWfYksUfuTsOij3FTfqOl6aTpoWR68HWWCM+jZTWuEanfUoxNbTiuSC5P7rTGTyxg==
x-amz-request-id: N8XPQ06Y9RT2BBA8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 12:49:05 GMT
age: 2875
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 13:37:00 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d8ddf1f1882b6385d4010d371d48e0f8
00d8e9d8aa2856d56434d16ab7dccaf4170bca28
8511181b105ae67af17f5359febff93c7dd761e7466ef7fb9c0d882d9de44fac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8511181B105AE67AF17F5359FEBFF93C7DD761E7466EF7FB9C0D882D9DE44FAC"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Thu, 23 Feb 2023 19:36:06 GMT
Date: Thu, 23 Feb 2023 13:37:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 12:51:26 GMT
age: 2735
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11673
Expires: Thu, 23 Feb 2023 16:51:34 GMT
Date: Thu, 23 Feb 2023 13:37:01 GMT
Connection: keep-alive
iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4=
200 OK 70 kB URL HTTP/2 iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30499)
Hash cd24b7782a21e9d16020a6bec47f2b8f
629a5d2cf988afdb062e41d0cc5d570113310f52
8f8c7cc69b2781bb885da0b0f9b4acbe6da3ff54747ae8a5344df1f48b68c168
GET /?utm_content=amazon_250&aff_id=2032&offer_id=25944&email=&firstname=&lastname=&dob-m=&dob-d=&dob-y=&gender=&address=&city=&state=&zip=&phone=&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9&pub=203772&cid=25944&sid1=701&sid2=63f76bec620f1000015c8a9e&sid3=1158598&sid4= HTTP/1.1
Host: iwin.rewardsadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:01 GMT
content-type: text/html
content-length: 69756
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
etag: "cd24b7782a21e9d16020a6bec47f2b8f"
last-modified: Wed, 22 Feb 2023 18:54:37 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: p5n9x2siRD1f.9D9FKqWOnB25GR2dM8A
x-cache-status: REVALIDATED
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
status.thawte.com/
200 OK 471 B IP
Hash 11f5a132f7a3d52b22c559ba99b77488
96619a3a9232cf25bd870516db2420855b6efc09
a6560ed032bb265d793305a8cbe06bf719590e60315b0592261cd07c5124e14a
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:01 GMT
Last-Modified: Thu, 23 Feb 2023 12:28:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
200 OK 471 B IP
Hash 11f5a132f7a3d52b22c559ba99b77488
96619a3a9232cf25bd870516db2420855b6efc09
a6560ed032bb265d793305a8cbe06bf719590e60315b0592261cd07c5124e14a
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4100
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:01 GMT
Last-Modified: Thu, 23 Feb 2023 12:28:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I2esQzMuTpcZFbGibG2qeA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lVBsLoqi/q75KufSJLY4mRrWdwI=
impressure-c630.kxcdn.com/presenter.ae7ecc5.css
200 OK 4.9 kB URL HTTP/2 impressure-c630.kxcdn.com/presenter.ae7ecc5.css
IP
File type ASCII text, with very long lines (17836)
Hash c8ba4cfb85a21500b78f527fec541e40
a2bb88bdb5ae81c7e5ff9ee35174c0e07dbd5be3
b9741ea4c6870e874db86130b410f19b8091aa5f28a195a7a0b714dcf91c80bd
GET /presenter.ae7ecc5.css HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:02 GMT
content-type: text/css
content-length: 4919
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: br
etag: "c8ba4cfb85a21500b78f527fec541e40"
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
vary: Accept-Encoding
x-amz-id-2: qnvcPGZY4GjfGSPlNCXq+mVCt51mk05zCICCK80ME6gGzYbE1K9LeINK5i3deK9AD+NL3oRE1Oc=
x-amz-request-id: X7757MSDZQXT1YWJ
expires: Thu, 02 Mar 2023 13:37:02 GMT
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash e24b8ac00567b0f187fc16b3cf05c3c2
3d262c5689f60941c8a1e734f985ee0da51e89d5
d207ea80a30c0107c377f0d24094f30e55e21048056902d03d973426029df2e7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169233
Date: Thu, 23 Feb 2023 13:37:02 GMT
Etag: "63f7555b-1d7"
Expires: Sat, 25 Feb 2023 12:37:35 GMT
Last-Modified: Thu, 23 Feb 2023 12:00:27 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 46PKov8qQOfrIUCfc9Gh9Xf_EZ0rXB-ceYTVNkeErON6tIhLI88wdA==
Age: 2228
events.impressure.io/info?v=2&nonce=12184132393359252&userId=
200 OK 650 B URL HTTP/1.1 events.impressure.io/info?v=2&nonce=12184132393359252&userId=
IP
File type ASCII text, with very long lines (962), with no line terminators
Hash 38b6e8f24dcc1e9bf9429e7f1843f31b
fb61a834a7418ee0aee35a20a7f64c20aa30bd16
2d6f92f23f7e652914568773072c9b10f5f5c564f79c8496fe8c72e0854eccfb
GET /info?v=2&nonce=12184132393359252&userId= HTTP/1.1
Host: events.impressure.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Encoding: gzip
Content-Type: application/json; charset=utf-8
Date: Thu, 23 Feb 2023 13:37:02 GMT
ETag: W/"3c2-Z+B47RCZdKgaIBiym1H9A5u8j0g"
P3P: CP="Impressure does not have a P3P policy."
Server: nginx
Vary: Accept-Encoding, Origin
X-Content-Type-Options: nosniff
X-Powered-By: Express
Content-Length: 650
Connection: keep-alive
impressure-c630.kxcdn.com/presenter.482eb53.js
200 OK 106 kB URL HTTP/2 impressure-c630.kxcdn.com/presenter.482eb53.js
IP
File type Unicode text, UTF-8 text, with very long lines (35082), with escape sequences
Size 106 kB (106522 bytes)
Hash 264c420f31e2e81c576f58c26b4e03eb
4e90e2e9e13f3d8657f4b5fb429ba07617262176
d4a80c5ea6c82433607aadb5b499a20d95445beb0e04fa89202bc95baa8502a8
GET /presenter.482eb53.js HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:02 GMT
content-type: application/javascript
content-length: 106522
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: br
etag: "264c420f31e2e81c576f58c26b4e03eb"
last-modified: Tue, 15 Nov 2022 22:43:17 GMT
vary: Accept-Encoding
x-amz-id-2: HVS/SGh+lr/DqG0eeR4QcERap+VmZ6fNO9U8vaiEcrX96tugO3B03tcae6ocmhVdzRUT/yVK7hE=
x-amz-request-id: X779WCWY67DTP6XM
expires: Thu, 02 Mar 2023 13:37:02 GMT
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9775
Expires: Thu, 23 Feb 2023 16:19:57 GMT
Date: Thu, 23 Feb 2023 13:37:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9775
Expires: Thu, 23 Feb 2023 16:19:57 GMT
Date: Thu, 23 Feb 2023 13:37:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9775
Expires: Thu, 23 Feb 2023 16:19:57 GMT
Date: Thu, 23 Feb 2023 13:37:02 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fe121133a6eaf8645743a14717612cd5
b9276c474ba3e40e5cc2921accb452bb7b11ecb2
4c72ab325e4608168d6258ba615ffc21f94a3594a8d1ef48f28b8622b198c27b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C72AB325E4608168D6258BA615FFC21F94A3594A8D1EF48F28B8622B198C27B"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9775
Expires: Thu, 23 Feb 2023 16:19:57 GMT
Date: Thu, 23 Feb 2023 13:37:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 57167
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e7cd1e9feb9abc7f7d7f0d5fc7b181f0
cf3ce1808c48e1a86910e16731a044f6cb26275d
426c90298d5a0807b7820d803ce2907268df1195e15d5582eb0ff2f3deeb318c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f9477dd-9700-4cbd-8d0e-37bd76c53a93.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7734
x-amzn-requestid: fe4dc342-33b6-45f6-984c-2c71dfa0ec13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AtX-lGiJoAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f539f6-489049413f3cb63c537f20d0;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 21:39:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KyUqB4zqsHWgCv7C3-PymFep4oVmPy4ZHFf75lYOfWbb4qgvVRqoLg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:51:47 GMT
age: 56715
etag: "cf3ce1808c48e1a86910e16731a044f6cb26275d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dtWC44nCUmtR6U6wTsd4PynkTqmJ79bFeZmUJUVQguz3l8BSR9A1Zg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 04:02:15 GMT
age: 34487
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc56e7499a3e9db178e91df024e668f0
9cc85c16fd4a9d10df5db5ddfc54b0d88999f317
25ffc87e2be6e0dc9ac208aafbefa99bb4c1d6476c1447056b83d462cd182df2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e1f8718-617f-4cdb-9fab-ed40cbef6784.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9686
x-amzn-requestid: 4eb1ca50-a322-4f64-8cb9-be0315918800
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArYWFF8fIAMFRlg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46dc0-35fee09f3e6ff22358e9da0c;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:07:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ifg3X--I8qSAGRMvv97fc3eLcmMZuEoLcaA87ONUHByrqcO_vfFq4Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 05:04:42 GMT
age: 30740
etag: "9cc85c16fd4a9d10df5db5ddfc54b0d88999f317"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df07040a4f8a9dcdd6a4d8b9f9d35b93
229f7cb923d6ef0dac480883d0af0673437c5c04
46de73176cce2258bd66ca8888dfa9f49f654aecdcd132434137df06091bac85
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16bba10c-0b1a-400c-a0d0-d758645c391d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11631
x-amzn-requestid: 80f4f0f1-d97b-42ca-870d-55db701dae20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqSyG2IoAMFz-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a77-0f4faa41169ffb1231b6dc50;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: n5Pduh39Ln8uRqq8EUH-zsZ2XGk2xCXAuPeo6ivJM2s8-ubR5TzMiQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:56:07 GMT
age: 56455
etag: "229f7cb923d6ef0dac480883d0af0673437c5c04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09398f66dadafc0a56352e781ce32d75
c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0
1e896927a179bf57b723a9c01eeb8d349e0f0170ce9fba11955d3b6d8c429528
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88c218fe-3798-43c5-8809-2324328d021d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 1fb02b0f-c69e-4f4b-a1ed-9f844fe1d7f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq2eHN_oAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be8f-1e3702d272e2f3d47083c109;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jpZWF2u_qnHkq50mVKGkcZwUGfCKyGr9eRkRcsiY-iNN_i-0obLnPQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 07:12:12 GMT
age: 23090
etag: "c7ae3275e67db3e06ec4fe7eb9482a85831c9ca0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
200 OK 1.3 kB URL HTTP/2 impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif
IP
File type GIF image data, version 89a, 30 x 30\012- data
Hash 7ecb44e9ebcacab4de815f501d00b465
2449f962eb5b2951e3ccf33fca5a5d6092dd6037
71dba8e3b4e20747f29ecaf97ada693288d309dc07b48c9c5953129ee4b76a19
GET /loading.d78985d5a90c42d31aaaf9203cddb569.gif HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/plain
content-length: 1315
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: gzip
etag: W/"d78985d5a90c42d31aaaf9203cddb569"
last-modified: Tue, 21 Aug 2018 14:21:48 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-id-2: w7KgyObvNr9xBpj5kGRZOarybwJmw6sPu1OkwaAvUu6kPU4ZJRHdFt3xBdt1udQLzCHTQQ9x0Qk=
x-amz-request-id: TR3J53B6N39T5KVY
expires: Thu, 02 Mar 2023 13:37:03 GMT
x-cache: HIT
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js
200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.1/jquery.min.js
IP
File type ASCII text, with very long lines (32019)
Hash f8b4311e9b5b0b079b52cd057289c79f
950a8424cd75e591ac7a6de58d4db19ac42915b8
39422d6375b1232d550f801f848e49b7902f6c3117eb5670be1002b902ba3908
GET /ajax/libs/jquery/2.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 26983
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e7e"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 579869
expires: Tue, 13 Feb 2024 13:37:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN%2FeEPald2QV4lep%2FWeR5KqXvursQDEYInUNzIwXJVdpnnDDm7DqCwVFySjcRCFhnULkIMHNa7WQXc5NwnvXcSAsbRiRSbk9jGV8HiHg4Pu2fL5oHqlZTaqu%2F41Zq2MzZu%2FY1CKI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79e05a99dc780b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 295ecb42da084d2556789eada5291422
24c3605ff6984776ca77a2aa3b3b4bba4267f76f
f787cdc01fe5b6c0889f133cdf9cd0e38973f4cb8515014e8a14418521af04bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 9b833c2f49422b407575812c91c8e06b
db3b482f2ad539e11dad2881f0e553f80a90ce10
6c5a577a3836011d5a18fbb641554f30d707c90ca0b6ad1e81f9613ea4af3631
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6099
Cache-Control: max-age=122722
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:03 GMT
Etag: "63f6908e-117"
Expires: Fri, 24 Feb 2023 23:42:25 GMT
Last-Modified: Wed, 22 Feb 2023 22:00:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.r2m02.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP
Hash 335569fb3352353da869264c392e1d85
44d0acf4af45fcb78ddb5a5025bf282da0685c76
4a2a0615e04930157d3c187626aeba345fc62288880fead8ed85c72dc4ab165d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Feb 2023 13:37:03 GMT
Last-Modified: Thu, 23 Feb 2023 11:57:59 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FT8muDSqA_W8pQJv-mnDrf506ipYFwQN07lBjv3sAsVSV6SOnC1N-g==
Age: 5944
events.impressure.io/lists?id=0&q=91.90.42.154%C2%ABaf259db141b1893e3b54918d59313501&v=4
200 OK 31 B URL HTTP/1.1 events.impressure.io/lists?id=0&q=91.90.42.154%C2%ABaf259db141b1893e3b54918d59313501&v=4
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f32291f4a1358a9b1f435511a4c5e05c
c36cd0bb94c01e579dc6dc65e98e20ce7d50d176
6578c2aa3e5f7076ca9fb19b357edc1b17633feceee6d36d0e5809d26b959817
GET /lists?id=0&q=91.90.42.154%C2%ABaf259db141b1893e3b54918d59313501&v=4 HTTP/1.1
Host: events.impressure.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iwin.rewardsadvisor.com/
content-type: text/plain
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Date: Thu, 23 Feb 2023 13:37:03 GMT
ETag: W/"1f-w2zQu5TAHledxtxl6Y4gzn1Q0XY"
P3P: CP="Impressure does not have a P3P policy."
Server: nginx
Vary: Origin
X-Powered-By: Express
Content-Length: 31
Connection: keep-alive
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash c48750cd35cf9e36a79684df3570a43f
ff9cd5fc109cc3e1126029354672d0d0310b0f6e
4dca260cadade321b3cfb36e6463a274835a2cf6a33d5071a0cb8c3d72e02449
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 23 Feb 2023 13:37:03 GMT
Last-Modified: Thu, 23 Feb 2023 12:10:47 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oIta9Q-7DHj1rrEF5QyFjZN9qoPMt5L03DaGX3r2zIMTk-yww4xeog==
Age: 5176
iwin.rewardsadvisor.com/chunk/191357/06c4bc4d-bdc0-41ef-800e-a57ef9c040e6.js
200 OK 7.9 kB URL HTTP/2 iwin.rewardsadvisor.com/chunk/191357/06c4bc4d-bdc0-41ef-800e-a57ef9c040e6.js
IP
File type ASCII text, with very long lines (39479), with no line terminators
Hash 459764a4c6e090129d44bbef881c9a94
904f2841a503e6a537decb844a3aef444b7b6618
47215ab1a9b806a9c08c55d8ede2bde9dfddad242b6f06caf0eff41a0c4a9e64
GET /chunk/191357/06c4bc4d-bdc0-41ef-800e-a57ef9c040e6.js HTTP/1.1
Host: iwin.rewardsadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/?utm_content=amazon_250&aff_id=2032&offer_id=25944&aff_sub=203772&aff_sub2=701&aff_sub3=63f76bec620f1000015c8a9e&aff_sub4=1158598&aff_sub5=&clickid=13b9fbba229343eaf06b39031de997c9
Cookie: _user_time=1677159438275|1677159438275; _user_id=f9306c3d-4ae5-41c3-bb0d-fcf0729cc282-a6zNAZ0aGAIDwJav1EubZQ5GZE9jMGIzPqbdCxuP4IA; _user_random=0.5371165940695897
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/html
content-length: 7909
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
etag: "459764a4c6e090129d44bbef881c9a94"
last-modified: Wed, 22 Feb 2023 18:54:33 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: REwbbJQXpydr__qYaEs7XD9yiXWcj_dD
x-cache-status: REVALIDATED
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
s3.amazonaws.com/trackpush/trackpush.min.js
200 OK 13 kB URL HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP
File type ASCII text, with very long lines (47625), with no line terminators
Hash cbd14612441d2cca730df2e3c9f185c1
4eadf4f9bbfecbb7b74b97fd9c238ae1d72fa422
827fb357a0c85abb534c1ab6087be71218ecd5cf480e643ea10cb167ded0abc5
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: X/i74p7EPbN4H7XP4bm2kDADYxXJZgm+yeAunc8xEonshcekzJi5zqzikCM60RMHFY7FGvU2RwA=
x-amz-request-id: XGMJQBWXDYSTGK90
Date: Thu, 23 Feb 2023 13:37:04 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
signals.aimtell.com/pageview?id_site=24312&v=3.974&support=1&state=default&wl=1
200 OK 43 B URL HTTP/2 signals.aimtell.com/pageview?id_site=24312&v=3.974&support=1&state=default&wl=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=24312&v=3.974&support=1&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://iwin.rewardsadvisor.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal
aimtell-hash-exists: 0
aimtell-signal: 0
aimtell-traverse: 1
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e05a9d8f8cb4f9-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 68046a60f37f44c79f52b37167e259d6
b93c5f157fe3661e8142ddf40082ec2c9ee488f1
b856026c56e0084cbaf0db3a2d1b32faeceb7d8d96a1143ba3f6a4772df8b330
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:03 GMT
Last-Modified: Thu, 23 Feb 2023 12:05:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
signals.aimtell.com/traverse
200 OK 30 B URL HTTP/2 signals.aimtell.com/traverse
IP
File type HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash c99701aceb87e96c0fe83198fb230bec
fc7ae1e3817dc1e3b50c1b9ec66758b0571691ee
4437eaab7b931b5fa3aaf6b76a7dc58ee09f945883a80f1f1fa496e8fde01a19
GET /traverse HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/html;charset=UTF-8
content-length: 30
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e05a9e387cb4f9-OSL
X-Firefox-Spdy: h2
events.impressure.io/events
200 OK 72 B URL HTTP/1.1 events.impressure.io/events
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d449635ea3623fc470df52ed560b2806
fe8238570db4525e90cbde733805c9d452010f5a
2fd921d932d499997a1e554adf0248d2766481596db678263563982492e54b90
POST /events HTTP/1.1
Host: events.impressure.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iwin.rewardsadvisor.com/
content-type: text/plain
Origin: https://iwin.rewardsadvisor.com
Content-Length: 1206
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://iwin.rewardsadvisor.com
Content-Type: application/json; charset=utf-8
Date: Thu, 23 Feb 2023 13:37:03 GMT
ETag: W/"48-/oI4Vw20Ul6Qy95zOAXJ1FIBD1o"
P3P: CP="Impressure does not have a P3P policy."
Server: nginx
Vary: Origin
X-Content-Type-Options: nosniff
X-Powered-By: Express
Content-Length: 72
Connection: keep-alive
impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
200 OK 537 B URL HTTP/2 impressure-c630.kxcdn.com/chunk.7.b6c5ab6.css
IP
File type ASCII text, with very long lines (1154)
Hash 1f2e32f2ccbe4956bd43b676c6acbdc8
8612d97383eadf87d2fe02becfd8eef19d6a3ca4
0dfb2586873397c823ea3118186ddf2a7c17e27c3e05843329e52d736e05da86
GET /chunk.7.b6c5ab6.css HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/css
content-length: 537
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: br
etag: "1f2e32f2ccbe4956bd43b676c6acbdc8"
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
vary: Accept-Encoding
x-amz-id-2: ZuZeb0sTKKlxN6D9UVZELVxAWERRCODe6WvuVEwSbSvhKJLy2tWUaE7yRpHVwNkiKNJJ9wYDwTA=
x-amz-request-id: XGMPQK4AHWTXAZ0X
expires: Thu, 02 Mar 2023 13:37:03 GMT
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
200 OK 3.4 kB URL HTTP/2 impressure-c630.kxcdn.com/chunk.7.9b4f67e.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (11064)
Hash aab16c3901aa85bf6cbd3d12fb635424
61ba2c8ff868fab1812893aab246e7fa919a2f8a
48b96816cac4e27b6205bebda6731664099b2cbdc9f43dfac781b0ead7e07262
GET /chunk.7.9b4f67e.js HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: application/javascript
content-length: 3350
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: br
etag: "aab16c3901aa85bf6cbd3d12fb635424"
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
vary: Accept-Encoding
x-amz-id-2: RlCR5ExouFhsbkarVlFmRGzHi4YPLnA9LZ+Ar+vw+JoKJgcgZv3Is7pexhPBbyF+I8arPVTOlVo=
x-amz-request-id: XGMPFFH5DNHBE6MN
expires: Thu, 02 Mar 2023 13:37:03 GMT
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
script.anura.io/request.js?instance=2383107219&source=203772-701&campaign=2017&variable=optionalResponseObjectVariable&125629709955
200 OK 25 kB URL HTTP/2 script.anura.io/request.js?instance=2383107219&source=203772-701&campaign=2017&variable=optionalResponseObjectVariable&125629709955
IP
Hash b49fee692c49cc1a6d1e84f7a9f24d88
dd3a2864d34ffa961885e13976decc0a7cc153c9
7d46e79b2e19ff966888b3a0977de9a6cd09aaabe8dab914cc30efc2ecc08447
GET /request.js?instance=2383107219&source=203772-701&campaign=2017&variable=optionalResponseObjectVariable&125629709955 HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: application/javascript; charset=utf-8
server: nginx
vary: Accept-Encoding
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
signals.aimtell.com/track.js
200 OK 15 kB URL HTTP/2 signals.aimtell.com/track.js
IP
Hash f1b8d67d0513eff2748e7e100bca5080
1db0269753e4de873365745e3dc0e933a648c5ac
e061da8901b696a60ba3ce59261de5dc20e179657c261748869301248be8c34d
GET /track.js HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsPJSpeggjC2PmW7s7uyj28Ziu92NpIPDgLuTdPYEjzc-p5MQH10UHN0_THjbN5yTz8wvZf4O7qev1e_JKL0kBSSso2Cxm3
x-goog-generation: 1675968685747131
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3535
x-goog-hash: crc32c=NvVI3A==, md5=8Ab49IDQGpHlEum7likMnA==
x-goog-storage-class: STANDARD
expires: Thu, 23 Feb 2023 17:37:03 GMT
cache-control: public, max-age=14400
last-modified: Thu, 09 Feb 2023 18:51:25 GMT
etag: W/"f006f8f480d01a91e512e9bb96290c9c"
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e05a9b2c4cb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
impressure-c630.kxcdn.com/chunk.4.e1ba812.css
200 OK 784 B URL HTTP/2 impressure-c630.kxcdn.com/chunk.4.e1ba812.css
IP
File type ASCII text, with very long lines (2087)
Hash 1d4504cd8eb1a924fa3877af155e3acb
417f8d501b3acc5aa9ecf58bcf29402d2e4ecdea
f579290a94b834394e8ba55ec1bb63e38a3fdec9650698cd67b96398f13b4dea
GET /chunk.4.e1ba812.css HTTP/1.1
Host: impressure-c630.kxcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:03 GMT
content-type: text/css
content-length: 784
access-control-allow-methods: GET,OPTIONS
cache-control: max-age=604800
content-encoding: br
etag: "1d4504cd8eb1a924fa3877af155e3acb"
last-modified: Tue, 23 Aug 2022 19:45:27 GMT
vary: Accept-Encoding
x-amz-id-2: 2QnLu1G7Ubl1GF1zyO3+bR9TlzBd0CkdTUlCiswWLiymGd7qpjDUMcSs7/2kOnd0Y+vYZm3qa/Q=
x-amz-request-id: XGMTKJW6J0JH8H5H
expires: Thu, 02 Mar 2023 13:37:03 GMT
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.aimtell.io/config/optin/24312-041e2bdba891.json
200 OK 424 B URL HTTP/2 cdn.aimtell.io/config/optin/24312-041e2bdba891.json
IP
File type JSON data\012- , ASCII text, with very long lines (626), with no line terminators
Hash ad9357b4d852b54d407519c4f7bfd01e
efa1e6539b7bef56e1b4fbc842237389371599d9
cb729194f67472bc30cabb535c4e6cee594c793791d4f0dc99739e4ce140f8b6
GET /config/optin/24312-041e2bdba891.json HTTP/1.1
Host: cdn.aimtell.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:04 GMT
content-type: application/json
content-length: 424
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Mon, 02 May 2022 17:56:33 GMT
etag: "ad9357b4d852b54d407519c4f7bfd01e"
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: w0PxnGHo1-gfF7l4NMaye0KyiS4vtGRAcLZg7IlhbLNtlB6FsKMmWw==
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79e05a9e0dc798f6-ARN
X-Firefox-Spdy: h2
script.anura.io/response.json
200 OK 221 B URL HTTP/2 script.anura.io/response.json
IP
Hash dd8a1f50e6dcb44f5f205c1626d500cd
64b36b02fbbe5de29cd170c7043240b17739033e
131d8fa91b67a06c7b3d1fbdda1d4f5b7d1c2ebd5cb05774f1b941e2311d8a2a
POST /response.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 3646
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:04 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
djk97zng6lbya.cloudfront.net/2023/01/25/14/59/34/14e84ece-3c1a-4f18-a9e5-0770a3123380.png
200 OK 15 kB URL HTTP/2 djk97zng6lbya.cloudfront.net/2023/01/25/14/59/34/14e84ece-3c1a-4f18-a9e5-0770a3123380.png
IP
File type PNG image data, 171 x 154, 8-bit/color RGBA, non-interlaced\012- data
Hash b29503c377e9395f5b5f4c32e8224056
e4506f0a8d86cab69b123678964302398c423751
77c2560c136f674d1e7ae773ef3069c29dc49f0d5eae090277bba453a02238ad
GET /2023/01/25/14/59/34/14e84ece-3c1a-4f18-a9e5-0770a3123380.png HTTP/1.1
Host: djk97zng6lbya.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 14817
date: Wed, 01 Feb 2023 05:16:31 GMT
last-modified: Wed, 25 Jan 2023 14:59:35 GMT
etag: "b29503c377e9395f5b5f4c32e8224056"
cache-control: max-age=31536000
x-amz-meta-json:
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hjruMEl8Q6d22gH4oGmtT8AEwjedF-FpFMTD8xQtTGpWYDPYW2iwoQ==
age: 1930834
X-Firefox-Spdy: h2
iwin.rewardsadvisor.com/push-worker.js
200 OK 240 B URL HTTP/2 iwin.rewardsadvisor.com/push-worker.js
IP
File type ASCII text, with CRLF line terminators
Hash f8860a8157ec3e7b05701a82b0acaa41
40c65c92b34ae2004280c5c94e6ca0a2641a9f40
347d3b669ceb50717f67aa74bf4c36443dd0fd190d3ee8095d02aba1f368bf6e
GET /push-worker.js HTTP/1.1
Host: iwin.rewardsadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _user_time=1677159438275|1677159438275; _user_id=f9306c3d-4ae5-41c3-bb0d-fcf0729cc282-a6zNAZ0aGAIDwJav1EubZQ5GZE9jMGIzPqbdCxuP4IA; _user_random=0.5371165940695897
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: keycdn-engine
date: Thu, 23 Feb 2023 13:37:04 GMT
content-type: application/javascript
content-length: 240
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
etag: W/"4d78916e69ee3d0d42d805f9610b517f"
last-modified: Mon, 16 Aug 2021 21:43:05 GMT
vary: Accept-Encoding
x-amz-version-id: AkM3UlegxgIqEYQmEuzFaS_5vrHQbOM.
x-cache-status: MISS
x-cache: MISS
x-edge-location: noos
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2032&aff_sub2=--203772-012&aff_sub3=ba8e7311-455c-4de5-8551-cd092ebe3025&aff_sub4=2032
302 Found 445 B URL HTTP/1.1 go.aramistrk.com/aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2032&aff_sub2=--203772-012&aff_sub3=ba8e7311-455c-4de5-8551-cd092ebe3025&aff_sub4=2032
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (311)
Hash 81ff1128fe98d3ae2551b8dfd424fd13
d8268477e17062ad7f6b2a18f1bf8483a63190c1
23e672aaf979aa00a64607fed12cbf7d5547b3cad1ddde2977cbb758ad794446
GET /aff_ad?campaign_id=125&aff_id=2017&source=RA-PP-3-generic-0&request_id=&aff_sub=012-2032&aff_sub2=--203772-012&aff_sub3=ba8e7311-455c-4de5-8551-cd092ebe3025&aff_sub4=2032 HTTP/1.1
Host: go.aramistrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 23 Feb 2023 13:37:04 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Location: https://go.aramistrk.com/aff_c?aff_id=2017&aff_sub=012-2032&aff_sub1=012-2032&aff_sub2=--203772-012&aff_sub3=ba8e7311-455c-4de5-8551-cd092ebe3025&aff_sub4=2032&aff_sub5=&creative_id=1025&offer_id=2008&source=RA-PP-3-generic-0
Pragma: no-cache
Tracking_id: 102741612052482202101904109134
Access-Control-Allow-Origin: *
X-Request-Id: 5f426b660845ca44b2c56ceb19eeeaf3
Access-Control-Allow-Headers: Tune-SDK-Version
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTrVk%2BJ1DU4hob089I1g648kjZRL7mZUfEVmq%2FTPALJySjcQr25ySdoETlakLtwfSrqYF2NxGDJHssDfATm2pu792piUqnQ%2BKaoTxBFxe2ZYZTmGPfsOryzKMzeaixJ7ExzN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79e05aa3bf0f0b69-OSL
alt-svc: h2=":443"; ma=60
s3.amazonaws.com/pushext.com/sdk.js
200 OK 23 kB URL HTTP/1.1 s3.amazonaws.com/pushext.com/sdk.js
IP
Hash aebb02625a88929e30942b652e8f2b7d
91cecdf0a9366af023fadb64bff83eddec47f512
a647271f05cccc799689862210b1e2c19d8241bc5ac65e01543fcdebd56670a9
GET /pushext.com/sdk.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: OuTO0sCkiepNOxTpZU3B1BfbHyjW2yj8Dqiel0EnOVrabKwl6OJUX7Ga98tip9+JkHKEZz1gU10=
x-amz-request-id: YHNQ7Y7SSE8C1XC7
Date: Thu, 23 Feb 2023 13:37:05 GMT
Last-Modified: Fri, 20 Jan 2023 20:55:11 GMT
ETag: "aebb02625a88929e30942b652e8f2b7d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 22849
s3.amazonaws.com/trackpush/push-worker-sdk.js
200 OK 27 kB URL HTTP/1.1 s3.amazonaws.com/trackpush/push-worker-sdk.js
IP
Hash f0834052f3448c4f995a31d0740f29a2
019b05dfbc4df676d8fc782a726346b2756c366e
c3fd2e5232b6ba0e3344091c2b99feeef327452f1aad7a8f7b9eee4f0ea6fd1e
GET /trackpush/push-worker-sdk.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: uoJ35PiyV1NR2MzF/58qjDfRPaq0sLuSmZ24BnJbAQdYKrBfjIKFPOsK4l39u6shFljvUcGwEJs=
x-amz-request-id: YHNJ4A42KVNG21DW
Date: Thu, 23 Feb 2023 13:37:05 GMT
Last-Modified: Tue, 15 Nov 2022 21:58:35 GMT
ETag: "f0834052f3448c4f995a31d0740f29a2"
Cache-Control: max-age=0
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 26966
ocsp.digicert.com/
200 OK 280 B IP
Hash 6ac294d9f0faf4e5823443a89ebc3ded
f0122fa01f65e4fff5c076017f8d6ed39971fe1a
563a6d8f6099a0f916cbedddc30c82ca1c3aed6850c828b957508243ac6f140e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107655
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 13:37:04 GMT
Etag: "63f66d87-118"
Expires: Fri, 24 Feb 2023 19:31:19 GMT
Last-Modified: Wed, 22 Feb 2023 19:31:19 GMT
Server: nginx
Content-Length: 280
cdn.aimtell.io/config/24312-041e2bdba891.json
200 OK 104 B URL HTTP/2 cdn.aimtell.io/config/24312-041e2bdba891.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2e9a47727caf9c4def7ceb9e72845ea1
51fc4ea90da7273ba12e7f11141b66ad14925007
6f8c9ee80dd0c5ddff6fd4f82f260d86777bed1edc91fcedf77be69e3a842fe0
GET /config/24312-041e2bdba891.json HTTP/1.1
Host: cdn.aimtell.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:05 GMT
content-type: application/json
content-length: 104
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Fri, 13 Aug 2021 18:56:17 GMT
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
cache-control: max-age=86400
content-encoding: gzip
accept-ranges: bytes
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 e524b8092e2dda964664df0dfa35341a.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C2
x-amz-cf-id: Sav4tP6VvQghrrpR6LSpCvzk8k9TctiWkUzBlEBieyqZaVCBVGXzow==
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79e05aa5ff6a98f6-ARN
X-Firefox-Spdy: h2
signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&show=1
200 OK 0 B URL HTTP/2 signals.aimtell.com/fetch?t=c2lnbmFsc2Rtcw&show=1
IP
GET /fetch?t=c2lnbmFsc2Rtcw&show=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:04 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://iwin.rewardsadvisor.com
set-cookie: s0=35e2c8d5-7318-8487-c59b-69a9f4a29293; path=/; SameSite=None; Secure; expires=Thu, 22 Feb 2024 13:37:04 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 79e05aa00b74b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
script.anura.io/result.json
200 OK 0 B URL HTTP/2 script.anura.io/result.json
IP
POST /result.json HTTP/1.1
Host: script.anura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 66
Origin: https://iwin.rewardsadvisor.com
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Feb 2023 13:37:04 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST
expires: Sun, 28 Dec 1980 18:57:00 EST
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@500;800&display=swap
IP
GET /css2?family=Poppins:wght@500;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iwin.rewardsadvisor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Feb 2023 13:37:03 GMT
date: Thu, 23 Feb 2023 13:37:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
82.102.27.18
3.11.150.0
54.230.80.227
104.17.24.14
18.159.105.57