t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket
54.230.111.38301 Moved Permanently 167 B URL HTTP/1.1 t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket
IP 54.230.111.38:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Sat, 26 Nov 2022 22:13:49 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket
X-Cache: Redirect from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WQf5-_fFGg1UJASWnLBsIZ_HVeLICkYUaEyqRUhjQehnkWtXNoPmlw==
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7088
Expires: Sun, 27 Nov 2022 00:11:57 GMT
Date: Sat, 26 Nov 2022 22:13:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5615
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:49 GMT
Last-Modified: Sat, 26 Nov 2022 20:40:14 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8009
Expires: Sun, 27 Nov 2022 00:27:18 GMT
Date: Sat, 26 Nov 2022 22:13:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 21:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3376
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +pjkQCuK+5scuQEk/+TzN35RJ6icKNbu7Sa0BR/55GoT2jyy8V0QZBwqcTMwXfyxbdtmw508Ng4=
x-amz-request-id: 7NXRCXR18XNSNEDT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 21:44:23 GMT
age: 1766
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 22:13:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket
54.230.111.123303 See Other 474 B URL HTTP/2 t.anmdr.link/75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket
IP 54.230.111.123:0
File type HTML document, ASCII text, with very long lines (474), with no line terminators
Hash 6eb85b959f0bfde5781e8983af844219
7794b758a7eaa37845d58579a1de5e0dfdb96abd
55ae582990da564d58c5d0203ff0dacaf8558af0b7f08283bae9632dbda142ed
GET /75077/8047/27898/?aff_sub4=_bucket&aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&source=1027330622c0a77b0c8389731cfdc4&bo=2753,2754,2755,2756&aff_sub5=_71&aff_sub4=_bucket HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 474
location: https://t.crdefault.link/75077/1?aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&aff_sub4=_bucket&aff_sub5=_71&source=1027330622c0a77b0c8389731cfdc4&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sat, 26 Nov 2022 22:13:49 GMT
set-cookie: aff_ran_url_8047=27898; Path=/; Expires=Sun, 27 Nov 2022 22:13:49 GMT; Secure
enc_aff_session_8042=ENC037da57f50750037fe4b8ad9ec7078df2a966c3f0fa9fc916662993ee51c6b139368aad2539401ae6367c058ff6ede11b285a9ae276267d7d3e30345a159e2724d755bdd5edaf886b6c96422e1a2d5094b4d0060f445ca8adb9ffe1e40be50fb0e194bc0d78715cbd61a2a5c1c24fc19711105d8c21fafed036d5cd382052daec8dc7ae0d0e0c50ad6c08bd686568a3732fe2be844074cbe9bfb26cb75ad5173366a64933016ed8a07a2aed31ec12dac9ffbe5695ffaed7436d1cb747222afd740064ab4e5; Path=/; Expires=Mon, 26 Dec 2022 22:13:49 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 21 Oct 2025 08:53:49 GMT; Secure
tracking_id: 102547447217a340abfa742de80484
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NYrvnCFjCiCyuJxJozygMpz7goLzVm9kXFH4yPI654z1qAx-f_QeCg==
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 22:11:12 GMT
cache-control: public,max-age=3600
age: 157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4407
Cache-Control: max-age=129988
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:50 GMT
Etag: "6381d72b-1d7"
Expires: Mon, 28 Nov 2022 10:20:18 GMT
Last-Modified: Sat, 26 Nov 2022 09:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
t.crdefault.link/75077/1?aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&aff_sub4=_bucket&aff_sub5=_71&source=1027330622c0a77b0c8389731cfdc4&bo=2753%2C2754%2C2755%2C2756
54.230.111.38303 See Other 896 B URL HTTP/2 t.crdefault.link/75077/1?aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&aff_sub4=_bucket&aff_sub5=_71&source=1027330622c0a77b0c8389731cfdc4&bo=2753%2C2754%2C2755%2C2756
IP 54.230.111.38:0
File type HTML document, ASCII text, with very long lines (896), with no line terminators
Hash 5dd67ea4a65f697bb347cfc59737c599
55157824fbac6fa094332c07ded142ef5d725ab9
f17f1709b1f04e9453858c314a28b0f7e602cd8d3ca6d8d030ca113fdd53a3a9
GET /75077/1?aff_sub=71&aff_sub2=55609&aff_sub3=witofdb8jg6grmokifg268bc&aff_sub4=_bucket&aff_sub5=_71&source=1027330622c0a77b0c8389731cfdc4&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: t.crdefault.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 896
location: https://a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=44542&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&s2=102719c23374ec9c708a4c9c1dfa97&s3=71%3B1027330622c0a77b0c8389731cfdc4&s4=75077&url=1&affsub=71&affsource=1027330622c0a77b0c8389731cfdc4&aff_click_id=102719c23374ec9c708a4c9c1dfa97&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sat, 26 Nov 2022 22:13:50 GMT
set-cookie: enc_aff_session_3785=ENC03d8e2de8895f505bdbcb8ed43bdee8a067603ce938ca793046b7eeef68b78ab2ef3612c0ca30b93030f464a95f924a1c343c24e92649818417acc9cc25dc584162b5edfd4bddc7c0ec67234eb0dcd096b50bc184c7687727d2d3e68ea9cfae6cc65076eed2fe6241ad28c42ab4d0a50adffab4fff7c062c654e4d0f48213adcd156180c0bbd2a3cf8a32d5253afd19f301107ab3c1e809c385bc4e87e4fa3aeecb11711ac9f50044da883217a7f5c85734a758f1258dd3e95ebd68a2e3e55da3401b6afe4; Path=/; Expires=Mon, 25 Nov 2024 22:13:50 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 21 Oct 2025 08:53:50 GMT; Secure
tracking_id: 102719c23374ec9c708a4c9c1dfa97
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QCMm6Byiz48GT-UrQUK5VZ0QonSnhM2jbubVOi3SkLj8kmrNswz6aA==
X-Firefox-Spdy: h2
a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=44542&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&s2=102719c23374ec9c708a4c9c1dfa97&s3=71%3B1027330622c0a77b0c8389731cfdc4&s4=75077&url=1&affsub=71&affsource=1027330622c0a77b0c8389731cfdc4&aff_click_id=102719c23374ec9c708a4c9c1dfa97&bo=2753%2C2754%2C2755%2C2756
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtf.com/ab267e05-23a0-430a-bac4-772f7f629740?subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=44542&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&s2=102719c23374ec9c708a4c9c1dfa97&s3=71%3B1027330622c0a77b0c8389731cfdc4&s4=75077&url=1&affsub=71&affsource=1027330622c0a77b0c8389731cfdc4&aff_click_id=102719c23374ec9c708a4c9c1dfa97&bo=2753%2C2754%2C2755%2C2756
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ab267e05-23a0-430a-bac4-772f7f629740?subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=44542&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&s2=102719c23374ec9c708a4c9c1dfa97&s3=71%3B1027330622c0a77b0c8389731cfdc4&s4=75077&url=1&affsub=71&affsource=1027330622c0a77b0c8389731cfdc4&aff_click_id=102719c23374ec9c708a4c9c1dfa97&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: a.vfgtf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 22:13:50 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=170910&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&target=&Site=&Bnr=ALGO&cid=wn2he1e145sgemok2usp94am&affsource=1027330622c0a77b0c8389731cfdc4
pragma: no-cache
set-cookie: ab267e05-23a0-430a-bac4-772f7f629740-v4=aEK9xfGnSBX9lKm0KbVVIYmHG7F20ohh9QE47kNTL44; Max-Age=86400; Expires=Sun, 27-Nov-2022 22:13:50 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=Ncp7xfYD1vQ%2FKM%2FPhT6pusHXKXOyZxCJ7q%2FykBbH4Nll6IrxoExVdWWPt2MENKzI0fxHJp4zMOVWu9mL8b2p9VLSjsRmS758JVvXx6BhZ42uam5h3zmf3oMC7Qoo289zGq1FhaoNvGuCHSTcFlBv8Q%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 22:13:50 GMT; Domain=a.vfgtf.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2hfvLwnESWjD9iz9UswMaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: s69OVN8U4NvQzpDwAfXM1w4fEfY=
a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=170910&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&target=&Site=&Bnr=ALGO&cid=wn2he1e145sgemok2usp94am&affsource=1027330622c0a77b0c8389731cfdc4
18.192.108.151302 Found 0 B URL HTTP/2 a.vfgtc.com/2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=170910&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&target=&Site=&Bnr=ALGO&cid=wn2he1e145sgemok2usp94am&affsource=1027330622c0a77b0c8389731cfdc4
IP 18.192.108.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2d2fb929-79a5-4a1c-840d-3f370da182b6?aff_sub4=_bucket&subID1=71%3B1027330622c0a77b0c8389731cfdc4&affiliateID=170910&source=102719c23374ec9c708a4c9c1dfa97&subID2=75077&target=&Site=&Bnr=ALGO&cid=wn2he1e145sgemok2usp94am&affsource=1027330622c0a77b0c8389731cfdc4 HTTP/1.1
Host: a.vfgtc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 22:13:50 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://t.anmdr.link/170910/8373/0/?aff_sub4=_bucket&aff_sub=71%3B1027330622c0a77b0c8389731cfdc4&aff_sub2=75077&aff_sub3=wl0jvtme84htnmok26h0b65c&source=102719c23374ec9c708a4c9c1dfa97&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_1027330622c0a77b0c8389731cfdc4&aff_sub4=ALGO_bucket
pragma: no-cache
set-cookie: 2d2fb929-79a5-4a1c-840d-3f370da182b6-v4=eDlbbOMqXl92LHeoREcD5q1gwVw3mZ2dpH310WTBaXk; Max-Age=86400; Expires=Sun, 27-Nov-2022 22:13:50 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=2hL8lcF3K6fsg4b2UyWmVqyXUpqx148bXoQB9LoIATS9LZDK%2F0Wt%2BixoczO6ibs1YE67KFBtVsd%2BtRI7RSzPgrqXxFoZVjUlong%2B5IsP8fEPeucL1UEG47iu9Pa2q8aD2DZzcVkDr8Ah%2F5Esf0Yw7w%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 22:13:50 GMT; Domain=a.vfgtc.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
t.anmdr.link/170910/8373/0/?aff_sub4=_bucket&aff_sub=71%3B1027330622c0a77b0c8389731cfdc4&aff_sub2=75077&aff_sub3=wl0jvtme84htnmok26h0b65c&source=102719c23374ec9c708a4c9c1dfa97&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_1027330622c0a77b0c8389731cfdc4&aff_sub4=ALGO_bucket
54.230.111.123303 See Other 420 B URL HTTP/2 t.anmdr.link/170910/8373/0/?aff_sub4=_bucket&aff_sub=71%3B1027330622c0a77b0c8389731cfdc4&aff_sub2=75077&aff_sub3=wl0jvtme84htnmok26h0b65c&source=102719c23374ec9c708a4c9c1dfa97&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_1027330622c0a77b0c8389731cfdc4&aff_sub4=ALGO_bucket
IP 54.230.111.123:0
File type HTML document, ASCII text, with very long lines (420), with no line terminators
Hash e94ba5a5ec614dc31d9942398de9be24
56739f5440b88b393bf44af3a7fe9d1ca3fffb93
f20d5c5061df7e334cb617d6ffa9c21d906a61e8ae84c4dc2484fbc9ee95a07d
GET /170910/8373/0/?aff_sub4=_bucket&aff_sub=71%3B1027330622c0a77b0c8389731cfdc4&aff_sub2=75077&aff_sub3=wl0jvtme84htnmok26h0b65c&source=102719c23374ec9c708a4c9c1dfa97&nopop=1&bo=2753,2754,2755,2756&aff_sub5=_1027330622c0a77b0c8389731cfdc4&aff_sub4=ALGO_bucket HTTP/1.1
Host: t.anmdr.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: aff_ran_url_8047=27898; enc_aff_session_8042=ENC037da57f50750037fe4b8ad9ec7078df2a966c3f0fa9fc916662993ee51c6b139368aad2539401ae6367c058ff6ede11b285a9ae276267d7d3e30345a159e2724d755bdd5edaf886b6c96422e1a2d5094b4d0060f445ca8adb9ffe1e40be50fb0e194bc0d78715cbd61a2a5c1c24fc19711105d8c21fafed036d5cd382052daec8dc7ae0d0e0c50ad6c08bd686568a3732fe2be844074cbe9bfb26cb75ad5173366a64933016ed8a07a2aed31ec12dac9ffbe5695ffaed7436d1cb747222afd740064ab4e5; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 303 See Other
content-type: text/html; charset=utf-8
content-length: 420
location: https://tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&sub3=102f8b6241362c648ffc36f137009c&bo=2753%2C2754%2C2755%2C2756
server: nginx/1.19.0
date: Sat, 26 Nov 2022 22:13:50 GMT
set-cookie: enc_aff_session_8373=ENC030f7aef2351606a4c2c89641661f12d30d4b3900648969dabcdae6b09a1652ad72a4fb09cf0ca269b4ff648c8143f9f460e60fe8363d787106956fe333ed46789a481877812a49db087f27625ce11c5629bad5261f9486465329f8848a155d68d03aa6cc2e2209599f92019dd088ded3bfa91d30da1a8d45c05218192848579e00dc7346b5b6e1275de5748f974e4bd1b7c25573063bdb65a8888ee9a086ef0d807ddcbf0eab174ce00934b93eaf1927d923338bcd3da05429a85ecb0fef23d041bc9a1219e82ec23aa91a05ca3d41027a44f886cc2b2ef086a716cc8f20b484a00217a32; Path=/; Expires=Mon, 25 Nov 2024 22:13:50 GMT; Secure
ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ%3D%3D; Path=/; Expires=Tue, 21 Oct 2025 08:53:50 GMT; Secure
tracking_id: 102f8b6241362c648ffc36f137009c
vary: Accept
strict-transport-security: max-age=15724800; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -V7SamKOBVNRji7G144te6bYBiXvEgEuNWuWrWebGVE8X0UHKuGMlQ==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f144b1820b5c14230606fc794ab141d
fa50b9d5dad8fc31b87bc1f388e955fef781b486
6d11506056f599b5097fec0f9063644e600bc04da43a1d2485506dde81fef0a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6D11506056F599B5097FEC0F9063644E600BC04DA43A1D2485506DDE81FEF0A6"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17846
Expires: Sun, 27 Nov 2022 03:11:16 GMT
Date: Sat, 26 Nov 2022 22:13:50 GMT
Connection: keep-alive
tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&sub3=102f8b6241362c648ffc36f137009c&bo=2753%2C2754%2C2755%2C2756
104.21.19.241302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=781&offer_id=1085&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&sub3=102f8b6241362c648ffc36f137009c&bo=2753%2C2754%2C2755%2C2756
IP 104.21.19.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=781&offer_id=1085&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&sub3=102f8b6241362c648ffc36f137009c&bo=2753%2C2754%2C2755%2C2756 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 26 Nov 2022 22:13:50 GMT
content-length: 0
location: https://zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&campaign=&sum=&clickid=63828f9ef4934b00010000dc
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63828f9ef4934b00010000dc; expires=Sun, 26 Nov 2023 22:13:50 GMT; secure; SameSite=None
afoffers={"1085":1669500830}; expires=Sun, 26 Nov 2023 22:13:50 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VDTBEppVALAcbtDvWqdAq6vZb%2BMR0wdcvxOiJUVoxHyinBvqMTajw6ZsUBoY1d52Eb%2Bu8WMUxOnLWk%2FtswTyFxdDCDUaK8wTaxUTExG53JnVxZIDU2RWY78ft9HP31rViuXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7705f9413e26b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0f144b1820b5c14230606fc794ab141d
fa50b9d5dad8fc31b87bc1f388e955fef781b486
6d11506056f599b5097fec0f9063644e600bc04da43a1d2485506dde81fef0a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "6D11506056F599B5097FEC0F9063644E600BC04DA43A1D2485506DDE81FEF0A6"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17845
Expires: Sun, 27 Nov 2022 03:11:16 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&campaign=&sum=&clickid=63828f9ef4934b00010000dc
18.184.38.55302 Found 0 B URL HTTP/2 zzotrack.com/381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&campaign=&sum=&clickid=63828f9ef4934b00010000dc
IP 18.184.38.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /381f1b1b-7ced-4eef-857b-418b4c176094?pid=781&geo=NO&reff=&sub1=170910&sub2=102719c23374ec9c708a4c9c1dfa97&campaign=&sum=&clickid=63828f9ef4934b00010000dc HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 26 Nov 2022 22:13:51 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781
pragma: no-cache
set-cookie: 381f1b1b-7ced-4eef-857b-418b4c176094-v4=OBqaMM8C3R4PPo3LHUoBT8ZHuSPOOdigDRQwPfEr8RI; Max-Age=86400; Expires=Sun, 27-Nov-2022 22:13:51 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=6QlK2CfDkrjnpvwe1fblcgCMw7GOpwuBslCGVbkYnF5QA6Xv1sIGEeCkXaTkwbsNpL6wHlYhhIqGpER65ruanbYJ5bRK2U7A66EkjmRTXb51oJEMzxqGGXQYkLGyz2%2Bm4t3nUYdJQCBXapWdklK%2Fzg%3D%3D; Max-Age=31536000; Expires=Sun, 26-Nov-2023 22:13:51 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash d221eb6dac468e4fd0fd4cafe94436e8
6054132d3b6482fbdef7f7dcd7883ab8140980a3
8e17fe0692ece2626d765e8db50ccb80543c0162dcba375c9100355e1c47d08a
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131853
Date: Sat, 26 Nov 2022 22:13:51 GMT
Etag: "6381e3d9-1d7"
Expires: Mon, 28 Nov 2022 10:51:24 GMT
Last-Modified: Sat, 26 Nov 2022 10:00:57 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k1ynAn1AYcQwpzdR-kilCG4wDjwu_-Mo3WSxobC-6Zm7rsh0rwr4LA==
Age: 3027
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16603
Expires: Sun, 27 Nov 2022 02:50:34 GMT
Date: Sat, 26 Nov 2022 22:13:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 1334
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 1330
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee5071a31d351c552aa651e40b16189
6fca9136030ea6f67be44e428ea39c34ff3e28e7
8d52f14267b8bd47119954796ff6c5d54eb6aa5d23c6e8bbd246108a5b89c1d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde03fed4-26de-4471-bc0e-a0c0483636ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8254
x-amzn-requestid: e12624ea-58c6-4f39-826c-8a1d87ebc5ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFySQGegIAMF-HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efda7-2c5e216a0d8a1502615186a8;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:14:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0Ylris3tg94-66p8L5kYl2zgnVZ4mCc04ju96DslaB97Dfr-6nTyfA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:52:26 GMT
age: 1285
etag: "6fca9136030ea6f67be44e428ea39c34ff3e28e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 1423
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7Hy7zEJmW8khrRb_uNcDa3UATX8DaKsdis-wUJAXfOZN4BM-0JtvQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:46:48 GMT
age: 73623
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6v42KU65wdKKPvjE7TRA3Li3o2dvrdPH7oGVDZGPPsAepqFFjQJkkA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:15:20 GMT
age: 21511
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
v2.trckguardlnk.com/favicon.ico
18.194.62.185200 OK 318 B URL HTTP/2 v2.trckguardlnk.com/favicon.ico
IP 18.194.62.185:0
File type MS Windows icon resource - 1 icon, 16x16, 16 colors, 4 bits/pixel\012- data
Hash a976d227e5d1dcf62f5f7e623211dd1b
a2a9dc1abdd3d888484678663928cb024c359ee6
66332859bd8e3441a019e073a318b62a47014ba244121301034b510dc7532271
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; U-13111c20aee51aeb480ecbd988cd8cc9=unique; o_13111c20aee51aeb480ecbd988cd8cc9=e17ff51f-5325-42d1-a6b6-76984e535449
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:13:51 GMT
content-type: image/x-icon
content-length: 318
server: nginx/1.20.0
last-modified: Tue, 04 May 2021 06:35:26 GMT
etag: "6090eb2e-13e"
accept-ranges: bytes
X-Firefox-Spdy: h2
smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=381f1b1b-7ced-4eef-857b-418b4c176094_781&s2=5d5b104f4391721fc875ab394e862916&s3=558
45.91.67.98200 OK 2.2 kB URL HTTP/1.1 smartsecuredt.com/smartlink/?a=89072&sm=9474&mt=2&s1=381f1b1b-7ced-4eef-857b-418b4c176094_781&s2=5d5b104f4391721fc875ab394e862916&s3=558
IP 45.91.67.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (599), with CRLF line terminators
Hash 332ad71a5d03cd2ec3984b1f35020e33
a91bd05e84f31f7b1cb7434e32e956dd0ae5fe0d
fe26073ed7b86f02aacd1f653c9d0c7df6c41946637ed6d5b239f98d5485e34b
GET /smartlink/?a=89072&sm=9474&mt=2&s1=381f1b1b-7ced-4eef-857b-418b4c176094_781&s2=5d5b104f4391721fc875ab394e862916&s3=558 HTTP/1.1
Host: smartsecuredt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Set-Cookie: gdm_visit_freq_v2_1_001=gJLhXJbXqrGXm/hn4dYEDb66xArdd0JZ0bSAr9PKYgMv8nrhAUg2IEFh9NSMOxMT; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/; Secure; SameSite=None
gdm_suid_v1_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/
v_seg_freq_v1_1_001=yVtRd63XvId1wk9xIzRh5Z703wTUcSMEEMA5MQ92B8c=; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/
gdm_suid_v2_1_001=HPfHs3OFxkaNOwO68jCjbQ==; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/; Secure; SameSite=None
gdm_uid_v2_1_001=zv/oqsDv4NCoy5C6iwyauhejMzrmSHrHEXm/8SnraBI1RCyK7ZopycvJSPao+2TO; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/; Secure; SameSite=None
v_seg_freq_v2_1_001=yVtRd63XvId1wk9xIzRh5Z703wTUcSMEEMA5MQ92B8c=; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/; Secure; SameSite=None
gdm_visit_freq_v1_1_001=gJLhXJbXqrGXm/hn4dYEDb66xArdd0JZ0bSAr9PKYgMv8nrhAUg2IEFh9NSMOxMT; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/
gdm_uid_v1_1_001=zv/oqsDv4NCoy5C6iwyauhejMzrmSHrHEXm/8SnraBI1RCyK7ZopycvJSPao+2TO; Domain=.smartsecuredt.com; Expires=Fri, 24-Feb-2023 22:13:52 GMT; Path=/
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: Sat, 1 May 2020 12:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob
Content-Encoding: gzip
code.jquery.com/jquery-3.6.0.min.js
69.16.175.10200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:13:52 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669500832.dop066.sk1.t,1669500832.cds246.sk1.hn,1669500832.cds210.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8eea1f4c4cb29f1a8e5fb6c690601fd
86533a47ff8c36ce46c95d931f2e79caffd3156f
30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13710
Expires: Sun, 27 Nov 2022 02:02:22 GMT
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b22697228b990ae5f330c6f1bcc8fcf
573e7f6248cf3b5334d55f758120144bfc5b5831
8c180e27e33bc7703787c76d5e9c67c960eca0bd6636a99fbc8b745535297e8e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8C180E27E33BC7703787C76D5E9C67C960ECA0BD6636A99FBC8B745535297E8E"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8110
Expires: Sun, 27 Nov 2022 00:29:02 GMT
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8eea1f4c4cb29f1a8e5fb6c690601fd
86533a47ff8c36ce46c95d931f2e79caffd3156f
30dd144636b30be86619e27e761d4b0238bd43cfa726778c6e5615c9f4bf68d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "30DD144636B30BE86619E27E761D4B0238BD43CFA726778C6E5615C9F4BF68D8"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13711
Expires: Sun, 27 Nov 2022 02:02:23 GMT
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/assets/1387/js/backoffer.js
23.36.76.163200 OK 660 B URL HTTP/1.1 cdn.smrt-assets.com/assets/1387/js/backoffer.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash e7e1dc07852a36f89e4be03aa3787316
0dc3f8e7eb943af093cf8f4600fcf0e421891025
33b8a5c4f883a3a775162d3c5287fe94bc4b22a86fe8b52fcb5aa615d2ffe388
GET /assets/1387/js/backoffer.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 660
Last-Modified: Thu, 06 May 2021 12:38:04 GMT
ETag: "e7e1dc07852a36f89e4be03aa3787316"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD89-P2
X-Amz-Cf-Id: wMlw0DS_2cpDlmt-hXkUlzPF3cZyUBp0ipiQ_g-kkKca6KpQvvKboA==
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
cdn.smrt-assets.com/prod/push-lang-config.js
23.36.76.163200 OK 2.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-lang-config.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7658), with no line terminators
Hash 86caa25373c28e4a962df5e15f4c160f
7a992cdd21a4074c155ccc7016e7cf836a66dd85
fed4670767cf365c92e940800655239d096bd34d8bf6d2bad114b734fa754c11
GET /prod/push-lang-config.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 15 Feb 2022 10:45:43 GMT
ETag: "7152525f63649929a736f6efb78b58a5"
x-amz-meta-s3cmd-attrs: atime:1644921890/ctime:1644921887/gid:20/gname:staff/md5:7152525f63649929a736f6efb78b58a5/mode:33188/mtime:1644921887/uid:501/uname:nimspy
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: PlzHg_kpLQKC63Gp9E61K1OBX5ibTIl975NYZyc2dmovD1t05XIN0Q==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Length: 2366
Connection: keep-alive
cdn.smrt-assets.com/prod/push-subscriber.js
23.36.76.163200 OK 4.4 kB URL HTTP/1.1 cdn.smrt-assets.com/prod/push-subscriber.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
Hash d87a44d0aa0b54e75b2eb54c76bcf152
f765110fd22c73d181d9a2ea1b20de424b3d9e35
6ec5fc6e201f4cf0ba2754f2510363cad0ea29076f9775cc25a06ff71763c0f7
GET /prod/push-subscriber.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 29 Mar 2022 15:19:51 GMT
ETag: "6b5bccad39f7057909ad0660f33cc2fa"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: JFK51-C1
X-Amz-Cf-Id: 35kqMJuJ1u5RjAKtxbnFwd5U4zZZCXGXjyOLiAvqNh6C3w79fp8VLA==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Length: 4395
Connection: keep-alive
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.163200 OK 8.6 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (25088)
Hash 73069e532b7039778d3a7128c997c61a
c523bbf1ac7f4e612c8ade75434c42fbca885adc
b6d7aec09aad2bb78dfbad4c9530fd03c0f33aed8385c3ee57c10b1fe959c4d5
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:32:45 GMT
expires: Thu, 23 Nov 2023 18:32:45 GMT
cache-control: public, max-age=31536000
age: 272467
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.163200 OK 10 kB URL HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (35547)
Hash fa9987a23f5a9d865766e952511baa30
f2e620b99ee61a01671ba6a9e22ca75d58a1b52d
655daa1e20bf3aff16bc8462339dfea48c7ea5d3dd3505937015af3586d15fb7
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:29:53 GMT
expires: Tue, 21 Nov 2023 18:29:53 GMT
cache-control: public, max-age=31536000
age: 445439
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 784af7d82502e2cc9bde58dfccf6c893
0b4cf1c80ace9d605951019c38b70bf18cfadd95
d1616c9362f16a63f8886092bf06a8f1bea1b7e01d976ddee16131a0ee786245
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=96828
Date: Sat, 26 Nov 2022 22:13:52 GMT
Etag: "63815a03-1d7"
Expires: Mon, 28 Nov 2022 01:07:40 GMT
Last-Modified: Sat, 26 Nov 2022 00:12:51 GMT
Server: ECS (dcb/7F80)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VSDnQHITFzx3Jt4ib6H01GqlhHoTjzh7Ht865gCSqBXHuiGC6BU4WQ==
Age: 3289
cdn.smrt-assets.com/assets/1822/css/main.css
23.36.76.163200 OK 2.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1822/css/main.css
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type ASCII text, with CRLF line terminators
Hash 411953469b0a9e8f0b6550f4dea2c818
9a0e1f0eb9f7b6c9c9fb7875b4cc1cd147c24657
30629fcbd365777a4383c8467ca905da7e8bab1ec81c16626b0288851c6182ec
GET /assets/1822/css/main.css HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Mon, 18 Oct 2021 09:00:11 GMT
ETag: "eac3e7e5cab4c729a0345ea8d8286b96"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: q_UBeUIDLZnXbSq82J9lbCPc1yO-z1tZMXhEuy8URr2iohM75sUesg==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Length: 2221
Connection: keep-alive
cdn.smrt-assets.com/assets/1822/js/translate.js
23.36.76.163200 OK 18 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1822/js/translate.js
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a9c2be99f967c47cfb1fbec2f4ae9f7e
921b0cfff4483a336a87e8840e989248c6dd89eb
44fa44aa80e60ffd3372c6dd5d1bbf234fb48dd8118212120bc17738942d39ab
GET /assets/1822/js/translate.js HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Mon, 18 Oct 2021 09:09:58 GMT
ETag: "a1d6d5af3b1a2d56f82f449b5c734a83"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR53-C1
X-Amz-Cf-Id: IJyZ28JLz6QH1FZ5hDdeyW8lP3T17CaiAsaCK1QYAHf38-sUFAdmiw==
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Length: 17929
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 619fa0039b94697fc8a5bd24f57e8aa2
53a366391a51d625029cc6d32fb4e8b6060990fd
dff604305831a0399aa44b2fac806e43512afa846569ba6e5685eca6495d9fa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.smrt-assets.com/assets/1822/images/1.jpg
23.36.76.163200 OK 82 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1822/images/1.jpg
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x688, components 3\012- data
Hash f037eaba33b30e1703ae889b76eaf03d
dbde86f818e5a6d28f226f419f1312cc98b991d7
2b1fe86a1a057b8b2e8c85325b39344be743f15c2bec3b2b6c614e7c2295b30f
GET /assets/1822/images/1.jpg HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/assets/1822/css/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 81950
Last-Modified: Mon, 18 Oct 2021 08:55:42 GMT
ETag: "f037eaba33b30e1703ae889b76eaf03d"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C3
X-Amz-Cf-Id: otzLy1Q4A_qWkwok8xQ5OMLOUaKJk9fNWCe4I4pWMosUJJSRX-IFVA==
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,500,600,700&display=swap
IP 142.250.74.10:0
Hash 243c57595be5eb55e54f6b8cf1847520
4947b9e28850f67e9c765019d06ead742d9a538e
7c45cf1aefe6a70c0a4980434c8eec96e7a53d97cc316d15e6866418166123be
GET /css?family=Montserrat:400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.smrt-assets.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 26 Nov 2022 22:13:52 GMT
date: Sat, 26 Nov 2022 22:13:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 192814
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
142.250.74.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TR8VQRX
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 94bca1e44b9cbbc620ae133c94523bf1
1d10f01e2d8c87d0b58c1bd09b4748c4d623dbec
09f65bb860517dda14739718234f664100cea4b11e4f0bec7456c13a4cfed066
GET /gtm.js?id=GTM-TR8VQRX HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 26 Nov 2022 22:13:52 GMT
expires: Sat, 26 Nov 2022 22:13:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 26 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e388353a642bc503beff27c23339e2b5
7849301df8cbfa3f9c019b1d4033b66e0f44c4bd
5e595e9ce96c6147c3ff79ebba0068ddb0d997237a671936cb05d9575c59a424
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
148.251.120.78200 OK 35 B URL HTTP/1.1 tsyndicate.com/api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead}
IP 148.251.120.78:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/retargeting/set/3f949dfe-3372-4caa-baf0-047f88323cfa?pageviewe={pageviewe}&lead={lead} HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 22:13:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 35
Connection: keep-alive
Pragma: no-cache
Expires: 0
Vary: *
X-Api-Version: 1
X-Request-Id: b911583c079b4fa4
Set-Cookie: ts_rt_3f949dfe-3372-4caa-baf0-047f88323cfa=ANmUCUOmR4kbQgQSPEjEBJwwZ8rYSVPmThmDCB9GnFixDMOA; expires=Sun, 26 Nov 2023 22:13:52 GMT; path=/; HttpOnly; secure; SameSite=None
Cache-Control: no-cache, no-store, no-transform, must-revalidate, no-transform
X-Robots-Tag: none, noindex, nofollow
Report-To: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
cdn.smrt-assets.com/assets/1373/other/favicon.ico
23.36.76.163200 OK 1.2 kB URL HTTP/1.1 cdn.smrt-assets.com/assets/1373/other/favicon.ico
IP 23.36.76.163:0
ASN #20940 Akamai International B.V.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
GET /assets/1373/other/favicon.ico HTTP/1.1
Host: cdn.smrt-assets.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Wed, 28 Apr 2021 11:28:55 GMT
ETag: "38722a803b73dd1871a3d8a19db44d2f"
Accept-Ranges: bytes
Server: AmazonS3
X-Amz-Cf-Pop: IAD66-C1
X-Amz-Cf-Id: JbGE-qPp-rz1sjNie-YOUT5WYN1nceHRFWqeEDCyU1T8VI4fT_WTxA==
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: keep-alive
static.trafficjunky.com/js/mp.min.js
205.185.208.79200 OK 3.6 kB URL HTTP/1.1 static.trafficjunky.com/js/mp.min.js
IP 205.185.208.79:0
File type ASCII text, with very long lines (10690), with no line terminators
Hash 044c370813dc1ea880f32a5be81384e7
53b0733cfc26f2bc7e83d1da0c087d5513fcf548
2acb7fa7d04e9c94971b02b9f67140f2bcc9fb51ee361096c735e7f81518c94c
GET /js/mp.min.js HTTP/1.1
Host: static.trafficjunky.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://smartsecuredt.com/
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 22:13:52 GMT
Connection: Keep-Alive
ETag: "1652721327"
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 3628
Content-Type: application/javascript
Last-Modified: Mon, 16 May 2022 17:15:27 GMT
Accept-Ranges: bytes
X-HW: 1669500832.dop024.sk1.t,1669500832.cds003.sk1.c
Access-Control-Allow-Origin: *
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 26 Nov 2022 20:41:08 GMT
expires: Sat, 26 Nov 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 5564
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 73a6cd23f719a61a6cf4587442f49d87
a84a6d83807dc8c6268e70066a23b14b1047b324
aba2c0a591146403b23ea54cc56bf4c74a29a331df2dbc4032ce9faa5832d98d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103029
Date: Sat, 26 Nov 2022 22:13:52 GMT
Etag: "63816ad3-1d7"
Expires: Mon, 28 Nov 2022 02:51:01 GMT
Last-Modified: Sat, 26 Nov 2022 01:24:35 GMT
Server: ECS (dcb/7EEB)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SqhJaKvdRzK8GJRUT79KlxXPlh6ItKqJzSGf-iOri-3hWd6blShdbg==
Age: 5186
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9MzgxZjFiMWItN2NlZC00ZWVmLTg1N2ItNDE4YjRjMTc2MDk0Xzc4MSZzMj01ZDViMTA0ZjQzOTE3MjFmYzg3NWFiMzk0ZTg2MjkxNiZzMz01NTg=
3.211.105.4200 OK 2 B URL HTTP/2 guard.cdtbox.rocks/color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9MzgxZjFiMWItN2NlZC00ZWVmLTg1N2ItNDE4YjRjMTc2MDk0Xzc4MSZzMj01ZDViMTA0ZjQzOTE3MjFmYzg3NWFiMzk0ZTg2MjkxNiZzMz01NTg=
IP 3.211.105.4:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
GET /color?x=1&forScheme=aHR0cDovL3NtYXJ0c2VjdXJlZHQuY29tL3NtYXJ0bGluay8/YT04OTA3MiZzbT05NDc0Jm10PTImczE9MzgxZjFiMWItN2NlZC00ZWVmLTg1N2ItNDE4YjRjMTc2MDk0Xzc4MSZzMj01ZDViMTA0ZjQzOTE3MjFmYzg3NWFiMzk0ZTg2MjkxNiZzMz01NTg= HTTP/1.1
Host: guard.cdtbox.rocks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:13:53 GMT
content-type: application/json
content-length: 2
server: nginx
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=449181442.1669500833&jid=1468447757&gjid=1869860205&_gid=2051384845.1669500833&_u=YADAAEAAAAAAACAAI~&z=1918339752
142.250.150.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=449181442.1669500833&jid=1468447757&gjid=1869860205&_gid=2051384845.1669500833&_u=YADAAEAAAAAAACAAI~&z=1918339752
IP 142.250.150.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179148962-2&cid=449181442.1669500833&jid=1468447757&gjid=1869860205&_gid=2051384845.1669500833&_u=YADAAEAAAAAAACAAI~&z=1918339752 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://smartsecuredt.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 26 Nov 2022 22:13:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a22bc94a1116f343d9c3377cfd4fc5b2
b0bad6a620abd0c33a96c32721ad87849da9f9e6
294cd4b44650b17a93cbe9a4de887ad1da8ab8c11105707cccff17812a8d5890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 22:13:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb90&_p=299833591&cid=449181442.1669500833&ul=en-us&sr=1280x1024&_s=1&sid=1669500832&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D381f1b1b-7ced-4eef-857b-418b4c176094_781%26s2%3D5d5b104f4391721fc875ab394e862916%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb90&_p=299833591&cid=449181442.1669500833&ul=en-us&sr=1280x1024&_s=1&sid=1669500832&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D381f1b1b-7ced-4eef-857b-418b4c176094_781%26s2%3D5d5b104f4391721fc875ab394e862916%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-C3EPRPS8FB>m=2oeb90&_p=299833591&cid=449181442.1669500833&ul=en-us&sr=1280x1024&_s=1&sid=1669500832&sct=1&seg=0&dl=http%3A%2F%2Fsmartsecuredt.com%2Fsmartlink%2F%3Fa%3D89072%26sm%3D9474%26mt%3D2%26s1%3D381f1b1b-7ced-4eef-857b-418b4c176094_781%26s2%3D5d5b104f4391721fc875ab394e862916%26s3%3D558&dt=Best%20dating%20worldwide%20%3C3&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://smartsecuredt.com
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://smartsecuredt.com
date: Sat, 26 Nov 2022 22:13:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781
18.194.62.185302 Found 0 B URL HTTP/2 v2.trckguardlnk.com/click?a=558&o=2892&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781
IP 18.194.62.185:0
Analyzer Verdict Alert quad9 Sinkholed
GET /click?a=558&o=2892&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sat, 26 Nov 2022 22:13:51 GMT
content-type: text/html; charset=UTF-8
location: https://v2.trckguardlnk.com/click?a=558&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique; expires=Mon, 26-Dec-2022 22:13:51 GMT; Max-Age=2592000; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
v2.trckguardlnk.com/click?a=558&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219
18.194.62.185200 OK 0 B URL HTTP/2 v2.trckguardlnk.com/click?a=558&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219
IP 18.194.62.185:0
Analyzer Verdict Alert quad9 Sinkholed
GET /click?a=558&sub_id1=wn2he1e145sgemok2g4tauhu&sub_id3=381f1b1b-7ced-4eef-857b-418b4c176094_781&o=2219 HTTP/1.1
Host: v2.trckguardlnk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: U-6fe131632103526e3a6e8114c78eb1e1=unique
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:13:51 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.20.0
x-powered-by: PHP/7.4.21
set-cookie: U-13111c20aee51aeb480ecbd988cd8cc9=unique; expires=Mon, 26-Dec-2022 22:13:51 GMT; Max-Age=2592000; path=/; secure; SameSite=None
o_13111c20aee51aeb480ecbd988cd8cc9=e17ff51f-5325-42d1-a6b6-76984e535449; expires=Sat, 03-Dec-2022 22:13:51 GMT; Max-Age=604800; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
statisticresearch.com/user-segments/?pid=TH
52.1.249.203200 OK 0 B URL HTTP/2 statisticresearch.com/user-segments/?pid=TH
IP 52.1.249.203:0
GET /user-segments/?pid=TH HTTP/1.1
Host: statisticresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://smartsecuredt.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 26 Nov 2022 22:13:52 GMT
server: nginx
X-Firefox-Spdy: h2